From: Jukka Rissanen Date: Wed, 8 Jul 2009 08:50:52 +0000 (+0300) Subject: Maemo debianization. X-Git-Url: http://git.maemo.org/git/?p=wpasupplicant;a=commitdiff_plain;h=578a3b75b2f26503cbda8eb229e56e922bab441d Maemo debianization. --- diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 0000000..d9fe476 --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,19 @@ +wpasupplicant (0.6.2-2) unstable; urgency=low + + The -w (wait for network interface to exist) command line option no longer + exists. If you have scripts that require this option, it is time to change + them, or use one of the two supported modes of operation explained at + /usr/share/doc/wpasupplicant/README.modes.gz. + + ifupdown supports hot-plugged network devices via the "allow-hotplug" class + of operation. An example /etc/network/interfaces configuration stanza would + look like: + + allow-hotplug ath0 + iface ath0 inet dhcp + wpa-ssid myssid + wpa-psk mysecretpassphrase + + network-manager is also able to handle hot-plugged network devices. + + -- Kel Modderman Mon, 14 Jan 2008 18:02:17 +1000 diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..cb40490 --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,563 @@ +Modes of Operation in wpasupplicant for Debian +============================================== + +The Debian wpasupplicant package provides two (2) convenient modes of operation +that are closely integrated to the core networking infrastructure; ifupdown. + +Table of Contents +================= + +1. Specifying the wpa_supplicant driver backend + - Table of supported drivers + - Choosing driver backend + +2. Mode #1: Managed Mode + - Examples + - Table of Common Options + - Important Notes About Managed Mode + - How It Works + +3. Mode #2: Roaming Mode + - wpa_supplicant.conf + - /etc/network/interfaces + - Interacting with wpa_supplicant with wpa_cli and wpa_gui + - Controlling the Roaming Daemon with wpa_action + - Fine Tuning the Roaming Setup + - The Logfile + - Using External Mapping Scripts (e.g. guessnet) + - /etc/network/interfaces with external mapping + +4. Troubleshooting + - Hidden ssids + +5. Security Considerations + - Configuration File Permissions + + +1. Specifying the wpa_supplicant driver backend +=============================================== + +The wext driver backend will be used for all interfaces that do not explicitly +set 'wpa-driver' to the driver type required for that device. Users of linux +2.4 kernels, or 2.6 kernels less than 2.6.14 will be required to specify a +wpa-driver type. + +Table of supported drivers +========================== + +A summary of supported drivers follows: + +Driver Description +====== =========== +atmel ATMEL AT76C5XXx (USB, PCMCIA) +wext Linux wireless extensions (generic) +wired wired Ethernet driver + +Choosing driver backend +======================= + +Set the driver type in the interfaces(5) stanza for your device with the +'wpa-driver' option. For example: + +iface eth0 inet dhcp + wpa-driver wext + . . . . . more options + +If no wpa-driver configuration is supplied, the wext backend is used. + +2. Mode #1: Managed Mode +======================== + +This mode provides the ability to establish a connection via wpa_supplicant to +one known network. It is similar to how the wireless-tools package works. Each +element required to establish the connection via wpa_supplicant is prefixed +with 'wpa-' and followed by the value that will be used for that element. + +Examples +======== + +NOTE: the 'wpa-psk' value is only valid if: + 1) It is a plaintext (ascii) string between 8 and 63 characters in + length + 2) It is a hexadecimal string of 64 characters + +# Connect to access point of ssid 'NETBEER' with an encryption type of +# WPA-PSK/WPA2-PSK. It assumes the driver will use the 'wext' driver backend +# of wpa_supplicant because no wpa-driver option has been specified. +# The passphrase is given as a ASCII (plaintext) string. DHCP is used to +# obtain a network address. +# +iface wlan0 inet dhcp + wpa-ssid MyNetWork + # plaintext passphrase + wpa-psk plaintextsecret + +# Connect to access point of ssid 'homezone' with an encryption type of +# WPA-PSK/WPA2-PSK, using the 'wext' driver backend of wpa_supplicant. +# The psk is given as an encoded hexadecimal string. DHCP is used to obtain +# a network address. +# +iface wlan0 inet dhcp + wpa-driver wext + wpa-ssid homezone + # hexadecimal psk is encoded from a plaintext passphrase + wpa-psk 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f + +# Connect to access point of ssid 'HotSpot1' and bssid of '00:1a:2b:3c:4d:5e' +# with an encryption type of WPA-PSK/WPA2-PSK, using the the 'madwifi' driver +# backend of wpa_supplicant. The passphrase is given as a plaintext string. +# A static network address assignment is used. +# +iface ath0 inet static + wpa-driver wext + wpa-ssid HotSpot1 + wpa-bssid 00:1a:2b:3c:4d:5e + # plaintext passphrase + wpa-psk madhotspot + wpa-key-mgmt WPA-PSK + wpa-pairwise TKIP CCMP + wpa-group TKIP CCMP + wpa-proto WPA RSN + # static ip settings + address 192.168.0.100 + netmask 255.255.255.0 + network 192.168.0.0 + broadcast 192.168.0.255 + gateway 192.168.0.1 + +# User supplied wpa_supplicant.conf is used for eth1. All network information +# is contained within the user supplied wpa_supplicant.conf. No wpa-driver type +# is specified, so wext is used. DHCP is used to obtain a network address. +# +iface eth1 inet dhcp + wpa-conf /path/to/wpa_supplicant.conf + +Table of Common Options +======================= + +A brief summary of common 'wpa-' options that may be used in the +/etc/network/interfaces stanza for a wireless device. See the +'Important Notes About Managed Mode' section for information about +valid and invalid 'wpa-' values. + +NOTE: ALL values are CASE SeNsItVe + +Element Example Value Description +======= ============= =========== +wpa-ssid plaintextstring sets the ssid of your network + +wpa-bssid 00:1a:2b:3c:4d:5e the bssid of your AP + +wpa-psk 0123456789...... your preshared wpa key. Use + wpa_passphrase(8) to generate your psk + from a passphrase and ssid pair + +wpa-key-mgmt NONE, WPA-PSK, WPA-EAP, list of accepted authenticated key + IEEE8021X management protocols + +wpa-group CCMP, TKIP, WEP104, list of accepted group ciphers for WPA + WEP40 + +wpa-pairwise CCMP, TKIP, NONE list of accepted pairwise ciphers for + WPA + +wpa-auth-alg OPEN, SHARED, LEAP list of allowed IEEE 802.11 + authentication algorithms + +wpa-proto WPA, RSN list of accepted protocols + +wpa-identity myplaintextname administrator provided username + (EAP authentication) + +wpa-password myplaintextpassword your password (EAP authentication) + +wpa-scan-ssid 0 or 1 toggles scanning of ssid with specific + Probe Request frames + +wpa-ap-scan 0 or 1 or 2 adjusts the scanning logic of + wpa_supplicant + +The complete functionality of wpa_cli(8) should be implemented. Anything +missing is considered a bug and should be reported as such. Patches are always +welcome. + +Important Notes About Managed Mode +================================== + +Almost all 'wpa-' options require there is at least a ssid specified. Only a +handful of options have a global effect. These are: 'wpa-ap-scan' and +'wpa-preauthenticate'. + +Any 'wpa-' option given for a device in the interfaces(5) file is sufficient to +trigger the wpa_supplicant daemon into action. + +The wpasupplicant ifupdown script makes assumptions about the 'type' of input +that is valid for each option. For example, it assumes that some input is +plaintext and wraps quotation marks around the input before passing it on +to wpa_cli, which then adds the input to the network block being formed via +the wpa_supplicant ctrl_interface socket. Running ifup manually with the +'--verbose' option will reveal all of the commands used to form the network +block via wpa_cli. If the value you used for any wpa-* option in +/etc/network/interfaces is surrounded by double quotes, than it has been +assumed to be of "plaintext" or "ascii" type input. + +Some input is assumed to be a hexadecimal string (eg. wpa-wep-key*). The value +'type' of the wpa-psk option however, is determined via a simple check for more +than one non hexadecimal character. + + +How It Works +============ + +As mentioned earlier, each wpa_supplicant specific element is prefixed with +'wpa-'. Each element correlates to a property of wpa_supplicant described in +the wpa_supplicant.conf(5), wpa_supplicant(8) and wpa_cli(8) manpages. The +supplicant is launched without any pre-configuration whatsoever, and wpa_cli +forms a network configuration from the input provided by the 'wpa-*' lines. +Initially, wpa_supplicant/wpa_cli does not directly set the properties of the +device (like setting an essid with iwconfig, for example), rather it informs +the device of what access point is suitable to associate with. Once the device +has scanned the area, and found that the suitable access point is available for +use, these properties are set. + +The scripts that do all the work are located at: + + /etc/wpa_supplicant/ifupdown.sh + /etc/wpa_supplicant/functions.sh + +ifupdown.sh is executed by run-parts, which in turn is invoked by ifupdown +during the 'pre-up', 'pre-down' and 'post-down' phases. + +In the 'pre-up' phase, a wpa_supplicant daemon is launched followed by a series +of wpa_cli commands that set up a network configuration according to what +'wpa-' options were used in /etc/network/interfaces for the physical device. + +If wpa-roam is used, a wpa_cli daemon is launched in the 'post-up' phase. + +In the 'pre-down' phase, the wpa_cli daemon is terminated. + +In the 'post-down' phase, the wpa_supplicant daemon is terminated. + + +3. Mode #2: Roaming Mode +======================== + +A self contained, simplistic roaming mechanism is provided by this package. It +is in the form of a wpa_cli action script, /sbin/wpa_action, and it assumes +control of ifupdown once activated. The wpa_action(8) manpage describes its +technical details in great depth. + +To activate a roaming interface, adapt the following example interfaces(5) +stanza: + +iface eth1 inet manual + wpa-driver wext + wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf + +Two daemons are spawned from the above example; wpa_supplicant and wpa_cli. It +is required to provide a wpa_supplicant.conf containing a minimal amount of +global options, and any known network blocks that should be connected to +without interaction. A good starting point is provided by an example +configuration file: + + # copy the template to /etc/wpa_supplicant/ + cp /usr/share/doc/wpasupplicant/examples/wpa-roam.conf \ + /etc/wpa_supplicant/wpa_supplicant.conf + # allow only root to read and write to file + chmod 0600 /etc/wpa_supplicant/wpa_supplicant.conf + +NOTE: it is critical that the used wpa_supplicant.conf defines the location of + the 'ctrl_interface' so that a communication socket is created for the + wpa_cli (wpa-roam daemon) to attach. The mentioned example configuration, + /usr/share/doc/wpasupplicant/examples/wpa-roam.conf, has been set to a + sane default. + +It is required to edit this configuration file, and add the network blocks for +all known networks. If you do not understand what this means, start reading the +wpa_supplicant.conf(5) manpage now. + +For each network, you may specify a special option 'id_str'. It should be set to +a simple text string. This text string forms the basis for network profiling; it +correlates to a logical interface defined in the interfaces(5) file. When no +'id_str' is given for a network, wpa_action assumes it will use the 'default' +logical interface as fallback. The fallback interface can be chosen via the +'wpa-roam-default-iface' option. + +So what does all this mean? Lets illustrate it with a small example taken from +the wpa_action(8) manpage. + +wpa_supplicant.conf +=================== +network={ + ssid="foo" + key_mgmt=NONE + # this id_str will notify /sbin/wpa_action to 'ifup uni' + id_str="uni" +} + +network={ + ssid="bar" + psk=123456789... + # this id_str will notify /sbin/wpa_action to 'ifup home_static' + id_str="home_static" +} + +network={ + ssid="" + key_mgmt=NONE + # no 'id_str' parameter is given, /sbin/wpa_action will 'ifup default' +} + +/etc/network/interfaces +======================= +# the roaming interface MUST use the manual inet method +# 'allow-hotplug' or 'auto' ensures the daemon starts automatically +allow-hotplug eth1 +iface eth1 inet manual + wpa-driver wext + wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf + +# no id_str, 'default' is used as the fallback mapping target +iface default inet dhcp + +# id_str="uni" +iface uni inet dhcp + +# id_str="home_static" +iface home_static inet static + address 192.168.0.20 + netmask 255.255.255.0 + network 192.168.0.0 + broadcast 192.168.0.255 + gateway 192.168.0.1 + +A logical interface is brought up via ifup, and taken down via ifdown, as +wpa_supplicant associates and de-associates with the network associated +to it by the 'id_str' option used in the wpa_supplicant.conf configuration file. + +A log of /sbin/wpa_action's actions is created at +/var/log/wpa_action.$IFACE.log, please attach the log when reporting problems. + +Interacting with wpa_supplicant with wpa_cli and wpa_gui +======================================================== + +The wpa_supplicant process can be interacted with by members of the "netdev" +group if the example roaming configuration was used as is (or by whatever +group or gid specified by the GROUP= crtl_interface parameter). + + # the default ctrl_interface option used in the example file + # /usr/share/doc/wpasupplicant/examples/wpa-roam.conf + ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev + +To interact with the supplicant, the wpa_cli (command line) and wpa_gui (QT) +have been provided. With these you may connect, disconnect, add/delete new +network blocks, provide required interactive security information and so on. + +Controlling the Roaming Daemon with wpa_action +============================================== + +Once the roaming daemon is started, it assumes control of ifupdown. That is; +wpa_cli calls ifup when wpa_supplicant has successfully associated with an +access point, and calls ifdown when the connection is lost or terminated. +While the roaming daemon is active, ifupdown should not be controlled directly +by manually issued commands, rather /sbin/wpa_action is supplied to stop and +reload the roaming daemon. For example, to stop the +romaing daemon on the device 'eth1': + + wpa_action eth1 stop + +When it is required to update the roaming daemon with a new networks details, +it can be done without stopping it. Edit the wpa_supplicant.conf file that is +being used by the daemon with the new networks details, add optional network +settings to /etc/network/interfaces that are specific to the new network +(linked by the 'id_str') and then 'reload' the daemon like so: + + wpa_action eth1 reload + +For the complete technical details of what wpa_action can do, read the +wpa_action(8) manpage. + +Fine Tuning the Roaming Setup +============================= + +You may face situations where multiple known access points are in close +proximity. You can choose which one is preferred manually, with wpa_cli or +wpa_gui, or you can give each network its own priority. This is provided by the +'priority' option of wpa_supplicant.conf. + +The Logfile +=========== + +All activity of the roaming dameon is logged to /var/log/wpa_action.log. The +following information is logged: + + * time and date + * interface name and action event + * values of enviromental variables (WPA_ID, WPA_ID_STR, WPA_CTRL_DIR) + * ifupdown command executed + * wpa_cli status (based on WPA-PSK network, may display different info) + - bssid + - ssid + - id + - id_str + - pairwise_cipher + - group_cipher + - key_mgmt + - wpa_state + - ip_address + +Using External Mapping Scripts (e.g. guessnet) +============================================== + +In addition to the internal mapping of logical interfaces via 'id_str', +wpa_action can call external mapping scripts. A mapping script should return +the name of the logical interface which should be brought up. Any mapping +script that works from ifupdowns mapping mechanism (see man interfaces) should +also work when called from wpa_action. + +To call a mapping script add a line 'wpa-mapping-script name-of-the-script' to +the interfaces stanza of the physical roaming device. (You may have to specify +the absolute path to the mapping script.) + +The contents of lines starting with wpa-map are passed to stdin of the mapping +script. Since ifupdown allows only one wpa-map line you can append any number +to wpa-map for additional lines. For example: + +iface wlan0 inet manual + wpa-driver wext + wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf + wpa-mapping-script guessnet-ifupdown + wpa-map0 home + wpa-map1 work + wpa-map2 school + # ... additional wpa-mapX lines as required + + +By default the mapping script will only be used when no 'id_str' is available +for the current network. If you want to completely disable 'id_str' matching +and use only an external mapping script, use the +'wpa-mapping-script-priority 1' option to override default behaviour. + +If the mapping script returns an empty string wpa_action will fallback to using +the 'default' interface, unless an alternative is defined by the +'wpa-roam-default-iface' option. + +Below is an advanced example, using guessnet-ifupdown as the external mapping +script. + +/etc/network/interfaces with external mapping +============================================= + +allow-hotplug wlan0 +iface wlan0 inet manual + wpa-driver wext + wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf + wpa-roam-default-iface default-wparoam + wpa-mapping-script guessnet-ifupdown + wpa-map default: default-guessnet + wpa-map0 home_static + wpa-map1 work_static + +# school can only be chosen via 'id_str' matching +iface school inet dhcp + # resolvconf + dns-nameservers 11.22.33.44 55.66.77.88 + +iface home_static inet static + address 192.168.0.20 + netmask 255.255.255.0 + network 192.168.0.0 + broadcast 192.168.0.255 + gateway 192.168.0.1 + test peer address 192.168.0.1 mac 00:01:02:03:04:05 + +iface work_static inet static + address 192.168.3.200 + netmask 255.255.255.0 + network 192.168.3.0 + broadcast 192.168.3.255 + gateway 192.168.3.1 + test peer address 192.168.3.1 mac 00:01:02:03:04:05 + +iface default-guessnet inet dhcp + +iface default-wparoam inet dhcp + +In this example wpa_action will use guessnet for the selection of a suitable +logical interface only when no 'id_str' option has been provided for the +current network in the provided wpa_supplicant.conf. + +The 'wpa-map' lines provide guessnet with the logical interfaces that are to be +tested as well as the default interface to be used when all tests fail. The +'test' lines of each logical interface are used by guessnet to determine if +we are actually connected to that network. For instance, guessnet will choose +the logical interface 'home_static' if there's a device with an IP address of +192.168.0.1 and MAC of 00:01:02:03:04:05 on the current network. If all tests +fail, the 'default-guessnet' interface will be configured. + +Please, read the guessnet(8) manpage for more information. + + +4. Troubleshooting +================== + +In order to debug connection, association and authentication problems, +increase the verbosity level of wpa_supplicant to log debug output to +/var/log/wpa_supplicant.$iface.log. + +iface eth1 inet dhcp + wpa-debug-level 3 + ... + +Debug level number 3 starts the supplicant with the -ddd command line option, +level 2 with -dd an level 1 with -d. Values of -1 and -2 will cause +wpa_supplicant to be started with -q and -qq options respectively (quiet mode). +Any other wpa-debug-level value will cause the supplicant to be started +with default debug level. + +Another method is to start `wpa_cli -i ` in another shell before +starting the interface. Use the command 'level 0' first, to get all debug +messages sent to the control socket by wpa_supplicant. + +To debug the ifupdown scripts that start wpa_supplicant and friends, use +`ifup --verbose ` to get verbose messages, or set +wpa-maint-debug to any value to see shell code execution (set -x). + +Hidden ssids +============ + +For reference, see #358137 [1]. In order to be able to associate to hidden +ssids, please try to set the option 'ap_scan=1' in the global section, and +'scan_ssid=1' in your network block section of your wpa_supplicant.conf file. +If you are using the managed mode, you can do so by these stanzas: + +iface eth1 inet dhcp + wpa-ap-scan 1 + wpa-scan-ssid 1 + # ... additional options for your setup + +According to #368770 [2], association can take a very long time under certain +circumstances. In some cases, setting the parameter 'ap_scan=2' in the +config file, (or using a 'wpa-ap-scan 2' stanza, which is equivalent) can +greatly help to speed up association. Please note that setting ap_scan to the +value of 2 also requires that all networks have a precisely defined security +policy for for key_mgmt, pairwise, group and proto network policy variables. + +[1] http://bugs.debian.org/358137 +[2] http://bugs.debian.org/368770 + + +5. Security Considerations +========================== + +Configuration File Permissions +============================== +It is important to keep PSK's and other sensitive information concerning your +network settings private, therefore ensure that important configuration files +containing such data are only readable by their owner. For example: + + chmod 0600 /etc/network/interfaces + chmod 0600 /etc/wpa_supplicant/wpa_supplicant.conf + +By default, /etc/network/interfaces is world readable, and thus unsuitable for +containing secret keys and passwords. diff --git a/debian/README.source b/debian/README.source new file mode 100644 index 0000000..4a09838 --- /dev/null +++ b/debian/README.source @@ -0,0 +1,39 @@ +Patch System +============ +The quilt patch system is used. `debian/rules patch` is necessary to replicate +the source tree that is used to produce resulting binary packages. + +Manual Page Handling +==================== +In order to have the manual pages recreated at build time, they must be removed +from our package tree. We do this simply by omitting the prebuilt manual pages +from our SVN. When using svn-upgrade, this must be done manually post-upgrade +to avoid confusing subversion, or else if the debian/rules clean target is used +in the package svn working copy (default svn-buildpackage behaviour) the +prebuilt manual pages would be removed without subversion knowing about it. + +svn revert wpa_supplicant/doc/docbook/*.5 wpa_supplicant/doc/docbook/*.8 +svn delete wpa_supplicant/doc/docbook/*.5 wpa_supplicant/doc/docbook/*.8 + + +Prebuilt manual pages are supplied upstream releases, but are not present in +git snapshots. Rebuilding the manual pages at build time yields two advantages: + +1. No need to modify build rules when packaging git snapshots + +2. Allows opportunity to patch in debian specific documentation to enhance user + experience + + +It is expected that dpkg-source will warn about their removal: + +dpkg-source: building wpasupplicant using existing wpasupplicant_0.6.2.orig.tar.gz +dpkg-source: building wpasupplicant in wpasupplicant_0.6.2-1.diff.gz +dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_supplicant.8 +dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_supplicant.conf.5 +dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_priv.8 +dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_passphrase.8 +dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_gui.8 +dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_cli.8 +dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_background.8 +dpkg-source: building wpasupplicant in wpasupplicant_0.6.2-1.dsc diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..2d42dda --- /dev/null +++ b/debian/changelog @@ -0,0 +1,1520 @@ +wpasupplicant (0.6.7-maemo1) experimental; urgency=low + + * maemo build + + -- Jukka Rissanen Wed, 8 Jul 2009 10:29:00 +0300 + +wpasupplicant (0.6.6-2) experimental; urgency=low + + [ Martin Pitt ] + * debian/ifupdown/action_wpa.sh: pm-utils now supplies a second + argument to the hooks, thus telling ifplugd and pm-utils apart by + the number of arguments does not work any more. Fix up the script + to just evaluate the arguments themselves, to work with current + and older pm-utils. This unbreaks suspend. (LP: #307312) + (Closes: #508526, #509484) + + [ Kel Modderman ] + * It has been reported by Alexander E. Patrakov that + WEP keys are set in quick time in newer wpa_supplicant releases and no + longer cause problems attempting to connect to specific access point + during boot sequence. (Closes: #489948) + * Do not start wpa_gui in system tray per default when executed from menu + system (discussion with upstream resulted in desire to have app opened in + foreground, no need to diverge from that). + + -- Kel Modderman Sun, 28 Dec 2008 23:53:53 +1000 + +wpasupplicant (0.6.6-1) experimental; urgency=low + + * New upstream release. + * Update debian/copyright to include copyright holders of new source files + (src/drivers/driver_roboswitch.*). + * Drop patches applied upstream: + - debian/patches/10_ftbfs_gcc_4.4.patch + - debian/patches/20_delay_mic_error_report.patch + * Add libqt4-svg to Dependencies of wpagui for tray icon support. + (Closes: #505492) + + -- Kel Modderman Mon, 08 Dec 2008 00:47:32 +1000 + +wpasupplicant (0.6.5-2) experimental; urgency=low + + * Bugfix: "Missing -d in testing for a directory in init script". + Thanks to Braun Gábor for reporting and the patch. + (Closes: #506328) + + -- Reinhard Tartler Tue, 02 Dec 2008 20:52:16 +0100 + +wpasupplicant (0.6.5-1) experimental; urgency=low + + * New upstream release. + * Purge patches applied upstream. + * Modify 20_wpa_gui_menu_exec_path.patch to use the new -t command line + option and start wpa_gui in the system tray and avoid desktop startup + notifications. + * When using wpa-roam and connecting to an interface for which an id_str + is defined but no matching /e/n/i logical interfaces has been configured, + try to configure the default logical interface. + * Adjust debian/ifupdown/functions.sh to use not depend on /sbin/ip to use + ip. + * Rename 20_wpa_gui_menu_exec_path.patch to + 06_wpa_gui_menu_exec_path.patch, it will possibly be a long term + patch. + * Update debian/copyright for new files, as well as better conformance with + proposed copyright format. + * Cleanup wording of README.Debian paragraph which explains how to debug + wpa_supplicant via logging. + * Reduce difference with wpa_supplicant/defconfig, adding sections for + new options, updating option description, and removal of + CONFIG_EAP_WSC which had previously been removed from + wpa_supplicant. + * Refresh debian/patches/01_use_pkg-config_for_pcsc-lite_module.patch and + debian/patches/05_qmake_version_makefile.patch to apply without offset. + * Add 10_ftbfs_gcc_4.4.patch to include header files required for + compilation with GCC 4.4, thanks to Martin Michlmayr. (Closes: #505041) + * Add 20_delay_mic_error_report.patch, an upstream commit which adds a + mitigation mechanism for certain attacks against TKIP by delaying Michael + MIC error reports by a random amount of time between 0 and 60 seconds. + * Enable CONFIG_DELAYED_MIC_ERROR_REPORT in debian/config/linux. + + -- Kel Modderman Sun, 09 Nov 2008 21:19:13 +1000 + +wpasupplicant (0.6.4-3) experimental; urgency=low + + * Target at experimental due to current archive conditions with respect to + stable release freeze. + * Install /etc/wpa_supplicant/action_wpa.sh to enhance wpa-roam integration + with pm-utils and ifplugd. (Closes: #488538) + * wpa_gui need not depend stricly upon the same binary version of + wpa_supplicant, it just requires a version of wpa_supplicant which support + the set of ctrl_interface commands that are used, which to the best of my + knowledge is (>= 0.6.2-1). [debian/control] + * Cleanup short description of wpasupplicant, and improve short description + of wpagui. [debian/control] + * Add a series of patches to enhance wpa_gui-qt4: + - 10_wpa_gui_icons.patch + - 11_desktop_entry.patch + - 12_wpa_gui_icons_resource.patch + - 13_remove_qPixmapFromMimeSource_ref.patch + - 14_qsystemtray_icon.patch + - 15_tray_status_state.patch + - 16_wpa_gui_icon_touchup.patch + * Install icon and menu entry for wpa_gui. [debian/rules] (Closes: #498923) + * Add a shell script wrapper, debian/wpa_gui/netdev_wrapper, which will be + used by the menu entry to try and exec /usr/sbin/wpa_gui with best + estimated privilege level. Install it to /usr/share/wpagui/netdev_wrapper. + [debian/rules] + * Add 20_wpa_gui_menu_exec_path.patch to modify exec path of wpa_gui.desktop + to point at our new wrapper, /usr/share/wpagui/netdev_wrapper. + * Add debian menu file for wpa_gui, it also uses the netdev_wrapper. + * Create xpm icons from new upstream icon build system, and store them in + debian/wpa_gui/*.xpm to avoid creating them during package build because + inkscape and imagemagick would be required which are quite large and + uneccessary build dependencies. Leave a note in debian/rules to remind + us about their origin and the reasoning behind this decision. + * wpagui package Recommends: menu, as menu provides su-to-root, which we + may need. [debian/control] + * Add two upstream patches to improve the retrieval of scan results from + userspace: + - 07_restore_scanreq_if_initassoc_failed.patch + - 08_only_use_cached_scan_results_if_nonempty.patch + * Refresh patch series to apply without offset. + + -- Kel Modderman Thu, 25 Sep 2008 07:52:06 +1000 + +wpasupplicant (0.6.4-2) unstable; urgency=low + + * Bugfix: wpasupplicant crashes (closes: #485769). Patch taken from + upstream git. + + -- Reinhard Tartler Wed, 27 Aug 2008 10:10:20 +0200 + +wpasupplicant (0.6.4-1) unstable; urgency=low + + [ Kel Modderman ] + * New upstream release + * Retroactively cleanse past changelog entries of information indicating + that they were not released, as they were. + * Use short option for grep (-q) and sed (-n) instead of the busybox + incompatible --quiet as per advice of Charles-Henri Gros. + * wpa_action: on connected action, call wpa_hysteresis_event before + ifup, so that a disconnected action may still be effective should + the ifup take a long time (eg. dhcp request takes a long time and + eventually fails). + + [ Alessio Treglia ] + * Added build-depends on libdbus-glib-1-dev, fixes FTBFS (LP: #256274). + + -- Reinhard Tartler Sat, 16 Aug 2008 10:09:01 +0200 + +wpasupplicant (0.6.4~git20080716.93ef879-1) unstable; urgency=low + + [ Kel Modderman ] + * New upstream git snapshot. + * Drop patches applied upstream: + - 10_silence_siocsiwauth_icotl_failure.patch + - 11_avoid_dbus_version_namespace.patch + - 12_fix_potential_use_after_free.patch + - 13_defined_IEEE8021X_EAPOL.patch + - 14_fix_compile_without_eap.patch + - 15_silence_out_of_bounds_warnings.patch + - 41_manpage_format_fixes.patch + - 42_manpage_explain_available_drivers.patch + - 43_remove_w_from_help.patch + - 50_wext_dont_overwrite_bss_freq.patch + - 51_dont_reschedule_specific_scans_for_hidden_ssids.patch + - 52_handle_mac80211_mode_switch.patch + - 53_give_adhoc_assoc_more_time.patch + * Drop -20_wpa_gui_qt4_disable_link_prl.patch, the qt4 linking problem has + been fixed by our qt4 maintainers. + * Refresh remaining patch series. + * Increase Standards_version to 3.8.0. Explain in debian/README.Debian-source + that the `debian/rules patch` command is required to prepare the source + tree for building. + * Cleanup debian/wpasupplicant.links, removing trailing whitespace and + leading / from target symlink pathname. + * Remove debian/README.Debian, the information therin was irrelevant for the + current release cycle, and is better explained by the README.modes + document. + * Move debian/README.modes to debian/README.Debian, and create a backwards + compat symlink (/usr/share/doc/wpasupplicant/README.modes.gz -> + README.Debian.gz) to avoid breaking current online documentation. + * Fix spelling error in new debian/README.Debian found by lintian. + * Don't install the wpa_supplicant/eap_testing.txt document, it contains + information about development features and testing that is not possible + with what is provided by the wpasupplicant package. + * Remove the QMAKE variable from debian/rules, it is no longer used with + upstream build system. + * Remove debian/wpagui.install and instead invoke dh_install explicitly in + debian/rules, making use of the WPAGUI variable, to have the correct + version of wpa_gui installed (assist in switch to-fro different QT ports). + * Remove possible bashisms (local(x, y)) from debian/ifupdown/functions.sh. + * Add rudimentary locking system when wpa_action(8) calls ifup/ifdown, so + that /etc/network/if-*.d/wpasupplicant can differentiate between admin + calling ifup/ifdown or wpa_action. (Closes: #488078, #373180) + * When wpa_action calls ifup/ifdown, use verbose command line option for + more detailed log of what hook scripts are executed. + * wpa-ifupdown.init should always stop wpa_action daemon, ifupdown is only + guaranteed to stop it if interface is currently configured. + * Move debian/README.Debian-source to debian/README.source, as policy seem + to prefer this filename now as of version 3.8.0. + + [ Reinhard Tartler ] + * lower debhelper compat level to 6 to ease backporting + + -- Kel Modderman Wed, 16 Jul 2008 22:59:25 +1000 + +wpasupplicant (0.6.3-2) unstable; urgency=low + + * Add patch to remove -w option from help output, it has been removed in + previous versions. (Closes: #472853) + * Correctly refer to wpa-debug-level (not wpa-verbosity-level) ifupdown + parameter to control logging output. (Closes: #474440) + * Apply patch to permit package build on GNU/kFreeBSD. + - add debian/config.kfreebsd build configuration file + - adapt debian/rules to use debian/config/kfreebsd when building for + kfreebsd DEB_HOST_ARCH_OS + * Fix arch specific build dependency declarations introduced by GNU/kFreeBSD + compat patch. + * Build depend on debhelper >= 7, adjust debian/compat to suit. + * Simplify debian/rules, cleaning up the sanitization of + README.wpa_supplicant.conf, clean , build and install targets. + * Span the Build-Depends field of debian/control over multiple lines. + * Add debian/patches/13_defined_IEEE8021X_EAPOL.patch to allow compilation + when CONFIG_IEEE8021X_EAPOL is not defined and allow people attempting to + progress on wpasuplicant udeb (and netcfg integration) to move on. + * Add 14_fix_compile_without_eap.patch to fix another FTBFS when + IEEE8021X_EAPOL is not defined. + * Rename debian/extra-examples/ to debian/examples/. + * Slightly modify the way get-git-snapshot is invoked by debian/rules. + * Create debian/config/ directory to contain various build configuration + files for different targets (eg. udeb, kfreebsd, linux). + * Disable building of test driver backend, no development can sanely be done + with this binary package. + * Disable building of hostap driver backend, the version of hostap driver in + existence since Linux 2.6.14 (or before) uses the wext driver backend. + * Provide code in ./debian/ifupdown/functions.sh that warns about invalid + wpa-driver choice, and falls back to the usage of a default backend. + * Modify debian/README.modes to not contain blurb about which driver_backend + to use, wext should almost _always_ be used. + * Refresh debian/patches/14_fix_compile_without_eap.patch with what was + applied upstream. + * Add 50_wext_dont_overwrite_bss_freq.patch to fix handling of channel and + frequency information returned by mac80211 using drivers in ad-hoc mode. + * 51_dont_reschedule_specific_scans_for_hidden_ssids.patch to optimize scan + rescheduling in order to better detect hidden SSIDs. + * Simplify debian/rules handling of wpa_supplicant/.config, just cp it in as + needed in build target. Move dh_install into install target. These will + make integration of possible future udeb cleaner. + * Add 52_handle_mac80211_mode_switch.patch to enhance handling of mode + switching for mac80211 using interfaces. + * Add 53_give_adhoc_assoc_more_time.patch to give adhoc associations a bit + more time. + * Add 15_silence_out_of_bounds_warnings.patch to silence gcc-4.3 warnings + about accessing out of bounds array index. + * Purge debian/madwifi-headers/* and no longer activate the driver_madwifi + backend of wpa_supplicant. Remove reference to it in support + documentation. If "wpa-driver madwifi" is used in an /e/n/i stanza print a + warning and use "wext" instead. + + -- Kel Modderman Mon, 09 Jun 2008 09:30:23 +1000 + +wpasupplicant (0.6.3-1) unstable; urgency=low + + * New upstream release. + * Drop patches applied upstream: + - debian/patches/30_wpa_gui_qt4_eventhistoryui_rework.patch + - debian/patches/31_wpa_gui_qt4_eventhistory_always_scrollbar.patch + - debian/patches/32_wpa_gui_qt4_eventhistory_scroll_with_events.patch + - debian/patches/40_dbus_ssid_data.patch + * Tidy up the clean target of debian/rules. Now that the madwifi headers are + handled differently we no longer need to do any cleanup. + * Fix formatting error in debian/ifupdown/wpa_action.8 to make lintian + quieter. + * Add patch to fix formatting errors in manpages build from sgml source. Use + tags to hightlight keywords instead of surrounding them in + strong quotes. + - debian/patches/41_manpage_format_fixes.patch + * wpasupplicant binary package no longer suggests pcscd, guessnet, iproute + or wireless-tools, nor does it recommend dhcp3-client. These are not + needed. + * Add debian/patches/10_silence_siocsiwauth_icotl_failure.patch to disable + ioctl failure messages that occur under normal conditions. + * Cherry pick two upstream git commits concerning the dbus interface: + - debian/patches/11_avoid_dbus_version_namespace.patch + - debian/patches/12_fix_potential_use_after_free.patch + * Add debian/patches/42_manpage_explain_available_drivers.patch to explain + that not all of the driver backends are available in the provided + wpa_supplicant binary, and that the canonical list of supported driver + backends can be retrieved from the wpa_supplicant -h (help) output. + (Closes: #466910) + * Add debian/patches/20_wpa_gui_qt4_disable_link_prl.patch to remove + link_prl CONFIG compile flag added by qmake-qt4 >= 4.3.4-2 to avoid excess + linking. + + -- Kel Modderman Wed, 12 Mar 2008 20:03:04 +1000 + +wpasupplicant (0.6.2+git20080206.g8c0dad4-1) unstable; urgency=low + + [ Kel Modderman ] + * New Upstream git snapshot. + - fixes infinite loop in EAPOL state machine when dynamic wep keys are + used (Closes: #464514) + * install-stamp was not properly implimented, fix it up. [debian/rules] + * Drop patches to ctrl interface bss scan results iterator that will not be + applied upstream. The iterator will be redesigned to not suffer from the + identified problem of one bssid being encountered in more than one cell + of the scan results. + - debian/patches/84_ctrl_iface_scan_bss_count.patch + - debian/patches/85_ctrl_iface_scan_bss_count_warning.patch + - debian/patches/94_wpa_gui_qt4_scanres_bss_count.patch + * Drop patches applied upstream. + - debian/patches/30_src_clean_existing_dirs.patch + - debian/patches/31_ctrl_iface_x86_64_compile_warning.patch + - debian/patches/93_wpa_gui_qt4_scanres_really_remove_qtimer.patch + * wpa_gui should depend on the wpa_supplicant binary from the same build, + therefore set versioned dependency of wpasupplicant (= ${binary:Version}) + for the wpagui package. [debian/control] + * Reimpliment 70_wpa_gui_qt4_wpagui_scroll_follow_eventhistory.patch in the + form of three patch series for resubmission to upstream. + - debian/patches/30_wpa_gui_qt4_eventhistoryui_rework.patch + - debian/patches/31_wpa_gui_qt4_eventhistory_always_scrollbar.patch + - debian/patches/32_wpa_gui_qt4_eventhistory_scroll_with_events.patch + + [ Reinhard Tartler ] + * move debian/patches/01_debian_wpa_roam_example.patch to + debian/extra-examples/wpa-roam.conf to have the example as proper file + instead of a diff. + * Add documentation headers to the files in debian/patches/* + * Don't manage wpasupplicant/.config as patch system, but have it as + debian/config instead. therefore remove 00_defconfig.patch and + 21_config_driver_madwifi.patch + * move madwifi headers from debian/patches/20_madwifi_headers to + debian/madwifi-headers. also update debian/copyright. + * remove ${misc:Depends}. Nothing does use it and generates an unnecessary + warning. + * use -Wl,--as-needed to avoid unnecessary linking to ncurses, + libpthread and libdl. + * use pkg-config for detecting how to link against pcsc-lite + - debian/patches/01_use_pkg-config_for_pcsc-lite_module + + -- Reinhard Tartler Sat, 09 Feb 2008 23:21:37 +0100 + +wpasupplicant (0.6.2+git20080202.gde6ccd7-1) unstable; urgency=low + + * New Upstream git snapshot. + - the -w (wait for interface) option has been removed (Closes: #350963) + - wpa_gui has been massively enhanced + * Drop all patches applied to upstream git. + * Add debian/patches/30_src_clean_existing_dirs.patch to adjust upstream + build system for removal of src/wps (as done in upstream build_release + script). + * Make sure wpa_supplicant process is checked for and killed by wpa_action + on stop or down actions. + * Update debian/NEWS to alert users about the removal of the -w command line + option. + * Truncate debian/NEWS, none of the items are relevant for current upgrade + paths, nor do they hold any historical relevance. + * Clarify the license of the debian packaging. No license was initially + given until now, so we could assume the original packager contributed the + packaging under the same terms as the upstream license (BSD | GPL-2). + * /etc/init.d/wpa-ifupdown must stop before sendsigs does when using + dependency based init system. Add $remote_fs to Required-Stop keyword of + LSB header in debian/wpasupplicant.wpa-ifupdown.init. + * Add debian/patches/38_dbus_blob_support.patch to allow support for loading + of blobs via the D-Bus interface. Patch cherry picked from upstream git. + * Move README.wpa_supplicant.conf from examples to docs. Generate the file + in the wpa_supplicant/ directory. + * Add ${misc:depends} to Depends field of our packages to ensure we do not + miss out on any substvars that debhelper may provide us with. + * Add debian/patches/39_wpa_gui_qt4_closeevent.patch to improve handling of + wpa_gui-qt4 exit, both from File->exit and the X button on the titlebar. + * Start daemon in quiet mode by default, the scan event is being written to + logfile far too often. [debian/ifupdown/functions.sh] + * When starting daemon with debug option, include timestamps in logfile. + [debian/ifupdown/functions.sh] + * Simplfy return check in init_wpa_supplicant(), init_wpa_cli() + kill_wpa_supplicant() and kill_wpa_cli() reduce one level of indentation + for each function. [debian/ifupdown/functions.sh] + * Add patch to invoke versioned qmake binary when preparing the Makefile for + wpa_gui/wpa_gui-qt4 or else a failure to build from source can be possible + when more than one QT version is installed. (Closes: #463547) + - debian/patches/05_qmake_version_makefile.patch + + -- Kel Modderman Mon, 04 Feb 2008 16:00:38 +1000 + +wpasupplicant (0.6.2-1) experimental; urgency=low + + * New upstream release. + * Allow "wpa-key-mgmt NONE" to form a network block via the wpa_cli calls in + wpa_conf() of functions.sh. + * Overhaul wpa_key_check_and_set() function of functions.sh to better handle + wep keys. Function now does similar checking of wep keys that it does for + wpa keys. Valid wep keys can be hex of length 10|26|32|58 or ascii with + length of at least 5. + * Check wpa_cli return value in wpa_cli() function of functions.sh. + * Adjust Standards-Version to 3.7.3, no extra changes required. + * Switch to quilt patch management from dpatch: + - build-depend on quilt, adjust debian/rules accordingly + - debian/madwifi/mk-madwifi-header-patch becomes obsolete, removed + * Remove debian/defconfig.sh, and re-impliment it in patch form again, but + this time with a patch management system that can be used more naturally. + This also allows an oppurtunity to go over our default build + configuration. + * Add svn:ignore property for .pc quilt by-product. + * Ensure src/drivers/driver_madwifi/ directory is purged from source tree in + clean target of debian/rules. + * /var/lock/wpa_action.*.lock was not used in a version of wpasupplicant + package in a stable release, no longer need to handle its removal in + postrm anymore. + * Activate support for PC/SC interface for smartcards along with SIM and AKA + EAP methods. Build-depend on libpcsclite-dev. Suggest pcscd. + * Update email address in debian/ifupdown/wpa_action.8 manpage. + * Sanitize whitepsace in debian/README.modes, swapping tabs for 8 spaces, + improving layout of basic tables. Fix a couple of typo's too. + * Clarify in debian/README.modes the URI to BTS discussions. Also add a note + that using ap_scan=2 requires explicit security policies to be set for + each network. + * dbus-wpa_supplicant.service now provided by upstream. + * Impliment debian/examples/wpa_supplicant.conf.template in patch form. It + is planned to expand this small template into a more usable and + documented beginning point for the wpa-roam schema. + * Add useful comments to the new wpa-roam.conf example configuration file. + * README.modes now gives sound advice to setup the roaming daemon to be used + with the netdev group, and offers advice on howto set various data + sensitive conffiles to be readable only by owner. (Closes: #428620) + * wpa_gui manpage exists in upstream, remove debian/wpa_gui.8. + * If the path to ctrl_interface directory can be determined from the + supplied configuration, do not append the -C option to wpa_supplicant + start-stop-daemon command in ifupdown.sh. This breaks the new DIR= GROUP= + ctrl_interface syntax. + * Add initial subsection to README.modes about "Interacting with + wpa_supplicant with wpa_cli and wpa_gui". + * Activate CONFIG_IEEE80211R, CONFIG_IEEE80211W and CONFIG_EAP_WSC in the + default build configuration. + * Log wpa_supplicant output to /var/log/wpa_supplicant.$IFACE.log per + default when using ifupdown to manage wpa_supplicant. wpa_supplicant + supports logging somewhere via -f cli option. (Closes: #317180) + * Add support for managing debug level of wpa_supplicant via the ifupdown + scripts. + * Enhance README.modes with new supplicant debugging methods. + * Build the wpa_gui-qt4 variant now that it doesn't require qt3 support + code. It also closes all child windows on File->Exit. (Closes: #426924) + * wpasupplicant now Suggests wpagui. + * wpa_action now logs to an interface specific logfile, and the logrotate + rule was updated to take care of both the old and new locations. + * Update copyright headers of ifupdown scripts, also add a few more code + comments, a statement of purpose and package ownership as well as some + other trivial cleanups. + * Remove upgrade removal of conffiles from wpasupplicant versions that exist + in oldstable and before. The preinst part of the upgrade handling was + removed in pkg-wpa commit r852. + * Create sendsigs omission pidfile in /lib/init/rw/sendsigs.omit.d/ for + wpa_supplicant and wpa_cli processes managed by ifupdown. Determine + runlevel when wpa_cli roaming daemon is active, and allow ot to be killed + in runlevels 0 and 6. This allows wpa_supplicant process to survive until + networking is stopped. (Closes: #401645) + * Add debian/patches/03_dbus_service_activation_customise.patch to start + wpa_supplicant with "-f /var/log/wpa_supplicant.log" per default. + * Add debian/patches/30_scan_even_when_disconnected.patch to allow scan + request to succeed even when interface is in disconnected state. + * Modify debian/copyright to be machine-interpretable. Annotate all + copyright holders in new format. + * State clearly in debian/copyright that the BSD license has been chosen by + us, the maintainers, as there is no exception to link against OpenSSL in + the text of the given GPL-2 license. + * No license had been chosen for the debian packaging information, so GPL-2+ + has been chosen and recorded in debian/copyright. + * Add debian/README.Debian-source to document handling of upstream manual + pages. + * Build upstream manual pages from sgml source. Build-Depend on docbook and + docbook-utils. + * Add debian/patches/31_wpa_gui_qt4_select_any.patch to allow selection of + any network already defined in network combobox when more than 1 network + is defined. + * Modify debian/wpasupplicant.wpa-ifupdown.init to be no-op when sendsigs + omission interface is supported. + * Add debian/patches/32_append_mmd_to_default_cflags.patch to assist in + allowing CFLAGS to be overriden without possible bad effects on upstream + build system. + + -- Kel Modderman Tue, 08 Jan 2008 22:51:36 +1000 + +wpasupplicant (0.6.1~git20071119-1) unstable; urgency=low + + * New upstream git snapshot. + - support for dbus >= 1.1.1 dbus_watch_get_unix_fd() api + * Convert to non-cdbs traditional debhelper-centric debian/rules and remove + build dependency on cdbs. This converges with style of hostapd package. + * Correct poorly formatted debian/NEWS entry that was causing lintian to + complain. + * Cleanup files in ./debian/* + - move debian/wpa_supplicant.conf.template to debian/examples/ + - move debian/mk-madwifi-header-patch to debian/madwifi/ + - move debian/dbus-wpa_supplicant.service to debian/dbus/ + - rename debian/dot.config.mk to debian/defconfig.mk + * Remove MADWIFI variable from debian/defconfig.mk. + * No longer build "ndiswrapper" or "ipw" backends. Etch shipped with a + kernel in which neither of these backends could work (> Linux 2.6.14) so + it is about time we no longer pretended to support for them. + * Activate D-Bus system activation support. Install the service file into + /usr/share/dbus-1/system-service/. The filename reflects the service bus + name of "fi.epitest.hostap.WPASupplicant". In addition, the service must + be started by root user. Thanks to Michael Biebl. (Closes: #412179) + * Build depend on docbook and docbook-utils to generate upstream manpages + from sgml source. + * Upstream wpa_cli(8) is no longer incorrect with regard to CONNECTED and + DISCONNECTED signal events. (Closes: #432904) + * Drop debian/patches/10_fix_non_wpa_zero_len_ssid.dpatch and + debian/patches/50_fix_wext_tsf_stack_overflow.dpatch, applied upstream. + * debian/patches/40_debian_doc_examples.dpatch does not apply to git + snapshot, remove it and rethink how we can best integrate our debian + specific bits. + * wpa_action: check status with respect to ifupdown after CONNECTED event + has ensued. If the interface is not recorded in ifupdown's state file + attempt reassociation. (Closes: #428304). + * Adjust logic when using sed to determine ctrl_interface socket directory + from the configfile to handle ctrl_interface=DIR= GROUP= syntax. + + -- Kel Modderman Thu, 22 Nov 2007 17:10:29 +1000 + +wpasupplicant (0.6.0-4) unstable; urgency=low + + * Fix stack overflow condition that could exist if driver reported bad tsf + data in iwevent and scan results. (Closes: #442387) + * Update Vcs fields of debian/control to format of current consensus. + * Add Homepage field to debian/control. + + -- Kel Modderman Tue, 16 Oct 2007 18:12:03 +1000 + +wpasupplicant (0.6.0-3) unstable; urgency=low + + * Add debian/mk-madwifi-header-patch, a quick and dirty bash script for + generating the madwifi header patch. + * Fix typo in README.modes, wpa-default-iface is really + wpa-roam-default-iface. (Closes: #435718) + * Simplify debian/dot.config.mk. + * Confirm that the ifupdown scripts do set ssid when wpa-ssid is used with a + value in /etc/network/interfaces. (Closes: #367655) + * Truncate default build .config. Make madwifi config option conditional on + MADWIFI variable. + * Add 10_fix_non_wpa_zero_len_ssid.dpatch to fix regression inhibiting + selection of non-WPA zero length ssid. (Closes: #431102) + * Fix debian-rules-ignores-make-clean-error lintian error. + + -- Kel Modderman Sat, 25 Aug 2007 00:23:50 +1000 + +wpasupplicant (0.6.0-2) unstable; urgency=low + + * Really allow 'wpa-conf managed' to pass through. + + -- Kel Modderman Wed, 04 Jul 2007 17:18:45 +1000 + +wpasupplicant (0.6.0-1) unstable; urgency=low + + [Kel Modderman] + * New upstream release. + - restructured source layout + * Adjust debian/wpasupplicant.examples, debian/wpagui.install, + debian/wpasupplicant.install, debian/wpasupplicant.manpages, and + debian/wpasupplicant.docs for new layout. + * Redjust debian/patches/30_dbus_policy.dpatch and + debian/patches/40_debian_doc_examples.dpatch to apply against new layout. + * Drop debian/patches/10_config.dpatch and + debian/patches/21_madwifi_includes.dpatch. + * Introduce makefile fragment for wpa_supplicant .config creation. Call it + from debian/rules. It is named debian/dot.config.mk. + * Add WPADIR variable to debian/rules, adjust build and install targets to + use WPADIR. + * Update madwifi_headers patch with code from current madwifi SVN trunk. + * Damage control: allow 'wpa-conf managed' to pass through without failure + for those people who followed the poor example outlined in the hidden + ssid's section of README.modes. Also remove the offending line from the + documentaion. (Closes: #428137) + + [Reinhard Tartler] + * Fix building wpagui. + * remove debian/wpasupplicant.preinst, since we don't support upgrades + from oldstable. This way we don't need to look at /var/lib/dpkg/status + anymore, which is unreliable anyway. Makes lintian happy. + + -- Reinhard Tartler Sun, 17 Jun 2007 10:33:31 +0100 + +wpasupplicant (0.6.0~cvs20070224-3) unstable; urgency=low + + * Add netdev group if it does not exist, since we provide a dbus + configuration file that insists on using that group. (Closes: #418641) + + -- Kel Modderman Sun, 22 Apr 2007 19:19:07 +1000 + +wpasupplicant (0.6.0~cvs20070224-2) unstable; urgency=low + + [Kel Modderman] + * Update XS-Vcs fields of debian/control to reflect pkg-wpa archive change. + * Update debian/copyright with new upstream URL's and Jouni's new email + address. + * Rename madwifi related dpatches to match that of hostapd source package. + * Update debian/watch with new upstream release URL. + + [Reinhard Tartler] + * Remove the prerm script as discussed on pkg-wpa-devel@ + * upload to unstable + + -- Kel Modderman Mon, 09 Apr 2007 18:09:08 +1000 + +wpasupplicant (0.6.0~cvs20070224-1) experimental; urgency=low + + * New upstream development release. (Closes: #401809) + * wpa_supplicant no longer segfaults on failure to initialize a network + interface. (Closes: #403301, #403313) + * Fixes EAP-PEAP/TTLS/FAST to use the correct EAP identifier in tunnelled + identity request. (Closes: #402619) + * Drop deprecated init script example. debian/wpa_supplicant.init-daemon. + * Drop debian/patches/10_orinoco_wep_key_fix.dpatch as the appropriate + driver fix has been included in mainline linux since 2.6.19-rc. + * Drop debian/patches/21_madwifiold_20060207_includes.dpatch, + madwifi-old is deprecated upstream. + * Remove false instructions from NEWS file regarding madwifi-old support + that has since been discarded from the source package. + * Drop debian/patches/11_erroneous_manpage_ref.dpatch, + applied upstream. + * Remove wpa-stakey code from conf_wpasupplicant() in functions.sh since it + is removed from upstream. + * Allow 'wpa-essid' to do the same thing as 'wpa-ssid'. (Closes: #403316) + * Update Uploader: email address. + * Update private madwifi includes to r2156 of madwifi.org SVN trunk. + * Make a large note in README.modes wpa-roam documentation that a + ctrl_interface MUST be defined for the roaming setup to function. + (Closes: #407936). + * Activate wpa_supplicant's dbus interface by installing + dbus-wpa_supplicant.conf to the appropriate location. (Closes: #412179) + * Add debian/patches/30_dbus_policy.dpatch to allow access control to + wpa_supplicant's dbus interface via the netdev group. (Michael Biebl). + * Install a service file to /usr/share/dbus-1/services/ for dbus aware + applications that may take advantage of that in the future (Michael + Biebl). + * Add support to ifupdown.sh for `wpa-mode' and `wpa-frequency' options used + in IBSS mode. Note that ifupdown.sh does not do any sanity checking for + the other many requirements for using wpa_supplicant in IBSS mode. + * Update XS-Vcs-* fields in control file, add Vcs-Browser token. + * Move debian spcific ifupdown sh glue into debian/ifupdown/. + * Have prerm gracefully bring down interfaces under the influence of + wpa_supplicant via wpa-ifupdown init script. + * Remove unrequired `unset' usage in wpa-ifupdown.init, discard stderr of + find invocations. + * Don't stop dbus wpasupplicant daemon via wpa-ifupdown. + * Suggest wireless-tools. (Closes: #413689) + + -- Kel Modderman Thu, 8 Mar 2007 03:23:51 +1000 + +wpasupplicant (0.5.5-4) unstable; urgency=low + + * Settings for wired networks are no longer ignored by functions.sh. + (Closes: #401413) + + -- Kel Modderman Sun, 10 Dec 2006 01:25:11 +1000 + +wpasupplicant (0.5.5-3) unstable; urgency=low + + * Make needlessly global shell function variables local. Use local + consistently. [debian/functions.sh] + * Enhance error message when wpa-conf or wpa-roam mode is requested, but the + supplied configuration file is not readable or incorrect. + [debian/ifupdown.sh] + * Exchange bogus copyright holder information of functions.sh, ifupdown.sh + and wpa_action.sh for information reflecting the _group_ behind them. + * Force ap_scan=0 for "wired" IEEE8021X type authentication. + [debian/functions.sh] + * Add debian specific location for example wpa_supplicant.conf files to + wpa_supplicant.conf(8). (Closes: #396005) + * Fix typo in wpa_supplicant(8) that referred to non-existant manpage. + (Closes: #389948) + * Update madwifi private includes to latest (r1794). + * Add XS-X-Vcs-Svn field to debian/control file. + * Shunt env var IFACE to WPA_IFACE in the ifupdown.sh, wpa_action.sh and + function.sh scripts. This allows further flexibility, such as the ability + to start wpa_supplicant on an arbitary interface specified by a + 'wpa-iface' line in /etc/network/interfaces. + + -- Kel Modderman Fri, 10 Nov 2006 11:12:56 +1000 + +wpasupplicant (0.5.5-2) unstable; urgency=low + + * Update madwifi headers to latest SVN. (Closes: #388316) + * Remove failed attempt at action locking. [debian/functions.sh, + debian/wpa_action.sh] + * Add hysteresis checking functions, to avoid "event loops" while + using wpa-roam. [debian/functions.sh, debian/wpa_action.sh] + * Change of co-maintainer email address. + * Add ishex() function to functions.sh to determine wpa-psk value type in + plaintext or hex. This effectively eliminates the need for the bogus and + somewhat confusing wpa-passphrase contruct specific to our scripts and + allows wpa-psk to work with either a 8 to 63 character long plaintext + string or 64 character long hex string. + * Adjust README.modes to not refer to the redundant wpa-passphrase stuff. + * Add big fat NOTE about acceptable wpa-psk's to top of example gallery. + * Strip surrounding quotes from wpa-ssid if present, instead of just whining + about them. + * Update email address in copyright blurb of functions.sh, ifupdown.sh and + wpa_action.sh. + + -- Kel Modderman Thu, 5 Oct 2006 08:04:01 +1000 + +wpasupplicant (0.5.5-1) unstable; urgency=low + + * wpa_supplicant(8) now describes the -P (PID file) line option in the + manpage. (Closes: #381721) + * wpa_passphrase(8) is clearer about describing its purpose. + * Start a paragraph in README.modes containing information about best + security practises while using and configuring wpa_supplicant. For now + it briefly covers the topic of file permissions. (Closes: #382241) + * Implement PSK and ASCII passphrase key sanity checking, and warn user + about suspicious key lengths (managed mode only). + * Add leading example network conf, using wpa-passphrase, to README.modes. + * README.Debian documentation changes as sugested by Eduard Bloch + (Closes: #382314) + - reordered sections by importance for a new user, this ensures wext info + for ipw drivers is obvious (Closes: #384299) + - rewrote the first chapter to give a fluent introduction, refered to + wireless-tools doc + - add missing .gz to README.notes path (Closes: #386603) + * Reshuffle of README.modes, moving How It Works section toward the latter + end to avoid stopping people from missing out on important info. + * Rename 'Notes About Managed Mode' to 'Important Notes About Managed Mode'. + * Clarify the status of madwifi and 'wext' in README.modes. + (Closes: #382651) + * Return exit status of daemon start commands. + * Further cleanup of ifupdown.sh, move functions to head of script. + * wpa-ifupdown no longer checks interface state. + * Touch logfile before redirecting output to it via exec, to make sure it is + writeable. + * Split common code into /etc/wpa_supplicant/ifupdown_common.sh, so that + ifupdown.sh and wpa_action.sh may share it. + * Add 'wpa_action iface check' option, to test if interface is under + influence of wpa_cli or not.. + * Start wpa_cli daemon from post-up to avoid a race condition with the + roaming daemon where association occurred before the master interface + state was recorded. This would cause the mapped logical interface to fail + on ifup, as wpa_action would fail to detect the state of the master + interface, thus not supply the --force option. This is where a stateless + ifupdown would really help. + * Make conf_wpa_supplicant no-act for roaming daemon. This is important, so + that we do not attach wpa_cli to the ctrl_interface socket and initiate + roaming before state is tracked. + * Add hints about 'auto' and 'allow-hotplug' options with respect to the + roaming interface in README.modes. (Closes: #384501) + * Drop patchset for commenting out large wpa_supplicant.conf, use sed + instead. + * Active dbus interface via CONFIG_CTRL_IFACE_DBUS, add build-dep of + libdbus-1-dev to debian/control. + * Upstream now provides a connect-to-open-ssid example in the large + wpa_supplicant.conf file, therefore there is no need to maintain such an + example. Rename wpa_connect_open_ap.conf to wpa_supplicant.conf.template + and adjust docs to use this as a starting point for the wpa-roam daemon. + * Install wpa_passphrase to /usr/bin, there is no need for it in early boot. + * Build qt4 wpa_gui from wpa_gui dir rather than pure qt4 variant + (wpa_gui-qt4) as per Jouni's advice. + * Add versioned dependency on lsb-base >= 3.0-6 for use of log_action_* in + wpa-ifupdown.init. (Closes: #386164) + * Use correct terminology when describing wpa-roam in wpa_action(8). + (Closes: #386813) + + -- Kel Modderman Mon, 11 Sep 2006 19:23:05 +1000 + +wpasupplicant (0.5.4-5) unstable; urgency=low + + * STDIN was not given to external mapping script correctly. Use the power of + eval to fix the issue. [wpa_action.sh] + * Fix stupid debian/control error: duplicate Suggests fields. + + -- Kel Modderman Thu, 10 Aug 2006 01:03:38 +1000 + +wpasupplicant (0.5.4-4) unstable; urgency=low + + * Add support to wpa_action.sh and ifupdown.sh for allowing external mapping + logic to be used as opposed to the id_str logic. Thanks to Felix Homman + for the great insight while implementing this feature. + * Add a timeout loop of max 60s when waiting for an action to finish. + [wpa_action.sh] + * Minor cleanups wrt code comments and function placement in ifupdown.sh. + * Suggest guessnet, now that it can directly "plug in" to wpa_action. Also + demote iproute from Recommends to Suggests, it is not important by any + means and was only added to honour a wishlist request. + * Prepare for ctrl_interface socket changes in 0.5.5. It can be provided by + 'DIR=foo GID=bar' or 'ctrl_interface=foo' in wpa_supplicant.conf. Our sed + check for this path in ifupdown.sh should now support both alternatives. + * Move LOCKFILE and LOGFILE into WPA_ namespace. [wpa_action.sh] + * Use semi-colon instead of comma for verbose output as that seems to be a + standard among many different applications. + + -- Kel Modderman Tue, 8 Aug 2006 20:04:11 +1000 + +wpasupplicant (0.5.4-3) unstable; urgency=low + + * UNRELEASED + * Further optimisation of ifupdown.sh, use return values in + init_wpa_supplicant() to dictate if further commands should follow, rather + than exiting immediately. + * Standardize echo'ing in ifupdown.sh. Add a wpa_msg() function to take care + of "verbose|action|stdout|stderr" messages. + * Add a 5 second timeout loop to init_wpa_supplicant() that waits for the + ctrl_interface socket to be established before allowing wpa_cli to launch, + and avoid a race condition. This means other functions no longer need to + test for existance of the ctrl_interface socket. [ifupdown.sh] + * Rename WPA_DRIVER to WPA_SUP_DRIVER to conform with name scheme of other + similar variables. [ifupdown.sh] + * Add (untested) wpa-bridge support to ifupdown.sh. This is an experimental + upstream feature. + * Major refactoring of wpa_action.sh, with all related commands put into + independent shell functions. + * Improve feedback from wpa_action.sh when used interactively. Give usage + statement instead of simply returning "insufficient parameters". + * 'wpa_action reload' is logged after the action. It is called interactively, + and should also give interactive feedback. Same for 'wpa_action stop'. + * Remove superfluous check for /var/log, and put logging initialisation into + its own function, log_init(). [wpa_action.sh] + * Shut `ip addr flush dev "$IFACE" up', it almost always has nothing to flush. + * wpa-ifupdown init script now takes care of all interfaces while displaying + only one line. + * Don't set -e in wpa_action.sh. wpa-ifupdown script no longer takes exit + status into account, and I'd prefer to account for all possible avenues of + exit possible and log all encountered problems. + * Really fix #375599, by containing the CTRL_IFACE_DIR path in WPA_SUP_CONF + always, customised or not. The WPA_CTRL_IFACE socket was not being created + when ommitted from the wpa_supplicant.conf file. + * Add 'wpa-maint-debug' to enable set -x in ifupdown.sh, so that we can easy + track down vague problems. + * Slightly modify the way in which madwifi is activated. The default config + we apply does not activate madwifi by default any longer, it is done via + seperate patches; 20_include_madwifi modifies the .config file to activate + the driver_madwifi backend, and adds the required CFLAGS to find the + includes that are later added via one of the 21_madwifi*_includes patches. + * Update madwifi includes to that of the current offering in the debian + archive, r1680. + * Implement basic locking for wpa_action action's for when the user callable + "stop" action is executed while wpa_action is busy configuring the device. + The wpa_cli daemon is killed, then wpa_action waits for the current action + to finish gracefully before killing wpa_suppliant. This helps avoid + inconsistencies with ifupdown when volatile conditions are experienced as + part of the roaming setup (for example, driver problems causing connection + loops). + * Rename WPA_CLI_ACTFILE to WPA_CLI_LOCKFILE in ifupdown.sh. + * Condemn the use of wpa-action scripts: + - add NEWS item describing the superior alternative: wpa-roam + - remove example action scripts + - remove conf_wpa_cli() from ifupdown.sh + * Condense README.Debian and NEWS, so that they contain only relevant items, + and do not repeat the same information. + * Massive enhancement of README.modes, in an attempt to relay the + information about how this package, and wpa_supplicant work in debian with + the greatest of clarity. + * Harden tests for daemon pidfiles. No longer be satisfied that a pidfile + exists, but use start-stop-daemon to test its validity by sending a signal + 0. Remove pidfiles that do not pass the test. + * Fix stupid $DAEMON_VEROSITY typo that was used consistently throughout + script. [ifupdown.sh] + * Assoctiate "down" with the stop action of wpa_action. + * Thanks Marc Haber for reading over docs and notifying of some of the + follwoing issues. + - Fix typo "automattically" in README.modes. + - Remove bogus pre-up example from wpa_action(8) and README.modes + - Explain in more detail how /etc/wpa_supplicant/ifupdown.sh works in + README.modes. + * Add "The Logfile" section to README.modes. + * Add patch from upstream to fix writing of stakey, peerkey, and id_str + network configuration variables into the configuration file when + update_config=1 is set. Thanks to Felix for reporting. + + -- Kel Modderman Thu, 3 Aug 2006 15:58:24 +1000 + +wpasupplicant (0.5.4-2) unstable; urgency=low + + [ Kel Modderman ] + * End testing period. The 0.5 branch of wpa_supplicant upstream has proven + to be non disruptive to users' configurations over the past few weeks, + lets now allow this to propogate to testing. (Closes: #374342) + * Clean up the LSB Init header block. Provide all fields as per LSB Init + Script Comment Convention specification. + * Do not use /usr/bin/env to interrogate the environment for IF_WPA + variables, /usr may not be mounted at time of invocation. Use `set' + (shell built-in) instead. (Closes: #376243) + * Exit if IFSTATE_FILE or INTERFACES_FILE do not exist. Also, look for + ifstate file in /var/run/network to remain compatible with Ubuntu's + ifupdown divergence. (lp#51351) + * Add a similar IFSTATE_FILE test to wpa-ifupdown.init, to remain compatible + with Ubuntu. (lp#51351) + * Update wpa_action.8 with the behaviour of wpa_action when IFSTATE_FILE or + INTERFACES_FILE cannot be found, and the pathnames searched for their + existance. + * Mention wpa_cli(8) in Custom Action Script section of README.Debian, as it + contains information about environment variables available to the script + at runtime. + * Also clarify dhclient wpacli-action script usage, to avoid people + mistakenly cp'ing the skeleton script. + * Add some info about howto revert installation of deprecated init script to + NEWS file. + * Add 'wpa-verbosity' switch, so that setting 'wpa-verbosity 1' in an + interfaces stanza will cause wpa_supplicant's ifupdown hook to be loud. + This was overlooked when #361586 was closed some time ago. + * Remove return value hack in wpa_action, use set -e to exit on error + instead. (Closes: #376553) + * Not only flush IFACE when iproute is installed, but also use /sbin/ip to + set 'up' operstate as well. + * Default to wext without exception. Remove the check for wireless extensions + via /proc/net/wireless, and prevent driver type of "wired" from being + selected in the case that the iface may not be "prepared" yet. + (Closes: #376651) + * Remove duplicating pidfile shell var's in wpa_action.sh by simply making + them global. + + [ Reinhard Tartler ] + * Note that ap_scap=2 can help speeding up associations (Closes: #368770) + * wpa_action: flush the ip addr, if the package iproute is installed + * wpa_action: add action 'reload' to reload the wpa_supplicant configuration + * debian/control: add iproute to Recommends + + -- Kel Modderman Wed, 5 Jul 2006 18:42:06 +1000 + +wpasupplicant (0.5.4-1) unstable; urgency=low + + * New upstream release. + * WPA_CRTL_DIR environment variable is now exported to action scripts, we + will use it to print a status report after a CONNECTED event. + * Make logfile contents easier to read by adding a break between each ACTION + event. + * Recommend dhcp3-client, it handles consecutive wpa_action events with more + grace than dhcp-client by not starting multiple dhclient processes on the + same interface. + * Don't remove wpa_action logfile on 'stop'. + * Enhance wpa_action(8) to better explain the concept of a LOGICAL + interface. + * Install wpa_passphrase to /bin. (Closes: #373948) + * Manpages have been slightly enhanced, and now briefly explain wpa_cli + action environment variables and wpa_supplicant -C and -g options. + (Closes: #372615) + * Rename wpa_cli daemon pidfile to wpa_action.IFACE.pid for wpa-roam. + * Further env variable testing cleanups to ifupdown.sh. + * Global rename of WPA_COMMON_CTRL_IFACE to WPA_CTRL_DIR, as this is used + for the same purposes upstream. + * No longer penalise users for not having ctrl_interface explicitly + contained within their wpa_supplicant.conf. (Closes: #375599) + * Move WPA_ACTION_SCRIPT sanity checking into init_wpa_supplicant() to avoid + ifupdown.sh exiting when bringing down an interface when ifup previously + failed due to a missing or non-executable action script. + * Add numerous code comments to ifupdown.sh. + * Move WPA_CLI_OPTIONS and WPA_SUP_OPTIONS into their respective init() + functions. + * wpa_action now logs 'stop' events to file, updated manpage. + * Split wpa_action logging into two parts, event and environment. Only + wpa_cli events will echo env var's. + * wpa_action exits with retval of ifdown command on 'stop' event. + * Add workaround for sendsigs (initscripts) terminating wpa_supplicant + processes before networking is shutdown gracefully. An init script + wpa-ifupdown is called at sequence number 15 in runlevels 0 and 6 to bring + down all interfaces that were started via ifupdown.sh. + + -- Kel Modderman Tue, 27 Jun 2006 20:29:33 +1000 + +wpasupplicant (0.5.3+20060522-3) unstable; urgency=low + + [Reinhard Tartler] + * review and make the warnings in debian/NEWS even more obvious. + * advertise the manpage wpa_action(8) and the implemented roaming solution + better. + + [Kel Modderman] + * Bugfix: /etc/network/ifstate is not guarenteed to exist, we should grep + /etc/network/run/ifstate in wpa_action. (Closes: #373179) + * Include madwifi old development headers and provide a series of steps to + enable support for users of the madwifi-old driver in debian/NEWS. + * Restore init script example and information about its usage. + * Use INTERFACES_FILE and IFSTATE_FILE in wpa_action.sh. Thanks for idea + from Modestas Vainius. + + -- Kel Modderman Wed, 14 Jun 2006 01:13:08 +1000 + +wpasupplicant (0.5.3+20060522-2) experimental; urgency=low + + * Warn user and exit when wpa-roam is not started with manual inet METHOD. + * Remove awk line to "guess" a network_id, instead create the new block and + store output of wpa_cli in WPA_ID. (make sure that -i IFACE is used) + * Rename wpa_cli_wrapper() to wpa_cli() and make it absoluetly generic, + including only the IFACE and path to ctrl_iface socket. + * Introduce wpa_cli_do() and rewrite conf_wpa_supplicant() to enhance + readability and maintainability. + * Make WPA_ID variable local to conf_wpa_supplicant() + * Exit with status 1 when wpa-action fails. + * Move test's into init/conf/kill function header and clean up phase + specific case constructs at the tail of ifupdown.sh. + * Ensure lang barrier does not interfere with wpa_cli, use LC_ALL=C. + * Add patch from Dan Williams that works around a problem specific to wep + keys and orinoco chipsets. + * Update madwifing_includes dpatch to latest madwifi.org svn. + * Add WPAGUI to debian/rules, so that only one change has to be made to use + a different wpa_gui target. Remove $(WPAGUI)/Makefile in clean target. + * Purge and forget about the old init example script. + + -- Kel Modderman Sat, 10 Jun 2006 22:25:58 +1000 + +wpasupplicant (0.5.3+20060522-1) experimental; urgency=low + + * New upstream development snapshot. + * Oops: Disable CONFIG_EAP_SAKE. (Closes: #366937) + * Rename debian/wpasupplicant.ifupdown to debian/ifupdown.sh. There is no + need for that script to be named that way, as it may falsely seem to be + handled by a debhelper target. + * Don't attempt to send terminate signal via wpa_cli when start-stop-daemon + can be used. + * Use debhelper 5 compat level. + * Use wpa_gui-qt4, and build-depend on libqt4-dev. + * Use WPA_ID instead of NW_ID to make variable similar with what upstream + uses for a similar purpose (unique identifier). + * Add ifupdown environment var's to verbose output to assist in debugging. + * Fix some typo's (engine_id, key_id) in ifupdown.sh. + * ifupdown.sh no longer busy-loops when using an action script with + wpa-action-timeout 0. Thanks to Elmar Hoffmann! + * Allow wpa_cli action daemon to engage before configuring wpa_supplicant + via wpa_cli set_network commands to avoid a possibly racy condition. + * Move VERBOSITY variable to the beginning of ifupdown.sh, with the others. + * Indent shell code in wpacli-action-* scripts. + * Bumb Standards-Version to 3.7.2. + * Allow for future PHASE specific stuff in start MODE of ifupdown.sh. + * Move the action script sanity checks out of init_wpa_supplicant into + common section of ifupdown.sh. + * Create wpa_cli_wrapper to assist in major code clean up and future + maintenance of ifupdown.sh. + * Support madwifi-ng private ioctl's with the inclusion of the headers from + madwifi.org svn trunk. (At the expense of not supporting the madwifi-old + driver, which is deprecated by upstream madwifi) + * Add wpa_action.sh to provide /sbin/wpa_action and facilitate roaming via + ifupdown and network settings defined in /etc/network/interfaces (refer to + wpa_action(8) for more details). + + -- Kel Modderman Sun, 28 May 2006 20:33:38 +1000 + +wpasupplicant (0.5.3-1) experimental; urgency=low + + * New upstream development release. + * Orphaned daemons that are spawned during an ifup process that is + manually terminated are now checked for and killed. + * Don't make noise when we are not using the manual inet method and + wpa-action is used. + * Warn about non-executable action script. + * Ensure wpa_cli actfile is destroyed. + * Make start-stop-daemon verbose when VERBOSITY is set. + * Renumber dpatches for sanity. + * Make ifupdown script modular; split into shell functions. + * Fix typo in README.Debian, referring to a non-existant location. + * Disconnect and terminate existing ctrl_interface sockets. + + -- Kel Modderman Sat, 29 Apr 2006 14:53:51 +1000 + +wpasupplicant (0.5.2-3) experimental; urgency=low + + [ Kel Modderman ] + * Remove bad information about wpa-driver-file in docs. + * Actually fall back to wext as DRIVER type in example init script. + * Fix typo in debian/control, remove suggests of dhcp*-client alltogether. + * Remove bogus commands to set eapol_version and fast_reauth. They cannot be + set via wpa_cli. + * Make preauthenticate a global wpa_cli setting, rather than a per-ssid one. + * Kill dhclient process after a DISCONNECT signal in dhclient action script + example. + * Document that the action script must must be executable. + * Fix check for wireless extensions for when there is not whitespace after + $IFACE:. + * grep for $IFACE in /proc/net/dev to verify it is a valid network interface. + * Improve documentation about wpa-driver, and further clarify that all + wpa_cli commands should be supported in e/n/i by prefixing them with + "wpa-". + * Add a note about wpa-action-timeout. + + [ Reinhard Tartler ] + * remove last reference to /etc/default/wpasupplicant. It is gone, don't + revive zombies! + * small cleanups in debian/rules + * further clarifications in README.Debian + + -- Kel Modderman Tue, 11 Apr 2006 22:05:06 +1000 + +wpasupplicant (0.5.2-2) experimental; urgency=low + + [ Kel Modderman ] + * Bump debian revision to upgrade over the previously version uploaded to + experimental, which has sufficiently changed since that time to warrant + rebasing the package upon the 0.4.8-1 release to unstable. + * Make ifupdown script exit silently when binaries are not found or + executable. + * When ifupdown exits with an error status, do not hide the echo'd problem + description behind the VERBOSITY environment variable. + * Remove check for wpa_cli pidfile when executing an action script. This + check was racy, and not always successful. Sometimes, the device was + marked as up without allowing the action script a chance to finish. + * Improve feedback for wpa_cli action script daemon. + * Ensure WPA_CLI_ACTFILE is removed when wpa_cli is terminated. + * Fix typo in ifupdown script that later propogated into some example + information in README.debian (wpa-apscan should have been wpa-ap-scan). + Provide backwards compatibility for this change for those who already + followed the example. + * Check for existing pidfiles before executing daemons via ifupdown. + + [ Reinhard Tartler ] + * enable driver test + * add eap_testing.txt to documentation + * enhance Readme.txt + + -- Kel Modderman Tue, 4 Apr 2006 06:40:35 +1000 + +wpasupplicant (0.4.8-1) unstable; urgency=low + + [ Reinhard Tartler ] + * Finally bringing in the new Upstream version with the ap scan patch for + wpa-cli, required by network-manager (Closes: #356072) + * Dropping Mode 3 (start by init script) (Closes: #356842, #357760) + * add hint for associating to hidden ssids (Closes: #358137) + * add a note for faciliating debugging connection problems + * add this note to README.modes as well. + * remove or backup obsolete conffiles + /etc/network/if-p{re-up,ost-down}.d/wpasupplicant + * install the wpasupplicant.conf(5) manpage (Closes: #358138) + * don't start wpa_supplicant for loopback interface (Closes: #359814) + * add explanation about action scripts, mentioning that we expect now + the action script to create a file indicating that the interface is ready + for use. + * add warning in NEWS.Debian that upgrading to this package requires + manual intervention by the local admin. + * move old 'default configuration' to /usr/share/doc/wpasupplicant/examples + as example for connecting to open APs. + * remove version restriction from preinst. This means that obsoleted + conffiles are always removed! + * moved the ifupdown script to /etc/wpa_supplicant/ifupdown.sh + * added note about binaries beeing moved to /sbin + + [ Scott James Remnant ] + * Undo 0.4.8-0ubuntu2's replacement of the preinst/postinst/postrm triad, + which replaced the upgrade-failure proof and policy compliant code with + "something else". + * Restore change to ifupdown script that makes "wpa-conf" unnecessary. + * Move /etc/wpa_supplicant.conf to /etc/wpa_supplicant/wpa_supplicant.conf + if the user has modified it, otherwise remove it and install the new file. + * Remove 0_ from if-*.d symlink names as we don't force an order or + even serialisation. + + [ Kel Modderman ] + * Remove check for /proc/net/packet. (Closes: M#37121) + * Add timeout loop when launching a wpa_cli action script in conjunction + with the manual inet METHOD, to allow other ifupdown hooks to + post-configure the interface just as they would have if using a standard + method such as dhcp or static. Introduce WPA_CLI_ACTFILE to allow a + wpa_cli action script to signal connected state to ifupdown. + * Add skeleton wpa_cli action script to examples. + * Simplify wpasupplicant.examples. + * Don't install wpa_supplcant.defconf as the default wpa_supplicant conffile, + our users don't want that file interrogated by anyone, even dpkg. + + -- Reinhard Tartler Fri, 31 Mar 2006 10:58:16 +0200 + +wpasupplicant (0.4.8-0ubuntu3) dapper; urgency=low + + * Add 40_ctrl_iface_hide_keys.dpatch to hide passwords and PINs from + our logfiles, preventing an information disclosure vulnerability. + + -- Adam Conrad Wed, 29 Mar 2006 23:49:26 +1100 + +wpasupplicant (0.4.8-0ubuntu2) dapper; urgency=low + + [ Kel Modderman ] - done in debian experimental for version 0.5.2-1 + * New upstream release. + * Add myself to Uploaders. + * Convert to cdbs. + - rewrite debian/rules to take advantage of cdbs + - update control file build-deps + * Update README.modes. + - clarify that wext is used by default, when no driver is specified + - fix exmaple of wpa-psk using a plaintext string + - fix typo's + * Fold pre-up scripts into one, and symlink from + /etc/network/if-{pre-up,down}.d/wpasupplicant + * Use VERBOSITY of ifupdown to assist debugging of wpa stanza's in + /etc/network/interfaces. + * Add support for wpa_cli action scripts. + * Use start-stop-daemon to initiate wpa_supplicant and wpa_cli background + processes. + * Daemons now create pidfiles. + * Quote tested var's in wpasupplicant.init. + * Quote all var's in wpsupplicant.default for uniformity. + * Move wpa_* to /sbin. + * Conffile for wpa_supplicant now installed to + /etc/wpa_supplicant/wpa_supplicant.conf. That directory will hold any + other files that we may require to use wpa_supplicant. + * Don't start wpasupplicant pre-up if the current kernel lacks support for + "Packet Socket" (CONFIG_PACKET=y). + * Fix blunders in the init script. + - typo, $PIFFILE should have been $PIDFILE + - init script exited when a configuration file WAS found + * Force init daemon's pidfile to be the same as wpasupplicant.ifupdown uses, + to avoid duplicate wpa_supplicant processes binding to the same interface. + * Remove the margin for error from the init daemon, by forcing the default + variables to be set. Helpful and informative comments were placed in the + default file. The init script will exit if these variables are not set + correctly. (Closes: #357957) + * Add comment to defconf about ctrl_interface and wpa_cli. + * Add comments to previously uncommented dpatch's. + * Include proof-of-concept dhlcient wpa-action script. Suggest + dhcp(3)-client. + * Thanks to Henrik Brix Andersen from gentoo for the ideas and inspriration + for some of the above changes. + + [ Reinhard Tartler ] + * compile wpa_gui with qt3 rather than qt4. (in order to faciliate + backporting to sarge) + * revert to debhelper 4 + * take the complete packaging from our experimental branch. The last upload + did not document all changes properly (see the list above), and had still + a lot of issues. + * fixing typo in the preinst + + -- Reinhard Tartler Mon, 27 Mar 2006 15:28:22 +0200 + +wpasupplicant (0.5.1-1) experimental; urgency=low + + [ Reinhard Tartler ] + * New Upstream Release. This is the current development branch of + wpasupplicant. + * revised the init script for supporting roaming mode + * introduce README.modes explaining the differnet modes of operation + * install manpage wpa_supplicant.conf(5) (Closes: #358138) + * make wpasupplicant create a PID file (Closes: #355052) + * Revise wpasupplicant.postinst (Closes: #322176) + + [ Kel Modderman ] + * New experimental ifupdown scripts. (Closes: #322176, #356205, #356144) + * Drop wpasupplicant.{postrm,postinst,override,docs}. + * Use dh_installchangelogs to handle upstream changelog. + * Enforce permissions on installed files. + * Clean up handling of madwifi includes + - dpatch contains description of origin + - dpatch does not modify upstream, use CFLAGS to include madwifi headers + * Add wpa_background manpage provided by upstream. + + -- Kel Modderman Tue, 14 Mar 2006 23:00:47 +1000 + +wpasupplicant (0.4.8-0ubuntu1) dapper; urgency=low + + * New upstream release: + - Various bug fixes + - Support for EAP-FAST key derivation using other ciphers than + RC4-128-SHA for authentication and AES128-SHA for provisioning. + - UVF exception granted by Kamion. + + * Packaging and configuration is based on Debian Experimental however, + making this package something of a bastard love child of what's in + Debian. + * Deliberately dropped support for wpasupplicant being run at startup to + make it easier for Ubuntu to support. It's now run on a per-interface + basis when the interface is brought up. + Consult /usr/share/doc/wpasupplicant/README.Debian for documentation + if upgrading from universe. + * Unlike Debian the wpa-conf /etc/network/interfaces is only needed for + explicitly giving a configuration file; simply include any setting + for wpa to be used. + * Binaries moved to /sbin for seb128. + + -- Scott James Remnant Thu, 23 Mar 2006 23:29:57 +0000 + +wpasupplicant (0.4.7-4) unstable; urgency=low + + [Daniel T Chen] + + * Convert rcS.d script to use /etc/network/if-p{ost-down,re-up}.d + instead. Remove the rcS.d script installed in 0.4.7-0ubuntu{1,2}. + If you manually modified /etc/network/interfaces to use the pre-up + and post-down directives with wpasupplicant, please remove them. + Thanks to Scott James Remnant for the guidance. (Closes: #304032) + + [Kel Modderman - submitted via bug #353530] (Closes: #353530) + + * Use upstream manpages. + * added watch file + * cleanups in debian/rules + * Install wpagui manpage to man8 + * Use qmake-qt4 directly, to avoid ftbfs on systems with other qt + versions installed. + + [Reinhard Tartler] + + * Merged with ubuntu package + * added myself to Uploaders + * use debhelper 5 + * remove debian/wpasupplicant.conffiles, debhelper handles this on its own + * renamed ChangeLog.gz to changelog.gz, (Policy 12.7) + * installed lintian override for possible multiple calling of update-rc.d. + This is necessary to support different upgrade paths. + * revised postinst, so that updating initskript links happens in when + configuring the package only + * introduce debian/NEWS, documenting importants bits of debian/changelogs, + and a bit about future development of wpasupplicant + * verified working WPA EAP-TLS on ipw2200. (Closes: #317548) + * /etc/init.d/wpasupplicant is now a initscript which is not started on + startup by default. (see changes by Daniel T Chen). lintian is not happy + about this, so another lintian override was added + + -- Reinhard Tartler Fri, 24 Feb 2006 18:27:52 +0100 + +wpasupplicant (0.4.7-3) unstable; urgency=low + + * Another brown paper bag release. + * Fix mistype of $CONFIG_FILE variable name in default script. Also make + this the same variable checked for existance in the init script, as that + was another bug I missed. (closes: #350900) + + -- Kyle McMartin Wed, 01 Feb 2006 09:21:41 -0500 + +wpasupplicant (0.4.7-2) unstable; urgency=low + + * Brown paper bag release. + * Add description for wpagui binary package... + + -- Kyle McMartin Sat, 28 Jan 2006 16:51:56 -0500 + +wpasupplicant (0.4.7-1) unstable; urgency=low + + * New upstream version. (closes: #347347) + * New binary package, wpa_gui; build-deps on Qt4. (closes: #332654) + * Move wpasupplicant to run in rcS, before networking. This will likely + upset a few people, but as wpasupplicant can wait for the interface to + exist before doing anything, it shouldn't cause any real problems. + (closes: #310136) + * Document in default config file that EAP-FAST will not work + without a patch to OpenSSL. (closes: #322174) + * Comment out most of the default config file, some people kept the + whole file verbatim, causing OpenSSL to try and load some uncommon + libraries people likely didn't have installed, resulting in + wpasupplicant segfaulting (closes: #330138, #336423) + * Also for #336423, Suggest: libengine-pkcs11-openssl, and document why. + * Make more noise when the daemon fails to run. (closes: #346265) + * Don't advertise that -i may not be required in default/wpasupplicant, + this option was removed as it did not scale to handle multiple + interfaces. (closes: #322175) + * Document typical location of config file in manpage. Note, + wpasupplicant no longer implicitly finds a config file. (closes: #315963) + * Add simple WPA-PSK example to default config file. (closes: #331533) + * Split up $OPTIONS in default/wpasupplicant. (closes: #331533) + + -- Kyle McMartin Sat, 28 Jan 2006 02:30:27 -0500 + +wpasupplicant (0.4.6-0.2) unstable; urgency=low + + * New upstream version (closes: #335487). + * This version is designed for Wireless Extensions 19 and so will work + with Linux kernel 2.6.14. Closes: #338131. + * Note that WPA support was added in Wireless Extensions 18 and should + therefore exist in new (2.6.14-compliant) drivers, including + ipw2200 v1.0.8. In order to take advantage of this new support you need to + invoke wpasupplicant with the wext driver ("-D wext" in + /etc/default/wpasupplicant for instance, instead of "-D ipw" say). + Probably closes also #304087 and #317548, but I'm not going to confirm + that just for an NMU. + * Added comments to README.Debian amounting to the above. + * Borrowed some of Norbert Preining's improvements: + - add debhelper token to postrm script + - fix address of FSF in copyright file + - bump standards version to 3.6.2 + (Kyle, when you get back to this package, find Norbert's other changes + upgrading to debhelper 4 in bug #338131). + * Set NMU version to 0.2 for Norbert's convenience. + * Marked /etc/init.d/wpasupplicant as a conffile (should really use + debhelper4 to take care of this, but I'm not going to make the other + changes needed for this). + + -- Drew Parsons Thu, 10 Nov 2005 20:34:35 +1100 + +wpasupplicant (0.4.4-1) unstable; urgency=low + + * New upstream version. + * Ship a default /etc/wpa_supplicant.conf which associates with any + open access point. (closes: #287220, #322171, #315964) + * /etc/default/wpasupplicant is no longer mode 755 (closes: #315031) + * Add a postrm script, oops, overlooked this initially... (closes: #327522) + * Fix hyphen/minus in man pages. (closes: #296310) + * patches/ + - 01_config + + update + + Enable wired driver. (closes: #325296) + + Add EAP_FAST to config, but comment it out. EAP_FAST requires a patch + to openssl before it is compileable. + - 10_madwifi_includes + + update from madwifi CVS. (closes: #326226) + + -- Kyle McMartin Sat, 24 Sep 2005 12:35:02 -0400 + +wpasupplicant (0.4.2-1) unstable; urgency=low + + * New upstream release. + * Add debhelper flag to postinst. + + -- Kyle McMartin Sat, 18 Jun 2005 19:04:02 -0400 + +wpasupplicant (0.4.1-0) unstable; urgency=low + + * New upstream release. + * This release was not uploaded. + + -- Kyle McMartin Sun, 29 May 2005 17:40:11 -0400 + +wpasupplicant (0.4.0-1) unstable; urgency=low + + * New upstream release. + * patches/ + - 12_ipw_open_aps + + remove patch: It seems to cause problems with associating with + open access points. + - 11_madwifi_open_aps + + remove patch, fixed upstream + driver_madwifi: fixed association in plaintext mode + + -- Kyle McMartin Sat, 30 Apr 2005 11:28:01 -0400 + +wpasupplicant (0.3.8-1) unstable; urgency=low + + * New upstream release. + * This release fixes a crash due to a buffer overflow, caused by + a missing validation step on EAPOL-Key frames. Receiving malformed + frames trigger the crash. More information available in the notes: + http://lists.shmoo.com/pipermail/hostap/2005-February/009465.html + * Fix some badness with the init script. Missed the -B option + to daemonize wpa_supplicant... pidfile is not currently being used + as it requires modifying wpa_supplicant. + * patches/ + - 12_ipw_open_aps (closes: #295143) + + merge patch against driver_ipw to fix association with + open access points. + + -- Kyle McMartin Tue, 15 Feb 2005 00:51:28 -0500 + +wpasupplicant (0.3.7-1) unstable; urgency=low + + * New upstream stable release. + * Add preliminary init script for wpasupplicant. Currently it will + start after pcmcia, for obvious reasons. (closes: #287219) + * patches/ + - 11_madwifi_open_aps (closes: #294909) + + merge patch against driver_madwifi to fix association with + open access points. + + -- Kyle McMartin Sat, 12 Feb 2005 22:56:11 -0500 + +wpasupplicant (0.3.2-2) unstable; urgency=low + + * patches/ + - 06_default_ifname + + support a default interface specified in wpa_supplicant.conf + + -- Kyle McMartin Sun, 23 Jan 2005 03:26:01 -0500 + +wpasupplicant (0.3.2-1) unstable; urgency=low + + * New upstream release. + * From upstream changelog, and verified: (closes: #286443) + + fixed private key loading for cases where passphrase is not set + + -- Kyle McMartin Mon, 20 Dec 2004 10:22:11 -0500 + +wpasupplicant (0.3.1-2) unstable; urgency=low + + * Add CONFIG_CTRL_IFACE=y option to maintain old configuration file + compatibility. + + -- Kyle McMartin Sat, 18 Dec 2004 14:03:19 -0500 + +wpasupplicant (0.3.1-1) unstable; urgency=low + + * The "Kyle is a lazy, lazy, lazy hacker" release. + * Removed patch for ipw2100, as it's been integrated + upstream. (closes: #281979) + * Remove default wpa_supplicant.conf from /etc, since we aren't + installing a configuration file that will work by default. Instead, + it has been moved to /usr/share/doc/wpasupplicant/examples. + * Enable a few more options. Unfortunately support for Broadcom's wl.o + must be disabled, since it requires a header file with an + "All Rights Reserved" copyright. LinuxAnt DriverLoader is similarly + disabled, though NDISWrapper is supported. + + -- Kyle McMartin Thu, 16 Dec 2004 12:39:01 -0500 + +wpasupplicant (0.2.5-2) unstable; urgency=low + + * Merged patch from Lorenzo Martignoni, to enable support for + WPA on the Intel IPW2100 wireless chipset (aka: Centrino). + + -- Kyle McMartin Sat, 23 Oct 2004 15:21:11 -0400 + +wpasupplicant (0.2.5-1) unstable; urgency=low + + * New upstream version. (closes: #276368) + + -- Kyle McMartin Tue, 12 Oct 2004 09:10:19 -0400 + +wpasupplicant (0.2.4-2) unstable; urgency=low + + * patches/ + - 01_config + + enable TLS support (and various other non-default configurations) + - 05_default_conf + + patch to use "/etc/wpa_supplicant.conf" by default, instead of + prompting for the configuration on the command line. + * Add Build-Depends on libssl-dev, used by various EAPs. + + -- Kyle McMartin Sun, 12 Sep 2004 11:16:19 -0400 + +wpasupplicant (0.2.4-1) unstable; urgency=low + + * Initial release. + * patches/ + - 01_config + + default configuration + - 10_madwifi + + support for wireless cards using the madwifi driver + + -- Kyle McMartin Sun, 5 Sep 2004 13:19:27 -0400 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..7ed6ff8 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +5 diff --git a/debian/config/kfreebsd b/debian/config/kfreebsd new file mode 100644 index 0000000..1d6b516 --- /dev/null +++ b/debian/config/kfreebsd @@ -0,0 +1,331 @@ +# Debian's wpa_supplicant build time configuration + +# Driver interface for Host AP driver +#CONFIG_DRIVER_HOSTAP=y + +# Driver interface for Agere driver +# XXX: Non-GPL header required +#CONFIG_DRIVER_HERMES=y +# Change include directories to match with the local setup +#CFLAGS += -I../../hcf -I../../include -I../../include/hcf +#CFLAGS += -I../../include/wireless + +# Driver interface for madwifi driver +#CONFIG_DRIVER_MADWIFI=y +# Change include directories to match with the local setup +#CFLAGS += -I../debian/madwifi-headers + +# Driver interface for Prism54 driver +# (Note: Prism54 is not yet supported, i.e., this will not work as-is and is +# for developers only) +#CONFIG_DRIVER_PRISM54=y + +# Driver interface for ndiswrapper +# XXX: Deprecated since Linux 2.6.14 +#CONFIG_DRIVER_NDISWRAPPER=y + +# Driver interface for Atmel driver +#CONFIG_DRIVER_ATMEL=y + +# Driver interface for Broadcom driver +# XXX: Non-GPL header required +#CONFIG_DRIVER_BROADCOM=y +# Example path for wlioctl.h; change to match your configuration +#CFLAGS += -I/opt/WRT54GS/release/src/include + +# Driver interface for Intel ipw2100/2200 driver +# XXX: Deprecated since Linux 2.6.14 +#CONFIG_DRIVER_IPW=y + +# Driver interface for Ralink driver +# XXX: rt2x00 supports DRIVER_WEXT, the legacy drivers hardly work at all +#CONFIG_DRIVER_RALINK=y + +# Driver interface for generic Linux wireless extensions +#CONFIG_DRIVER_WEXT=y + +# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) +CONFIG_DRIVER_BSD=y +#CFLAGS += -I/usr/local/include +LIBS += -lbsd + +# Driver interface for Windows NDIS +# XXX: we don't cater for the win32 arch +#CONFIG_DRIVER_NDIS=y +#CFLAGS += -I/usr/include/w32api/ddk +#LIBS += -L/usr/local/lib +# For native build using mingw +#CONFIG_NATIVE_WINDOWS=y +# Additional directories for cross-compilation on Linux host for mingw target +#CFLAGS += -I/opt/mingw/mingw32/include/ddk +#LIBS += -L/opt/mingw/mingw32/lib +#CC=mingw32-gcc +# By default, driver_ndis uses WinPcap for low-level operations. This can be +# replaced with the following option which replaces WinPcap calls with NDISUIO. +# However, this requires that WZC is disabled (net stop wzcsvc) before starting +# wpa_supplicant. +# CONFIG_USE_NDISUIO=y + +# Driver interface for development testing +#CONFIG_DRIVER_TEST=y + +# Driver interface for wired Ethernet drivers +#CONFIG_DRIVER_WIRED=y + +# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is +# included) +CONFIG_IEEE8021X_EAPOL=y + +# EAP-MD5 +CONFIG_EAP_MD5=y + +# EAP-MSCHAPv2 +CONFIG_EAP_MSCHAPV2=y + +# EAP-TLS +CONFIG_EAP_TLS=y + +# EAL-PEAP +CONFIG_EAP_PEAP=y + +# EAP-TTLS +CONFIG_EAP_TTLS=y + +# EAP-FAST +# Note: Default OpenSSL package does not include support for all the +# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, +# the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch) +# to add the needed functions. +#CONFIG_EAP_FAST=y + +# EAP-GTC +CONFIG_EAP_GTC=y + +# EAP-OTP +CONFIG_EAP_OTP=y + +# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) +CONFIG_EAP_SIM=y + +# EAP-PSK (experimental; this is _not_ needed for WPA-PSK) +CONFIG_EAP_PSK=y + +# EAP-PAX +CONFIG_EAP_PAX=y + +# LEAP +CONFIG_EAP_LEAP=y + +# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) +CONFIG_EAP_AKA=y + +# EAP-SAKE +#CONFIG_EAP_SAKE=y + +# EAP-GPSK +#CONFIG_EAP_GPSK=y +# Include support for optional SHA256 cipher suite in EAP-GPSK +#CONFIG_EAP_GPSK_SHA256=y + +# EAP-TNC and related Trusted Network Connect support (experimental) +#CONFIG_EAP_TNC=y + +# EAP-WSC for Wi-Fi Protected Setup +CONFIG_EAP_WSC=y + +# EAP-IKEv2 +#CONFIG_EAP_IKEV2=y + +# PKCS#12 (PFX) support (used to read private key and certificate file from +# a file that usually has extension .p12 or .pfx) +CONFIG_PKCS12=y + +# Smartcard support (i.e., private key on a smartcard), e.g., with openssl +# engine. +CONFIG_SMARTCARD=y + +# PC/SC interface for smartcards (USIM, GSM SIM) +# Enable this if EAP-SIM or EAP-AKA is included +CONFIG_PCSC=y + +# Development testing +#CONFIG_EAPOL_TEST=y + +# Select control interface backend for external programs, e.g, wpa_cli: +# unix = UNIX domain sockets (default for Linux/*BSD) +# udp = UDP sockets using localhost (127.0.0.1) +# named_pipe = Windows Named Pipe (default for Windows) +# y = use default (backwards compatibility) +# If this option is commented out, control interface is not included in the +# build. +CONFIG_CTRL_IFACE=y + +# Include support for GNU Readline and History Libraries in wpa_cli. +# When building a wpa_cli binary for distribution, please note that these +# libraries are licensed under GPL and as such, BSD license may not apply for +# the resulting binary. +CONFIG_READLINE=y + +# Remove debugging code that is printing out debug message to stdout. +# This can be used to reduce the size of the wpa_supplicant considerably +# if debugging code is not needed. The size reduction can be around 35% +# (e.g., 90 kB). +#CONFIG_NO_STDOUT_DEBUG=y + +# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save +# 35-50 kB in code size. +#CONFIG_NO_WPA=y + +# Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to +# save about 1 kB in code size when building only WPA-Personal (no EAP support) +# or 6 kB if building for WPA-Enterprise. +#CONFIG_NO_WPA2=y + +# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support +# This option can be used to reduce code size by removing support for +# converting ASCII passphrases into PSK. If this functionality is removed, the +# PSK can only be configured as the 64-octet hexstring (e.g., from +# wpa_passphrase). This saves about 0.5 kB in code size. +#CONFIG_NO_WPA_PASSPHRASE=y + +# Remove AES extra functions. This can be used to reduce code size by about +# 1.5 kB by removing extra AES modes that are not needed for commonly used +# client configurations (they are needed for some EAP types). +#CONFIG_NO_AES_EXTRAS=y + +# Disable scan result processing (ap_mode=1) to save code size by about 1 kB. +# This can be used if ap_scan=1 mode is never enabled. +#CONFIG_NO_SCAN_PROCESSING=y + +# Select configuration backend: +# file = text file (e.g., wpa_supplicant.conf; note: the configuration file +# path is given on command line, not here; this option is just used to +# select the backend that allows configuration files to be used) +# winreg = Windows registry (see win_example.reg for an example) +CONFIG_BACKEND=file + +# Remove configuration write functionality (i.e., to allow the configuration +# file to be updated based on runtime configuration changes). The runtime +# configuration can still be changed, the changes are just not going to be +# persistent over restarts. This option can be used to reduce code size by +# about 3.5 kB. +#CONFIG_NO_CONFIG_WRITE=y + +# Remove support for configuration blobs to reduce code size by about 1.5 kB. +#CONFIG_NO_CONFIG_BLOBS=y + +# Select program entry point implementation: +# main = UNIX/POSIX like main() function (default) +# main_winsvc = Windows service (read parameters from registry) +# main_none = Very basic example (development use only) +CONFIG_MAIN=main + +# Select wrapper for operatins system and C library specific functions +# unix = UNIX/POSIX like systems (default) +# win32 = Windows systems +# none = Empty template +CONFIG_OS=unix + +# Select event loop implementation +# eloop = select() loop (default) +# eloop_win = Windows events and WaitForMultipleObject() loop +# eloop_none = Empty template +CONFIG_ELOOP=eloop + +# Select layer 2 packet implementation +# linux = Linux packet socket (default) +# pcap = libpcap/libdnet/WinPcap +# freebsd = FreeBSD libpcap +# winpcap = WinPcap with receive thread +# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y) +# none = Empty template +CONFIG_L2_PACKET=freebsd + +# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) +CONFIG_PEERKEY=y + +# IEEE 802.11w (management frame protection) +# This version is an experimental implementation based on IEEE 802.11w/D1.0 +# draft and is subject to change since the standard has not yet been finalized. +# Driver support is also needed for IEEE 802.11w. +CONFIG_IEEE80211W=y + +# Select TLS implementation +# openssl = OpenSSL (default) +# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA) +# internal = Internal TLSv1 implementation (experimental) +# none = Empty template +CONFIG_TLS=openssl + +# Whether to enable TLS/IA support, which is required for EAP-TTLSv1. +# You need CONFIG_TLS=gnutls for this to have any effect. Please note that +# even though the core GnuTLS library is released under LGPL, this extra +# library uses GPL and as such, the terms of GPL apply to the combination +# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not +# apply for distribution of the resulting binary. +#CONFIG_GNUTLS_EXTRA=y + +# If CONFIG_TLS=internal is used, additional library and include paths are +# needed for LibTomMath. Alternatively, an integrated, minimal version of +# LibTomMath can be used. See beginning of libtommath.c for details on benefits +# and drawbacks of this option. +#CONFIG_INTERNAL_LIBTOMMATH=y +#ifndef CONFIG_INTERNAL_LIBTOMMATH +#LTM_PATH=/usr/src/libtommath-0.39 +#CFLAGS += -I$(LTM_PATH) +#LIBS += -L$(LTM_PATH) +#LIBS_p += -L$(LTM_PATH) +#endif + +# Include NDIS event processing through WMI into wpa_supplicant/wpasvc. +# This is only for Windows builds and requires WMI-related header files and +# WbemUuid.Lib from Platform SDK even when building with MinGW. +#CONFIG_NDIS_EVENTS_INTEGRATED=y +#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" + +# Add support for DBus control interface +CONFIG_CTRL_IFACE_DBUS=y + +# Add support for loading EAP methods dynamically as shared libraries. +# When this option is enabled, each EAP method can be either included +# statically (CONFIG_EAP_=y) or dynamically (CONFIG_EAP_=dyn). +# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to +# be loaded in the beginning of the wpa_supplicant configuration file +# (see load_dynamic_eap parameter in the example file) before being used in +# the network blocks. +# +# Note that some shared parts of EAP methods are included in the main program +# and in order to be able to use dynamic EAP methods using these parts, the +# main program must have been build with the EAP method enabled (=y or =dyn). +# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries +# unless at least one of them was included in the main build to force inclusion +# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included +# in the main build to be able to load these methods dynamically. +# +# Please also note that using dynamic libraries will increase the total binary +# size. Thus, it may not be the best option for targets that have limited +# amount of memory/flash. +#CONFIG_DYNAMIC_EAP_METHODS=y + +# Include client MLME (management frame processing). +# This can be used to move MLME processing of Devicescape IEEE 802.11 stack +# into user space. +#CONFIG_CLIENT_MLME=y +# Currently, driver_devicescape.c build requires some additional parameters +# to be able to include some of the kernel header files. Following lines can +# be used to set these (WIRELESS_DEV must point to the root directory of the +# wireless-dev.git tree). +#WIRELESS_DEV=/usr/src/wireless-dev +#CFLAGS += -I$(WIRELESS_DEV)/net/mac80211 + +# IEEE 802.11r/D4.1 (Fast BSS Transition) +# This enables an experimental implementation of a draft version of +# IEEE 802.11r. This draft is still subject to change, so it should be noted +# that this version may not comply with the final standard. +CONFIG_IEEE80211R=y + +# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) +CONFIG_DEBUG_FILE=y + +# Enable privilege separation (see README 'Privilege separation' for details) +#CONFIG_PRIVSEP=y diff --git a/debian/config/linux b/debian/config/linux new file mode 100644 index 0000000..6fe26ac --- /dev/null +++ b/debian/config/linux @@ -0,0 +1,336 @@ +# Debian's wpa_supplicant build time configuration + +# Driver interface for Host AP driver +# XXX: Linux mainline hostap driver supports wext since Linux 2.6.14 (or earlier) +#CONFIG_DRIVER_HOSTAP=y + +# Driver interface for Agere driver +# XXX: Non-GPL header required +#CONFIG_DRIVER_HERMES=y +# Change include directories to match with the local setup +#CFLAGS += -I../../hcf -I../../include -I../../include/hcf +#CFLAGS += -I../../include/wireless + +# Driver interface for madwifi driver +# XXX: madwifi driver supports wext in all Debian releases so far +#CONFIG_DRIVER_MADWIFI=y +# Change include directories to match with the local setup +#CFLAGS += -I../debian/madwifi-headers + +# Driver interface for Prism54 driver +# (Note: Prism54 is not yet supported, i.e., this will not work as-is and is +# for developers only) +#CONFIG_DRIVER_PRISM54=y + +# Driver interface for ndiswrapper +# XXX: Deprecated since Linux 2.6.14 +#CONFIG_DRIVER_NDISWRAPPER=y + +# Driver interface for Atmel driver +#CONFIG_DRIVER_ATMEL=y + +# Driver interface for Broadcom driver +# XXX: Non-GPL header required +#CONFIG_DRIVER_BROADCOM=y +# Example path for wlioctl.h; change to match your configuration +#CFLAGS += -I/opt/WRT54GS/release/src/include + +# Driver interface for Intel ipw2100/2200 driver +# XXX: Deprecated since Linux 2.6.14 +#CONFIG_DRIVER_IPW=y + +# Driver interface for Ralink driver +# XXX: rt2x00 supports DRIVER_WEXT, the legacy drivers hardly work at all +#CONFIG_DRIVER_RALINK=y + +# Driver interface for generic Linux wireless extensions +CONFIG_DRIVER_WEXT=y + +# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) +# XXX: we are not FreeBSD +#CONFIG_DRIVER_BSD=y +#CFLAGS += -I/usr/local/include +#LIBS += -L/usr/local/lib + +# Driver interface for Windows NDIS +# XXX: we don't cater for the win32 arch +#CONFIG_DRIVER_NDIS=y +#CFLAGS += -I/usr/include/w32api/ddk +#LIBS += -L/usr/local/lib +# For native build using mingw +#CONFIG_NATIVE_WINDOWS=y +# Additional directories for cross-compilation on Linux host for mingw target +#CFLAGS += -I/opt/mingw/mingw32/include/ddk +#LIBS += -L/opt/mingw/mingw32/lib +#CC=mingw32-gcc +# By default, driver_ndis uses WinPcap for low-level operations. This can be +# replaced with the following option which replaces WinPcap calls with NDISUIO. +# However, this requires that WZC is disabled (net stop wzcsvc) before starting +# wpa_supplicant. +# CONFIG_USE_NDISUIO=y + +# Driver interface for development testing +#CONFIG_DRIVER_TEST=y + +# Driver interface for wired Ethernet drivers +CONFIG_DRIVER_WIRED=y + +# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is +# included) +CONFIG_IEEE8021X_EAPOL=y + +# EAP-MD5 +CONFIG_EAP_MD5=y + +# EAP-MSCHAPv2 +CONFIG_EAP_MSCHAPV2=y + +# EAP-TLS +CONFIG_EAP_TLS=y + +# EAL-PEAP +CONFIG_EAP_PEAP=y + +# EAP-TTLS +CONFIG_EAP_TTLS=y + +# EAP-FAST +# Note: Default OpenSSL package does not include support for all the +# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, +# the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch) +# to add the needed functions. +#CONFIG_EAP_FAST=y + +# EAP-GTC +CONFIG_EAP_GTC=y + +# EAP-OTP +CONFIG_EAP_OTP=y + +# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) +#CONFIG_EAP_SIM=y + +# EAP-PSK (experimental; this is _not_ needed for WPA-PSK) +CONFIG_EAP_PSK=y + +# EAP-PAX +CONFIG_EAP_PAX=y + +# LEAP +CONFIG_EAP_LEAP=y + +# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) +CONFIG_EAP_AKA=y + +# EAP-SAKE +#CONFIG_EAP_SAKE=y + +# EAP-GPSK +#CONFIG_EAP_GPSK=y +# Include support for optional SHA256 cipher suite in EAP-GPSK +#CONFIG_EAP_GPSK_SHA256=y + +# EAP-TNC and related Trusted Network Connect support (experimental) +#CONFIG_EAP_TNC=y + +# EAP-IKEv2 +#CONFIG_EAP_IKEV2=y + +# PKCS#12 (PFX) support (used to read private key and certificate file from +# a file that usually has extension .p12 or .pfx) +CONFIG_PKCS12=y + +# Smartcard support (i.e., private key on a smartcard), e.g., with openssl +# engine. +#CONFIG_SMARTCARD=y + +# PC/SC interface for smartcards (USIM, GSM SIM) +# Enable this if EAP-SIM or EAP-AKA is included +#CONFIG_PCSC=y + +# Development testing +#CONFIG_EAPOL_TEST=y + +# Select control interface backend for external programs, e.g, wpa_cli: +# unix = UNIX domain sockets (default for Linux/*BSD) +# udp = UDP sockets using localhost (127.0.0.1) +# named_pipe = Windows Named Pipe (default for Windows) +# y = use default (backwards compatibility) +# If this option is commented out, control interface is not included in the +# build. +CONFIG_CTRL_IFACE=y + +# Include support for GNU Readline and History Libraries in wpa_cli. +# When building a wpa_cli binary for distribution, please note that these +# libraries are licensed under GPL and as such, BSD license may not apply for +# the resulting binary. +#CONFIG_READLINE=y + +# Remove debugging code that is printing out debug message to stdout. +# This can be used to reduce the size of the wpa_supplicant considerably +# if debugging code is not needed. The size reduction can be around 35% +# (e.g., 90 kB). +#CONFIG_NO_STDOUT_DEBUG=y + +# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save +# 35-50 kB in code size. +#CONFIG_NO_WPA=y + +# Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to +# save about 1 kB in code size when building only WPA-Personal (no EAP support) +# or 6 kB if building for WPA-Enterprise. +#CONFIG_NO_WPA2=y + +# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support +# This option can be used to reduce code size by removing support for +# converting ASCII passphrases into PSK. If this functionality is removed, the +# PSK can only be configured as the 64-octet hexstring (e.g., from +# wpa_passphrase). This saves about 0.5 kB in code size. +#CONFIG_NO_WPA_PASSPHRASE=y + +# Remove AES extra functions. This can be used to reduce code size by about +# 1.5 kB by removing extra AES modes that are not needed for commonly used +# client configurations (they are needed for some EAP types). +#CONFIG_NO_AES_EXTRAS=y + +# Disable scan result processing (ap_mode=1) to save code size by about 1 kB. +# This can be used if ap_scan=1 mode is never enabled. +#CONFIG_NO_SCAN_PROCESSING=y + +# Select configuration backend: +# file = text file (e.g., wpa_supplicant.conf; note: the configuration file +# path is given on command line, not here; this option is just used to +# select the backend that allows configuration files to be used) +# winreg = Windows registry (see win_example.reg for an example) +CONFIG_BACKEND=file + +# Remove configuration write functionality (i.e., to allow the configuration +# file to be updated based on runtime configuration changes). The runtime +# configuration can still be changed, the changes are just not going to be +# persistent over restarts. This option can be used to reduce code size by +# about 3.5 kB. +#CONFIG_NO_CONFIG_WRITE=y + +# Remove support for configuration blobs to reduce code size by about 1.5 kB. +#CONFIG_NO_CONFIG_BLOBS=y + +# Select program entry point implementation: +# main = UNIX/POSIX like main() function (default) +# main_winsvc = Windows service (read parameters from registry) +# main_none = Very basic example (development use only) +CONFIG_MAIN=main + +# Select wrapper for operatins system and C library specific functions +# unix = UNIX/POSIX like systems (default) +# win32 = Windows systems +# none = Empty template +CONFIG_OS=unix + +# Select event loop implementation +# eloop = select() loop (default) +# eloop_win = Windows events and WaitForMultipleObject() loop +# eloop_none = Empty template +CONFIG_ELOOP=eloop + +# Select layer 2 packet implementation +# linux = Linux packet socket (default) +# pcap = libpcap/libdnet/WinPcap +# freebsd = FreeBSD libpcap +# winpcap = WinPcap with receive thread +# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y) +# none = Empty template +CONFIG_L2_PACKET=linux + +# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) +CONFIG_PEERKEY=y + +# IEEE 802.11w (management frame protection) +# This version is an experimental implementation based on IEEE 802.11w/D1.0 +# draft and is subject to change since the standard has not yet been finalized. +# Driver support is also needed for IEEE 802.11w. +CONFIG_IEEE80211W=y + +# Select TLS implementation +# openssl = OpenSSL (default) +# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA) +# internal = Internal TLSv1 implementation (experimental) +# none = Empty template +CONFIG_TLS=openssl + +# Whether to enable TLS/IA support, which is required for EAP-TTLSv1. +# You need CONFIG_TLS=gnutls for this to have any effect. Please note that +# even though the core GnuTLS library is released under LGPL, this extra +# library uses GPL and as such, the terms of GPL apply to the combination +# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not +# apply for distribution of the resulting binary. +#CONFIG_GNUTLS_EXTRA=y + +# If CONFIG_TLS=internal is used, additional library and include paths are +# needed for LibTomMath. Alternatively, an integrated, minimal version of +# LibTomMath can be used. See beginning of libtommath.c for details on benefits +# and drawbacks of this option. +#CONFIG_INTERNAL_LIBTOMMATH=y +#ifndef CONFIG_INTERNAL_LIBTOMMATH +#LTM_PATH=/usr/src/libtommath-0.39 +#CFLAGS += -I$(LTM_PATH) +#LIBS += -L$(LTM_PATH) +#LIBS_p += -L$(LTM_PATH) +#endif +# At the cost of about 4 kB of additional binary size, the internal LibTomMath +# can be configured to include faster routines for exptmod, sqr, and div to +# speed up DH and RSA calculation considerably +#CONFIG_INTERNAL_LIBTOMMATH_FAST=y + +# Include NDIS event processing through WMI into wpa_supplicant/wpasvc. +# This is only for Windows builds and requires WMI-related header files and +# WbemUuid.Lib from Platform SDK even when building with MinGW. +#CONFIG_NDIS_EVENTS_INTEGRATED=y +#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" + +# Add support for DBus control interface +CONFIG_CTRL_IFACE_DBUS=y + +# Add support for loading EAP methods dynamically as shared libraries. +# When this option is enabled, each EAP method can be either included +# statically (CONFIG_EAP_=y) or dynamically (CONFIG_EAP_=dyn). +# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to +# be loaded in the beginning of the wpa_supplicant configuration file +# (see load_dynamic_eap parameter in the example file) before being used in +# the network blocks. +# +# Note that some shared parts of EAP methods are included in the main program +# and in order to be able to use dynamic EAP methods using these parts, the +# main program must have been build with the EAP method enabled (=y or =dyn). +# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries +# unless at least one of them was included in the main build to force inclusion +# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included +# in the main build to be able to load these methods dynamically. +# +# Please also note that using dynamic libraries will increase the total binary +# size. Thus, it may not be the best option for targets that have limited +# amount of memory/flash. +#CONFIG_DYNAMIC_EAP_METHODS=y + +# Include client MLME (management frame processing). +# This can be used to move MLME processing of Devicescape IEEE 802.11 stack +# into user space. +#CONFIG_CLIENT_MLME=y +# Currently, driver_devicescape.c build requires some additional parameters +# to be able to include some of the kernel header files. Following lines can +# be used to set these (WIRELESS_DEV must point to the root directory of the +# wireless-dev.git tree). +WIRELESS_DEV=~/core/compat-wireless-2009-01-26 +CFLAGS += -I$(WIRELESS_DEV)/net/mac80211 + +# IEEE Std 802.11r-2008 (Fast BSS Transition) +CONFIG_IEEE80211R=y + +# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) +CONFIG_DEBUG_FILE=y + +# Enable privilege separation (see README 'Privilege separation' for details) +#CONFIG_PRIVSEP=y + +# Enable mitigation against certain attacks against TKIP by delaying Michael +# MIC error reports by a random amount of time between 0 and 60 seconds +CONFIG_DELAYED_MIC_ERROR_REPORT=y diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..9a80243 --- /dev/null +++ b/debian/control @@ -0,0 +1,23 @@ +Source: wpasupplicant +Section: net +Priority: optional +Maintainer: Jukka Rissanen +Build-Depends: debhelper (>= 5), + libdbus-glib-1-dev, + libssl-dev, + libdbus-1-dev, + pkg-config +Standards-Version: 3.8.0 +Vcs-Git: https://git.maemo.org/projects/wpasupplicant +Homepage: http://w1.fi/wpa_supplicant/ + +Package: wpasupplicant +Architecture: any +Depends: ${shlibs:Depends}, lsb-base (>= 3.0-6) +Suggests: wpagui, libengine-pkcs11-openssl +Description: client support for WPA and WPA2 (IEEE 802.11i) + WPA and WPA2 are methods for securing wireless networks, the former + using IEEE 802.1X, and the latter using IEEE 802.11i. This software + provides key negotiation with the WPA Authenticator, and controls + association with IEEE 802.11i networks. + diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..fd1a629 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,97 @@ +Upstream-Name: wpa_supplicant +Upstream-Maintainer: Jouni Malinen +Upstream-Source: http://w1.fi/wpa_supplicant/ + +Files: debian/* +Copyright: Copyright (c) 2004-2006, Kyle McMartin +Copyright: Copyright (c) 2006-2008, Reinhard Tartler +Copyright: Copyright (c) 2006-2008, Kel Modderman +License: BSD | GPL-2 + +Files: * +Copyright: Copyright (c) 2002-2007, Jouni Malinen and contributors +License: BSD | GPL-2 + +Files: src/common/wireless_copy.h +Copyright: Copyright (c) 1997-2005, Jean Tourrilhes +License: BSD | GPL-2 + +Files: src/drivers/driver_atmel.c +Copyright: Copyright (c) 2000-2005, ATMEL Corporation +Copyright: Copyright (c) 2004-2007, Jouni Malinen +License: BSD | GPL-2 + +Files: src/drivers/driver_broadcom.c +Copyright: Copyright (c) 2004, Nikki Chumkov +Copyright: Copyright (c) 2004, Jouni Malinen +License: BSD | GPL-2 + +Files: src/drivers/driver_bsd.c +Copyright: Copyright (c) 2004, Sam Leffler +License: BSD | GPL-2 + +Files: src/drivers/driver_ipw.c +Copyright: Copyright (c) 2005, Zhu Yi +Copyright: Copyright (c) 2004, Lubomir Gelo +Copyright: Copyright (c) 2003-2004, Jouni Malinen +License: BSD | GPL-2 + +Files: src/drivers/driver_madwifi.c +Copyright: Copyright (c) 2004, Sam Leffler +Copyright: Copyright (c) 2004-2005, Jouni Malinen +License: BSD | GPL-2 + +Files: src/drivers/driver_ndiswrapper.c +Copyright: Copyright (c) 2004-2006, Giridhar Pemmasani +Copyright: Copyright (c) 2004-2006, Jouni Malinen +License: BSD | GPL-2 + +Files: src/drivers/driver_prism54.c +Copyright: Copyright (c) 2003-2005, Jouni Malinen +Copyright: Copyright (c) 2004, Luis R. Rodriguez +License: BSD | GPL-2 + +Files: src/drivers/driver_ralink.* +Copyright: Copyright (c) 2003-2006, Jouni Malinen +Copyright: Copyright (c) 2007, Snowpin Lee +License: BSD | GPL-2 + +Files: src/drivers/driver_roboswitch.* +Copyright: Copyright (c) 2008 Jouke Witteveen +License: BSD | GPL-2 + +Files: src/l2_packet/l2_packet_freebsd.c +Copyright: Copyright (c) 2003-2005, Jouni Malinen +Copyright: Copyright (c) 2005, Sam Leffler +License: BSD | GPL-2 + +Files: src/drivers/radiotap.c +Copyright: Copyright (c) 2007, Andy Green +License: BSD | GPL-2 + +Files: src/drivers/radiotap.h +Copyright: Copyright (c) 2003-2004, David Young +License: BSD + +Files: wpa_supplicant/ctrl_iface_dbus*, wpa_supplicant/dbus_dict_helpers.* +Copyright: Copyright (c) 2006, Dan Williams and Red Hat, Inc. +License: BSD | GPL-2 + +Files: wpa_supplicant/doc/kerneldoc2doxygen.pl +Copyright: Copyright (c) 2003, Jonathan Foster +Copyright: Copyright (c) 2005, Jouni Malinen +License: GPL-2 + +Files: wpa_supplicant/mlme.* +Copyright: Copyright (c) 2003-2007, Jouni Malinen +Copyright: Copyright (c) 2004, Instant802 Networks, Inc. + (c) 2005-2006, Devicescape Software, Inc. +License: BSD | GPL-2 + +License: GPL-2 + On Debian GNU/Linux systems, the complete text of the GNU General Public + License version 2 can be found in `/usr/share/common-licenses/GPL-2'. + +License: BSD + On Debian GNU/Linux systems, the complete text of the BSD License can be + found in `/usr/share/common-licenses/BSD'. diff --git a/debian/examples/wpa-roam.conf b/debian/examples/wpa-roam.conf new file mode 100644 index 0000000..5bb6d52 --- /dev/null +++ b/debian/examples/wpa-roam.conf @@ -0,0 +1,85 @@ +######################## Debian wpa-roam Template ############################# +# +# Template configuration for wpa-roam mode of Debian's wpasupplicant package. +# wpa-roam mode is described in detail in the wpa_action(8) manpage, and also +# at /usr/share/doc/wpasupplicant/README.modes.gz. Please read these documents +# to get an overview of how to setup this mode. +# +# For a detailed set of configuration examples for different networks, refer to +# /usr/share/doc/wpasupplicant/README.wpa_supplicant.conf.gz +# +# Also see the other files in /usr/share/doc/wpasupplicant/examples/ for +# specific network configuration examples. +# +# Empty lines and lines starting with # are ignored +# +# NOTE! This file may contain password information and should be made readable +# only by root user or netdev group on multiuser systems. +# +######################## Global Configuration Options ######################### +# +# The update_config option can be used to allow wpa_supplicant to overwrite +# configuration file whenever configuration is changed (e.g., new network block +# is added with wpa_cli or wpa_gui, or a password is changed). This is required +# for wpa_cli/wpa_gui to be able to store the configuration changes +# permanently. +# +# NOTE! Any comments will be removed from the configuration file when the +# update_config option is used. +# +#update_config=1 + +# The ctrl_interface specifies the path to a unix socket through which the +# supplicant may be controlled and interacted with. +# +# DIR= Path to UNIX socket control interface, mandatory for wpa-roam mode +# GROUP= Users in this group to control wpa_supplicant via wpa_cli/wpa_gui +# +ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev +# +######################## Network Block Configurations ######################### +# +# Each network is configured as a separate block in this configuration file. +# The network blocks are listed in preference of order, the top most network +# to be found in scan results is used. +# +# By default, all networks will get same priority (0). If some of the networks +# are more desirable, the "priority=" network parameter can be used to change +# the order in which wpa_supplicant goes through the network blocks when +# selecting what network will be used. The priority groups will be iterated +# in decreasing priority, the network with the highest priority value will be +# considered for selection first and the network with the lowest priority value +# will be considered last. +# +# NOTE! The scan_ssid=1 and ap_scan=2 modes ignore the priority field. Instead, +# the networks will be considered in the order specified in this configuration +# file. +# +# The "id_str=" network identifier string parameter is given to wpa_action when +# a network has been selected, and contains this field in its configuration +# block. The given id_str string will be used to select a logical interfaces +# from ifupdown's /etc/network/interfaces file. +# +############################################################################### + +#network={ +# ssid="Example WEP Network" +# key_mgmt=NONE +# wep_key0=6162636465 +# wep_tx_keyidx=0 +# id_str="johns_house" +#} + +#network={ +# ssid="Example WPA Network" +# psk="mysecretpassphrase" +# id_str="home" +#} + +############################################################################### +# Default behaviour is to associate with any open access point, further +# networks can be configured with wpa_cli/wpa_gui. +# +network={ + key_mgmt=NONE +} diff --git a/debian/get-git-snapshot b/debian/get-git-snapshot new file mode 100644 index 0000000..6a2d5d6 --- /dev/null +++ b/debian/get-git-snapshot @@ -0,0 +1,24 @@ +#!/bin/bash -e + +DATE=$(date -u +%Y%m%d) + +TMP=$(mktemp -d -p /tmp wpasupplicant.XXXXX) +trap "{ [[ -d ${TMP} ]] && find ${TMP} -delete; }" exit + +pushd ${TMP} >/dev/null + git clone 'git://w1.fi/srv/git/hostap.git' hostap + + pushd hostap >/dev/null + UPSVER=$(head -n 3 wpa_supplicant/ChangeLog | tail -n 1 | sed 's/^.* - v//') + GITVER=$(git describe --always | sed 's/^.*-//'); + VER=${UPSVER}~git.${DATE}.${GITVER} + + git-archive --format=tar --prefix=wpa_supplicant-${VER}/ HEAD \ + README COPYING patches src wpa_supplicant | + tar --directory=.. -xf - + popd >/dev/null + + tar czf wpasupplicant-${VER}.tar.gz wpa_supplicant-${VER}/ +popd >/dev/null + +cp -v ${TMP}/wpasupplicant-${VER}.tar.gz ${1:-.} diff --git a/debian/ifupdown/action_wpa.sh b/debian/ifupdown/action_wpa.sh new file mode 100644 index 0000000..205ca65 --- /dev/null +++ b/debian/ifupdown/action_wpa.sh @@ -0,0 +1,76 @@ +#!/bin/sh + +# Action script to enable/disable wpa-roam interfaces in reaction to +# pm-action or ifplugd events. +# +# Copyright: Copyright (c) 2008, Kel Modderman +# License: GPL-2 +# + +PATH=/sbin:/usr/sbin:/bin:/usr/bin + +if [ ! -x /sbin/wpa_action ]; then + exit 0 +fi + +SELF=action_wpa +COMMAND= +IFPLUGD_IFACE= + +# pm-action(8) - +# +# On suspend|hibernate, disconnect any wpa-roam managed interfaces, +# reconnect it on resume. + +case "${1}" in + suspend|hibernate) + COMMAND=disconnect + ;; + resume|thaw) + COMMAND=reconnect + ;; +esac + +if [ -z "$COMMAND" ]; then + # ifplugd(8) - + # + # If an ifplugd managed interface is brought up, disconnect any + # wpa-roam managed interfaces so that only one "roaming" interface + # remains active on the system. + + IFPLUGD_IFACE="${1}" + + case "${2}" in + up) + COMMAND=disconnect + ;; + down) + COMMAND=reconnect + ;; + *) + echo "${SELF}: unknown $0 arguments: ${@}" >&2 + exit 1 + ;; + esac +fi + +if [ -z "$COMMAND" ]; then + echo "${SELF}: unknown arguments: ${@}" >&2 + exit 1 +fi + +for CTRL in /var/run/wpa_supplicant/*; do + [ -S "${CTRL}" ] || continue + + IFACE="${CTRL#/var/run/wpa_supplicant/}" + + wpa_action "${IFACE}" check || continue + + if [ "${IFPLUGD_IFACE}" ] && [ "${IFPLUGD_IFACE}" = "${IFACE}" ]; then + # if ifplugd is managing this interface (not likely but..) + # do nothing + continue + fi + + wpa_cli -i "${IFACE}" "${COMMAND}" +done diff --git a/debian/ifupdown/functions.sh b/debian/ifupdown/functions.sh new file mode 100644 index 0000000..6afe402 --- /dev/null +++ b/debian/ifupdown/functions.sh @@ -0,0 +1,1071 @@ +#!/bin/sh + +##################################################################### +## Purpose +# This file contains common shell functions used by scripts of the +# wpasupplicant package to allow ifupdown to manage wpa_supplicant. +# It also contains some functions used by wpa_action(8) that allow +# ifupdown to be managed by wpa_cli(8) action events. +# +# This file is provided by the wpasupplicant package. + +##################################################################### +# Copyright (C) 2006 - 2008 Debian/Ubuntu wpasupplicant Maintainers +# +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# On Debian GNU/Linux systems, the text of the GPL license can be +# found in /usr/share/common-licenses/GPL. + +##################################################################### +## global variables +# wpa_supplicant variables +WPA_SUP_BIN="/sbin/wpa_supplicant" +WPA_SUP_PNAME="wpa_supplicant" +WPA_SUP_PIDFILE="/var/run/wpa_supplicant.${WPA_IFACE}.pid" +WPA_SUP_LOGFILE="/var/log/wpa_supplicant.${WPA_IFACE}.log" + +# wpa_cli variables +WPA_CLI_BIN="/sbin/wpa_cli" +WPA_CLI_PNAME="wpa_cli" +WPA_CLI_PIDFILE="/var/run/wpa_action.${WPA_IFACE}.pid" +WPA_CLI_LOGFILE="/var/log/wpa_action.${WPA_IFACE}.log" +WPA_CLI_TIMESTAMP="/var/run/wpa_action.${WPA_IFACE}.timestamp" +WPA_CLI_IFUPDOWN="/var/run/wpa_action.${WPA_IFACE}.ifupdown" + +# sendsigs omission interface, present in initscripts (>= 2.86.ds1-48) +if [ -d /lib/init/rw/sendsigs.omit.d/ ]; then + # Debian + WPA_SUP_OMIT_PIDFILE="/lib/init/rw/sendsigs.omit.d/wpasupplicant.wpa_supplicant.${WPA_IFACE}.pid" + WPA_CLI_OMIT_PIDFILE="/lib/init/rw/sendsigs.omit.d/wpasupplicant.wpa_action.${WPA_IFACE}.pid" +elif [ -d /var/run/sendsigs.omit.d/ ]; then + # Ubuntu, see https://launchpad.net/bugs/181541 for status + WPA_SUP_OMIT_PIDFILE="/var/run/sendsigs.omit.d/wpasupplicant.wpa_supplicant.${WPA_IFACE}.pid" + WPA_CLI_OMIT_PIDFILE="/var/run/sendsigs.omit.d/wpasupplicant.wpa_action.${WPA_IFACE}.pid" +else + WPA_SUP_OMIT_PIDFILE= + WPA_CLI_OMIT_PIDFILE= +fi + +# default ctrl_interface socket directory +if [ -z "$WPA_CTRL_DIR" ]; then + WPA_CTRL_DIR="/var/run/wpa_supplicant" +fi + +# verbosity variables +if [ -n "$IF_WPA_VERBOSITY" ] || [ "$VERBOSITY" = "1" ]; then + TO_NULL="/dev/stdout" + DAEMON_VERBOSITY="--verbose" +else + TO_NULL="/dev/null" + DAEMON_VERBOSITY="--quiet" +fi + +##################################################################### +## wpa_cli wrapper +# Path to common ctrl_interface socket and iface supplied. +# NB: WPA_CTRL_DIR cannot be used for interactive commands, it is +# set only in the environment that wpa_cli provides when processing +# action events. +# +wpa_cli () { + "$WPA_CLI_BIN" -p "$WPA_CTRL_DIR" -i "$WPA_IFACE" "$@" + + return "$?" +} + +##################################################################### +## verbose and stderr message wrapper +# Ensures a standard and easily identifiable message is printed by +# scripts using this function library. +# +# verbose To stdout when IF_WPA_VERBOSITY or VERBOSITY is true +# +# action Same as verbose but without newline +# Useful for allowing wpa_cli commands to echo result +# value of 'OK' or 'FAILED' +# +# stderr Echo warning or error messages to stderr +# +# NB: when called by wpa_action, there is no redirection (verbose) +# +wpa_msg () { + if [ -n "$WPA_ACTION" ]; then + shift + echo "wpa_action: $@" + return + fi + + case "$1" in + "verbose") + shift + echo "$WPA_SUP_PNAME: $@" >$TO_NULL + ;; + "action") + shift + echo -n "$WPA_SUP_PNAME: $@ -- " >$TO_NULL + ;; + "stderr") + shift + echo "$WPA_SUP_PNAME: $@" >/dev/stderr + ;; + *) + ;; + esac +} + +##################################################################### +## validate daemon pid files +# Test daemon process ID files via start-stop-daemon with a signal 0 +# given the exec binary and pidfile location. +# +# $1 daemon +# $2 pidfile +# +# Returns true when pidfile exists, the process ID exists _and_ was +# created by the exec binary. +# +# If the test fails, but the pidfile exists, it is stale +# +test_daemon_pidfile () { + local DAEMON + local PIDFILE + + if [ -n "$1" ]; then + DAEMON="$1" + fi + + if [ -f "$2" ]; then + PIDFILE="$2" + fi + + if [ -n "$DAEMON" ] && [ -f "$PIDFILE" ]; then + if start-stop-daemon --stop --quiet --signal 0 \ + --exec "$DAEMON" --pidfile "$PIDFILE"; then + return 0 + else + rm -f "$PIDFILE" + return 1 + fi + else + return 1 + fi +} + +# validate wpa_supplicant pidfile +test_wpa_supplicant () { + test_daemon_pidfile "$WPA_SUP_BIN" "$WPA_SUP_PIDFILE" +} + +# validate wpa_cli pidfile +test_wpa_cli () { + test_daemon_pidfile "$WPA_CLI_BIN" "$WPA_CLI_PIDFILE" +} + +##################################################################### +## daemonize wpa_supplicant +# Start wpa_supplicant via start-stop-dameon with all required +# options. Will start if environment variable WPA_SUP_CONF is present +# +# Required options: +# -B dameonize/background process +# -D driver backend ('wext' if none given) +# -P process ID file +# -C path to ctrl_interface socket directory +# +# Optional options: +# -c configuration file +# -W wait for wpa_cli to attach to ctrl_interface socket +# -b bridge interface name +# -f path to log file +# +init_wpa_supplicant () { + [ -n "$WPA_SUP_CONF" ] || return 0 + + local WPA_SUP_OPTIONS + + if [ -n "$WPA_ACTION_SCRIPT" ]; then + if [ -x "$WPA_ACTION_SCRIPT" ]; then + WPA_SUP_OPTIONS="-W -B -P $WPA_SUP_PIDFILE -i $WPA_IFACE" + wpa_msg verbose "wait for wpa_cli to attach" + else + wpa_msg stderr "action script \"$WPA_ACTION_SCRIPT\" not executable" + return 1 + fi + else + WPA_SUP_OPTIONS="-B -P $WPA_SUP_PIDFILE -i $WPA_IFACE" + fi + + if [ -n "$IF_WPA_BRIDGE" ]; then + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -b $IF_WPA_BRIDGE" + wpa_msg verbose "wpa-bridge $IF_WPA_BRIDGE" + fi + + if [ -n "$IF_WPA_DRIVER" ]; then + wpa_msg verbose "wpa-driver $IF_WPA_DRIVER" + case "$IF_WPA_DRIVER" in + hostap|ipw|madwifi|ndiswrapper) + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -D wext" + wpa_msg stderr "\"$IF_WPA_DRIVER\" wpa-driver is unsupported" + wpa_msg stderr "using \"wext\" wpa-driver instead ..." + ;; + *) + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -D $IF_WPA_DRIVER" + ;; + esac + else + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -D wext" + wpa_msg verbose "using default driver type: wpa-driver wext" + fi + + if [ -n "$IF_WPA_DEBUG_LEVEL" ]; then + case "$IF_WPA_DEBUG_LEVEL" in + 3) + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -t -ddd" + ;; + 2) + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -t -dd" + ;; + 1) + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -t -d" + ;; + 0) + # wpa_supplicant default verbosity + ;; + -1) + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -q" + ;; + -2) + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -qq" + ;; + esac + wpa_msg verbose "using debug level: $IF_WPA_DEBUG_LEVEL" + else + # log warnings only by default + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -q" + fi + + if [ -n "$IF_WPA_LOGFILE" ]; then + # custom log file + WPA_SUP_LOGFILE="$IF_WPA_LOGFILE" + wpa_msg verbose "logging to $IF_WPA_LOGFILE" + fi + + if [ -d "${WPA_SUP_LOGFILE%/*}" ]; then + WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -f $WPA_SUP_LOGFILE" + else + wpa_msg stderr "unable to log output to $WPA_SUP_LOGFILE" + fi + + wpa_msg verbose "$WPA_SUP_BIN $WPA_SUP_OPTIONS $WPA_SUP_CONF" + + start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \ + --name $WPA_SUP_PNAME --startas $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE \ + -- $WPA_SUP_OPTIONS $WPA_SUP_CONF + + if [ "$?" -ne 0 ]; then + wpa_msg stderr "$WPA_SUP_BIN daemon failed to start" + return 1 + fi + + if [ -n "$WPA_SUP_OMIT_PIDFILE" ]; then + local WPA_PIDFILE_WAIT + local MAX_WPA_PIDFILE_WAIT + WPA_PIDFILE_WAIT="0" + MAX_WPA_PIDFILE_WAIT="5" + until [ -s "$WPA_SUP_PIDFILE" ]; do + if [ "$WPA_PIDFILE_WAIT" -ge "$MAX_WPA_PIDFILE_WAIT" ]; then + wpa_msg stderr "timed out waiting for creation of $WPA_SUP_PIDFILE" + return 1 + else + wpa_msg verbose "waiting for \"$WPA_SUP_PIDFILE\": " \ + "$WPA_PIDFILE_WAIT (max. $MAX_WPA_PIDFILE_WAIT)" + fi + + WPA_PIDFILE_WAIT=$(($WPA_PIDFILE_WAIT + 1)) + sleep 1 + done + wpa_msg verbose "creating sendsigs omission pidfile: $WPA_SUP_OMIT_PIDFILE" + cat "$WPA_SUP_PIDFILE" > "$WPA_SUP_OMIT_PIDFILE" + else + wpa_msg verbose "sendsigs omission pidfile not created" + fi + + local WPA_SOCKET_WAIT + local MAX_WPA_SOCKET_WAIT + WPA_SOCKET_WAIT="0" + MAX_WPA_SOCKET_WAIT="5" + until [ -S "$WPA_CTRL_DIR/$WPA_IFACE" ]; do + if [ "$WPA_SOCKET_WAIT" -ge "$MAX_WPA_SOCKET_WAIT" ]; then + wpa_msg stderr "ctrl_interface socket not found at $WPA_CTRL_DIR/$WPA_IFACE" + return 1 + else + wpa_msg verbose "waiting for \"$WPA_CTRL_DIR/$WPA_IFACE\": " \ + "$WPA_SOCKET_WAIT (max. $MAX_WPA_SOCKET_WAIT)" + fi + + WPA_SOCKET_WAIT=$(($WPA_SOCKET_WAIT + 1)) + sleep 1 + done + + wpa_msg verbose "ctrl_interface socket located at $WPA_CTRL_DIR/$WPA_IFACE" +} + +##################################################################### +## stop wpa_supplicant process +# Kill wpa_supplicant via start-stop-daemon, given the location of +# the pidfile or ctrl_interface socket path and interface name +# +kill_wpa_supplicant () { + test_wpa_supplicant || return 0 + + wpa_msg verbose "terminating $WPA_SUP_PNAME daemon via pidfile $WPA_SUP_PIDFILE" + + start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \ + --exec $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE + + if [ -f "$WPA_SUP_PIDFILE" ]; then + rm -f "$WPA_SUP_PIDFILE" + fi + + if [ -f "$WPA_SUP_OMIT_PIDFILE" ]; then + wpa_msg verbose "removing $WPA_SUP_OMIT_PIDFILE" + rm -f "$WPA_SUP_OMIT_PIDFILE" + fi +} + +##################################################################### +## reload wpa_supplicant process +# Sending a HUP signal causes wpa_supplicant to reparse its +# configuration file +# +reload_wpa_supplicant () { + if test_wpa_supplicant; then + wpa_msg verbose "reloading wpa_supplicant configuration file via HUP signal" + start-stop-daemon --stop --signal HUP \ + --name "$WPA_SUP_PNAME" --pidfile "$WPA_SUP_PIDFILE" + else + wpa_msg verbose "cannot $WPA_ACTION, $WPA_SUP_PIDFILE does not exist" + fi +} + +##################################################################### +## daemonize wpa_cli and action script +# If environment variable WPA_ACTION_SCRIPT is present, wpa_cli will +# be spawned via start-stop-daemon +# +# Required options: +# -a action script => wpa_action +# -P process ID file +# -B background process +# +init_wpa_cli () { + [ -n "$WPA_ACTION_SCRIPT" ] || return 0 + + local WPA_CLI_OPTIONS + WPA_CLI_OPTIONS="-B -P $WPA_CLI_PIDFILE -i $WPA_IFACE" + + wpa_msg verbose "$WPA_CLI_BIN $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT" + + start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \ + --name $WPA_CLI_PNAME --startas $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE \ + -- $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT + + if [ "$?" -ne 0 ]; then + wpa_msg stderr "$WPA_CLI_BIN daemon failed to start" + return 1 + fi + + if [ -n "$WPA_CLI_OMIT_PIDFILE" ]; then + local WPA_PIDFILE_WAIT + local MAX_WPA_PIDFILE_WAIT + WPA_PIDFILE_WAIT="0" + MAX_WPA_PIDFILE_WAIT="5" + until [ -s "$WPA_CLI_PIDFILE" ]; do + if [ "$WPA_PIDFILE_WAIT" -ge "$MAX_WPA_PIDFILE_WAIT" ]; then + wpa_msg stderr "timed out waiting for creation of $WPA_CLI_PIDFILE" + return 1 + else + wpa_msg verbose "waiting for \"$WPA_CLI_PIDFILE\": " \ + "$WPA_PIDFILE_WAIT (max. $MAX_WPA_PIDFILE_WAIT)" + fi + + WPA_PIDFILE_WAIT=$(($WPA_PIDFILE_WAIT + 1)) + sleep 1 + done + wpa_msg verbose "creating sendsigs omission pidfile: $WPA_CLI_OMIT_PIDFILE" + cat "$WPA_CLI_PIDFILE" > "$WPA_CLI_OMIT_PIDFILE" + else + wpa_msg verbose "sendsigs omission pidfile not created" + fi +} + +##################################################################### +## stop wpa_cli process +# Kill wpa_cli via start-stop-daemon, given the location of the +# pidfile +# +kill_wpa_cli () { + test_wpa_cli || return 0 + + wpa_msg verbose "terminating $WPA_CLI_PNAME daemon via pidfile $WPA_CLI_PIDFILE" + + start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \ + --exec $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE + + if [ -f "$WPA_CLI_PIDFILE" ]; then + rm -f "$WPA_CLI_PIDFILE" + fi + + if [ -f "$WPA_CLI_OMIT_PIDFILE" ]; then + rm -f "$WPA_CLI_OMIT_PIDFILE" + fi + + if [ -f "$WPA_CLI_TIMESTAMP" ]; then + rm -f "$WPA_CLI_TIMESTAMP" + fi + + if [ -L "$WPA_CLI_IFUPDOWN" ]; then + rm -f "$WPA_CLI_IFUPDOWN" + fi +} + +##################################################################### +## higher level wpa_cli wrapper for variable and set_network commands +# wpa_cli_do [set_network variable] +# +# $1 envorinment variable +# $2 data type of variable {raw|ascii} +# $3 wpa_cli variable, if $3 is set_network, shift and take +# set_network subvariable +# $4 wpa-* string as it would appear in interfaces file, enhances +# verbose messages +# +wpa_cli_do () { + if [ -z "$1" ]; then + return 0 + fi + + local WPACLISET_VALUE + local WPACLISET_VARIABLE + local WPACLISET_DESC + + case "$2" in + ascii) + # Double quote + WPACLISET_VALUE="\"$1\"" + ;; + raw|*) + # Provide raw value + WPACLISET_VALUE="$1" + ;; + esac + + case "$3" in + set_network) + if [ -z "$WPA_ID" ]; then + return 1 + fi + shift + WPACLISET_VARIABLE="set_network $WPA_ID $3" + ;; + *) + WPACLISET_VARIABLE="$3" + ;; + esac + + case "$4" in + *-psk|*-passphrase|*-passwd*|*-wep-key*) + WPACLISET_DESC="$4 *****" + ;; + *) + WPACLISET_DESC="$4 $WPACLISET_VALUE" + ;; + esac + + wpa_msg action "$WPACLISET_DESC" + + wpa_cli $WPACLISET_VARIABLE "$WPACLISET_VALUE" >$TO_NULL + + if [ "$?" -ne 0 ]; then + wpa_msg stderr "$WPACLISET_DESC failed!" + fi +} + +##################################################################### +## check value data type in plaintext or hex +# returns 0 if input consists of hexadecimal digits only, 1 otherwise +# +ishex () { + if [ -z "$1" ]; then + return 0 + fi + + case "$1" in + *[!0-9a-fA-F]*) + # plaintext + return 1 + ;; + *) + # hexadecimal + return 0 + ;; + esac +} + +##################################################################### +## sanity check and set psk|passphrase +# Warn about strange psk|passphrase values +# +# $1 psk or passphrase value +# +# If psk is surrounded by quotes strip them. +# +# If psk contains all hexadecimal characters and string length is 64: +# is 256bit hexadecimal +# else: +# is plaintext +# +# plaintext passphrases must be 8 - 63 characters in length +# 256-bit hexadecimal key must be 64 characters in length +# +wpa_key_check_and_set () { + if [ "$#" -ne 3 ]; then + return 0 + fi + + local KEY + local KEY_LEN + local KEY_TYPE + local ENC_TYPE + + case "$1" in + '"'*'"') + # Strip surrounding quotation marks + KEY=$(echo -n "$1" | sed 's/^"//;s/"$//') + ;; + *) + KEY="$1" + ;; + esac + + KEY_LEN="${#KEY}" + + case "$2" in + wep_key*) + ENC_TYPE="WEP" + ;; + psk) + ENC_TYPE="WPA" + ;; + *) + return 0 + ;; + esac + + if [ "$ENC_TYPE" = "WEP" ]; then + if ishex "$KEY"; then + case "$KEY_LEN" in + 10|26|32|58) + # 64/128/152/256-bit WEP + KEY_TYPE="raw" + ;; + *) + KEY_TYPE="ascii" + ;; + esac + else + KEY_TYPE="ascii" + fi + + if [ "$KEY_TYPE" = "ascii" ]; then + if [ "$KEY_LEN" -lt "5" ]; then + wpa_msg stderr "WARNING: plaintext or ascii WEP key has $KEY_LEN characters," + wpa_msg stderr "it must have at least 5 to be valid." + fi + fi + elif [ "$ENC_TYPE" = "WPA" ]; then + if ishex "$KEY"; then + case "$KEY_LEN" in + 64) + # 256-bit WPA + KEY_TYPE="raw" + ;; + *) + KEY_TYPE="ascii" + ;; + esac + else + KEY_TYPE="ascii" + fi + + if [ "$KEY_TYPE" = "ascii" ]; then + if [ "$KEY_LEN" -lt "8" ] || [ "$KEY_LEN" -gt "63" ]; then + wpa_msg stderr "WARNING: plaintext or ascii WPA key has $KEY_LEN characters," + wpa_msg stderr "it must have between 8 and 63 to be valid." + wpa_msg stderr "If the WPA key is a 256-bit hexadecimal key, it must have" + wpa_msg stderr "exactly 64 characters." + fi + fi + fi + + wpa_cli_do "$KEY" "$KEY_TYPE" set_network "$2" "$3" +} + +##################################################################### +## formulate a usable configuration from interfaces(5) wpa- lines +# A series of wpa_cli commands corresponding to environment variables +# created as a result of wpa- lines in an interfaces stanza. +# +# NB: no-act when roaming daemon is used (to avoid prematurely +# attaching to ctrl_interface socket) +# +conf_wpa_supplicant () { + if [ -n "$WPA_ACTION_SCRIPT" ]; then + return 0 + fi + + if [ "$IF_WPA_DRIVER" = "wired" ]; then + IF_WPA_AP_SCAN="0" + wpa_msg verbose "forcing ap_scan=0 (required for wired IEEE8021X auth)" + fi + + if [ -n "$IF_WPA_ESSID" ]; then + # #403316, be similar to wireless tools + IF_WPA_SSID="$IF_WPA_ESSID" + fi + + wpa_cli_do "$IF_WPA_AP_SCAN" raw \ + ap_scan wpa-ap-scan + + wpa_cli_do "$IF_WPA_PREAUTHENTICATE" raw \ + preauthenticate wpa-preauthenticate + + if [ -n "$IF_WPA_SSID" ] || [ "$IF_WPA_DRIVER" = "wired" ] || \ + [ -n "$IF_WPA_KEY_MGMT" ]; then + + case "$IF_WPA_SSID" in + '"'*'"') + IF_WPA_SSID=$(echo -n "$IF_WPA_SSID" | sed 's/^"//;s/"$//') + ;; + *) + ;; + esac + + WPA_ID=$(wpa_cli add_network) + + wpa_msg verbose "configuring network block -- $WPA_ID" + + wpa_cli_do "$IF_WPA_SSID" ascii \ + set_network ssid wpa-ssid + + wpa_cli_do "$IF_WPA_PRIORITY" raw \ + set_network priority wpa-priority + + wpa_cli_do "$IF_WPA_BSSID" raw \ + set_network bssid wpa-bssid + + if [ -s "$IF_WPA_PSK_FILE" ]; then + IF_WPA_PSK=$(cat "$IF_WPA_PSK_FILE") + fi + + # remain compat with wpa-passphrase-file + if [ -s "$IF_WPA_PASSPHRASE_FILE" ]; then + IF_WPA_PSK=$(cat "$IF_WPA_PASSPHRASE_FILE") + fi + + # remain compat with wpa-passphrase + if [ -n "$IF_WPA_PASSPHRASE" ]; then + IF_WPA_PSK="$IF_WPA_PASSPHRASE" + fi + + if [ -n "$IF_WPA_PSK" ]; then + wpa_key_check_and_set "$IF_WPA_PSK" \ + psk wpa-psk + fi + + wpa_cli_do "$IF_WPA_PAIRWISE" raw \ + set_network pairwise wpa-pairwise + + wpa_cli_do "$IF_WPA_GROUP" raw \ + set_network group wpa-group + + wpa_cli_do "$IF_WPA_MODE" raw \ + set_network mode wpa-mode + + wpa_cli_do "$IF_WPA_FREQUENCY" raw \ + set_network frequency wpa-frequency + + wpa_cli_do "$IF_WPA_KEY_MGMT" raw \ + set_network key_mgmt wpa-key-mgmt + + wpa_cli_do "$IF_WPA_PROTO" raw \ + set_network proto wpa-proto + + wpa_cli_do "$IF_WPA_AUTH_ALG" raw \ + set_network auth_alg wpa-auth-alg + + wpa_cli_do "$IF_WPA_SCAN_SSID" raw \ + set_network scan_ssid wpa-scan-ssid + + wpa_cli_do "$IF_WPA_IDENTITY" ascii \ + set_network identity wpa-identity + + wpa_cli_do "$IF_WPA_ANONYMOUS_IDENTITY" ascii \ + set_network anonymous_identity wpa-anonymous-identity + + wpa_cli_do "$IF_WPA_EAP" raw \ + set_network eap wpa-eap + + wpa_cli_do "$IF_WPA_EAPPSK" raw \ + set_network eappsk wpa-eappsk + + wpa_cli_do "$IF_WPA_NAI" ascii \ + set_network nai wpa-nai + + wpa_cli_do "$IF_WPA_PASSWORD" ascii \ + set_network password wpa-password + + wpa_cli_do "$IF_WPA_CA_CERT" ascii \ + set_network ca_cert wpa-ca-cert + + wpa_cli_do "$IF_WPA_CA_PATH" ascii \ + set_network ca_path wpa-ca-path + + wpa_cli_do "$IF_WPA_CLIENT_CERT" ascii \ + set_network client_cert wpa-client-cert + + wpa_cli_do "$IF_WPA_PRIVATE_KEY" ascii \ + set_network private_key wpa-private-key + + wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD" ascii \ + set_network private_key_passwd wpa-private-key-passwd + + wpa_cli_do "$IF_WPA_DH_FILE" ascii \ + set_network dh_file wpa-dh-file + + wpa_cli_do "$IF_WPA_SUBJECT_MATCH" ascii \ + set_network subject_match wpa-subject-match + + wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH" ascii \ + set_network altsubject_match wpa-altsubject-match + + wpa_cli_do "$IF_WPA_CA_CERT2" ascii \ + set_network ca_cert2 wpa-ca-cert2 + + wpa_cli_do "$IF_WPA_CA_PATH2" ascii \ + set_network ca_path2 wpa-ca-path2 + + wpa_cli_do "$IF_WPA_CLIENT_CERT2" ascii \ + set_network client_cert2 wpa-client-cert2 + + wpa_cli_do "$IF_WPA_PRIVATE_KEY2" ascii \ + set_network private_key2 wpa-private-key2 + + wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD2" ascii \ + set_network private_key_passwd2 wpa-private-key-passwd2 + + wpa_cli_do "$IF_WPA_DH_FILE2" ascii \ + set_network dh_file2 wpa-dh-file2 + + wpa_cli_do "$IF_WPA_SUBJECT_MATCH2" ascii \ + set_network subject_match2 wpa-subject-match2 + + wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH2" ascii \ + set_network altsubject_match2 wpa-altsubject-match2 + + wpa_cli_do "$IF_WPA_EAP_METHODS" raw \ + set_network eap_methods wpa-eap-methods + + wpa_cli_do "$IF_WPA_PHASE1" ascii \ + set_network phase1 wpa-phase1 + + wpa_cli_do "$IF_WPA_PHASE2" ascii \ + set_network phase2 wpa-phase2 + + wpa_cli_do "$IF_WPA_PCSC" raw \ + set_network pcsc wpa-pcsc + + wpa_cli_do "$IF_WPA_PIN" ascii \ + set_network pin wpa-pin + + wpa_cli_do "$IF_WPA_ENGINE" raw \ + set_network engine wpa-engine + + wpa_cli_do "$IF_WPA_ENGINE_ID" ascii \ + set_network engine_id wpa-engine-id + + wpa_cli_do "$IF_WPA_KEY_ID" ascii \ + set_network key_id wpa-key-id + + wpa_cli_do "$IF_WPA_EAPOL_FLAGS" raw \ + set_network eapol_flags wpa-eapol-flags + + if [ -n "$IF_WPA_WEP_KEY0" ]; then + wpa_key_check_and_set "$IF_WPA_WEP_KEY0" \ + wep_key0 wpa-wep-key0 + fi + + if [ -n "$IF_WPA_WEP_KEY1" ]; then + wpa_key_check_and_set "$IF_WPA_WEP_KEY1" \ + wep_key1 wpa-wep-key1 + fi + + if [ -n "$IF_WPA_WEP_KEY2" ]; then + wpa_key_check_and_set "$IF_WPA_WEP_KEY2" \ + wep_key2 wpa-wep-key2 + fi + + if [ -n "$IF_WPA_WEP_KEY3" ]; then + wpa_key_check_and_set "$IF_WPA_WEP_KEY3" \ + wep_key3 wpa-wep-key3 + fi + + wpa_cli_do "$IF_WPA_WEP_TX_KEYIDX" raw \ + set_network wep_tx_keyidx wpa-wep-tx-keyidx + + wpa_cli_do "$IF_WPA_PROACTIVE_KEY_CACHING" raw \ + set_network proactive_key_caching wpa-proactive-key-caching + + wpa_cli_do "$IF_WPA_PAC_FILE" ascii \ + set_network pac_file wpa-pac-file + + wpa_cli_do "$IF_WPA_MODE" raw \ + set_network mode wpa-mode + + wpa_cli_do "$IF_WPA_PEERKEY" raw \ + set_network peerkey wpa-peerkey + + wpa_cli_do "$IF_FRAGMENT_SIZE" raw \ + set_network fragment_size wpa-fragment-size + + wpa_cli_do "$IF_WPA_ID_STR" ascii \ + set_network id_str wpa-id-str + + wpa_cli_do "$WPA_ID" raw \ + enable_network "enabling network block" + fi +} + +##################################################################### +## wpa_action basic logging +# Log actions to file +# +wpa_log_init () { + exec >> "$WPA_CLI_LOGFILE" 2>&1 +} + +# log timestamp and wpa_action arguments +wpa_log_action () { + local DATE + + DATE=$(date +"%H:%M:%S %Y-%m-%d") + echo "########## $DATE ##########" + echo "IFACE=$WPA_IFACE ACTION=$WPA_ACTION" +} + +# log wpa_cli environment variables +wpa_log_environment () { + echo "WPA_ID=$WPA_ID WPA_ID_STR=$WPA_ID_STR" + echo "WPA_CTRL_DIR=$WPA_CTRL_DIR" +} + +##################################################################### +## hysteresis checking +# Networking tools such as dhcp clients used with ifupdown can +# synthesize artificial ACTION events, particuarly just after a +# DISCONNECTED/CONNECTED events are experienced in quick succession. +# This can lead to infinite event loops, and in extreme cases has the +# potential to cause system instability. +# +wpa_hysteresis_event () { + local TIME + + TIME=$(date +%s) + echo "$TIME" > "$WPA_CLI_TIMESTAMP" +} + +wpa_hysteresis_check () { + if [ -f "$WPA_CLI_TIMESTAMP" ]; then + local TIME + local TIMESTAMP + local TIMEWAIT + TIME=$(date +%s) + # current time minus 4 second event buffer + TIMEWAIT=$(($TIME-4)) + # get time of last event + TIMESTAMP=$(cat $WPA_CLI_TIMESTAMP) + # compare values, allowing new action to be processed + # only if last action was more than 4 seconds ago + if [ "$TIMEWAIT" -le "$TIMESTAMP" ]; then + echo "Ignoring $WPA_ACTION event, too soon after previous event" + return 1 + fi + fi + + return 0 +} + +##################################################################### +## identify ifupdown files +# Identify ifupdown core files, so that state of the interface can be +# checked. This is the weakest part of the wpa_action roaming scheme, +# it would be _much_ better if stateless ifupdown capabilities were +# a reality. +# +ifupdown_check () { + if [ -e /etc/network/interfaces ]; then + INTERFACES_FILE="/etc/network/interfaces" + else + echo "Cannot locate ifupdown's \"interfaces\" file, $WPA_IFACE will not be configured" + return 1 + fi + + if [ -e /etc/network/run/ifstate ]; then + # debian's ifupdown + IFSTATE_FILE="/etc/network/run/ifstate" + elif [ -e /var/run/network/ifstate ]; then + # ubuntu's + IFSTATE_FILE="/var/run/network/ifstate" + else + echo "Cannot locate ifupdown's \"ifstate\" file, $WPA_IFACE will not be configured" + return 1 + fi + + return 0 +} + +ifupdown_status () { + if grep -s -q "^${WPA_IFACE}=${WPA_LOGICAL_IFACE}" "$IFSTATE_FILE"; then + return 0 + fi + + echo "Interface \"$WPA_IFACE\" failed to establish a connection." + echo "Attempting reassociation..." + return 1 +} + +ifupdown_lock () { + ln -s lock "$WPA_CLI_IFUPDOWN" +} + +ifupdown_locked () { + [ -L "$WPA_CLI_IFUPDOWN" ] && return 0 + + return 1 +} + +ifupdown_unlock () { + rm -f "$WPA_CLI_IFUPDOWN" +} + +##################################################################### +## apply mapping logic and ifup logical interface +# Apply mapping logic via id_str or external mapping script, check +# state of IFACE with respect to ifupdown and ifup logical interaface +# +ifup () { + local WPA_LOGICAL_IFACE + + if [ -z "$IF_WPA_MAPPING_SCRIPT_PRIORITY" ] && [ -n "$WPA_ID_STR" ]; then + WPA_LOGICAL_IFACE="$WPA_ID_STR" + echo "Mapping logical interface via id_str: $WPA_LOGICAL_IFACE" + fi + + if [ -z "$WPA_LOGICAL_IFACE" ] && [ -n "$IF_WPA_MAPPING_SCRIPT" ]; then + echo "Mapping logical interface via wpa-mapping-script: $IF_WPA_MAPPING_SCRIPT" + + local WPA_MAP_STDIN + + WPA_MAP_STDIN=$(set | sed -n 's/^\(IF_WPA_MAP[0-9]*\)=.*/echo \$\1/p') + + if [ -n "$WPA_MAP_STDIN" ]; then + WPA_LOGICAL_IFACE=$(eval "$WPA_MAP_STDIN" | "$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE") + else + WPA_LOGICAL_IFACE=$("$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE") + fi + + if [ -n "$WPA_LOGICAL_IFACE" ]; then + echo "Mapping script result: $WPA_LOGICAL_IFACE" + else + echo "Mapping script failed." + fi + fi + + if [ -z "$WPA_LOGICAL_IFACE" ]; then + if [ -n "$IF_WPA_ROAM_DEFAULT_IFACE" ]; then + WPA_LOGICAL_IFACE="$IF_WPA_ROAM_DEFAULT_IFACE" + echo "Using wpa-roam-default-iface: $WPA_LOGICAL_IFACE" + else + WPA_LOGICAL_IFACE="default" + echo "Using fallback logical interface: $WPA_LOGICAL_IFACE" + fi + fi + + if [ -n "$WPA_LOGICAL_IFACE" ]; then + if egrep -q "^iface[[:space:]]+${WPA_LOGICAL_IFACE}[[:space:]]+inet" "$INTERFACES_FILE"; then + : # logical network is defined + else + echo "No network defined for \"$WPA_LOGICAL_IFACE\" in \"$INTERFACES_FILE\"" + echo "Trying to configure the \"default\" network instead ..." + WPA_LOGICAL_IFACE="default" + fi + + echo "ifup $WPA_IFACE=$WPA_LOGICAL_IFACE" + + ifupdown_lock + + if grep -q "^$WPA_IFACE=$WPA_IFACE" "$IFSTATE_FILE"; then + # Force settings over the unconfigured "master" IFACE + /sbin/ifup -v --force "$WPA_IFACE=$WPA_LOGICAL_IFACE" + else + /sbin/ifup -v "$WPA_IFACE=$WPA_LOGICAL_IFACE" + fi + + ifupdown_unlock + else + echo "No suitable logical interface mapping for ifupdown to configure" + fi +} + +##################################################################### +## ifdown IFACE +# Check IFACE state and ifdown as requested. +# +ifdown () { + if grep -q "^$WPA_IFACE" "$IFSTATE_FILE"; then + ifupdown_lock + + echo "ifdown $WPA_IFACE" + /sbin/ifdown -v "$WPA_IFACE" + + ifupdown_unlock + else + echo "Ignoring request to take \"$WPA_IFACE\" down, it is not up" + fi +} + +##################################################################### +## keep IFACE scanning +# After ifdown, the IFACE may be left "down", and inhibits +# wpa_supplicant's ability to continue roaming. +# +# NB: use iproute if present, flushing the IFACE first +# +if_post_down_up () { + if type ip >/dev/null; then + ip addr flush dev "$WPA_IFACE" 2>/dev/null + ip link set "$WPA_IFACE" up + else + ifconfig "$WPA_IFACE" up + fi +} diff --git a/debian/ifupdown/ifupdown.sh b/debian/ifupdown/ifupdown.sh new file mode 100644 index 0000000..3e38fa0 --- /dev/null +++ b/debian/ifupdown/ifupdown.sh @@ -0,0 +1,172 @@ +#!/bin/sh + +##################################################################### +## Purpose +# This file is executed by ifupdown in pre-up, post-up, pre-down and +# post-down phases of network interface configuration. It allows +# ifup(8), and ifdown(8) to manage wpa_supplicant(8) and wpa_cli(8) +# processes running in daemon mode. +# +# /etc/wpa_supplicant/functions.sh is sourced by this file. +# +# This file is provided by the wpasupplicant package. + +##################################################################### +# Copyright (C) 2006 - 2008 Debian/Ubuntu wpasupplicant Maintainers +# +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# On Debian GNU/Linux systems, the text of the GPL license can be +# found in /usr/share/common-licenses/GPL. + +if [ -n "$IF_WPA_MAINT_DEBUG" ]; then + set -x +fi + +# quit if we're called for the loopback +if [ "$IFACE" = lo ]; then + exit 0 +fi + +# allow wpa_supplicant interface to be specified via wpa-iface +# useful for starting wpa_supplicant on one interface of a bridge +if [ -n "$IF_WPA_IFACE" ]; then + WPA_IFACE="$IF_WPA_IFACE" +else + WPA_IFACE="$IFACE" +fi + +# source functions +if [ -f /etc/wpa_supplicant/functions.sh ]; then + . /etc/wpa_supplicant/functions.sh +else + exit 0 +fi + +# quit if executables are not installed +if [ ! -x "$WPA_SUP_BIN" ] || [ ! -x "$WPA_CLI_BIN" ]; then + exit 0 +fi + +do_start () { + if test_wpa_cli; then + # if wpa_action is active for this IFACE, do nothing + ifupdown_locked && exit 0 + + # if the administrator is calling ifup, say something useful + if [ "$PHASE" = "pre-up" ]; then + wpa_msg stderr "wpa_action is managing ifup/ifdown state of $WPA_IFACE" + wpa_msg stderr "execute \`ifdown --force $WPA_IFACE' to stop wpa_action" + fi + exit 1 + elif ! set | grep -q "^IF_WPA"; then + # no wpa- option defined for IFACE, do nothing + exit 0 + fi + + # ensure stale ifupdown_lock marker is purged + ifupdown_unlock + + # preliminary sanity checks for roaming daemon + if [ -n "$IF_WPA_ROAM" ]; then + if [ "$METHOD" != "manual" ]; then + wpa_msg stderr "wpa-roam can only be used with the \"manual\" inet METHOD" + exit 1 + fi + if [ -n "$IF_WPA_MAPPING_SCRIPT" ]; then + if ! type "$IF_WPA_MAPPING_SCRIPT" >/dev/null; then + wpa_msg stderr "wpa-mapping-script \"$IF_WPA_MAPPING_SCRIPT\" is not valid" + exit 1 + fi + fi + if [ -n "$IF_WPA_MAPPING_SCRIPT_PRIORITY" ] && [ -z "$IF_WPA_MAPPING_SCRIPT" ]; then + wpa_msg stderr "\"wpa-mapping-script-priority 1\" is invalid without a wpa-mapping-script" + exit 1 + fi + IF_WPA_CONF="$IF_WPA_ROAM" + WPA_ACTION_SCRIPT="/sbin/wpa_action" + fi + + # master function; determines if ifupdown.sh should do something or not + if [ -n "$IF_WPA_CONF" ] && [ "$IF_WPA_CONF" != "managed" ]; then + if [ ! -s "$IF_WPA_CONF" ]; then + wpa_msg stderr "cannot read contents of $IF_WPA_CONF" + exit 1 + fi + WPA_SUP_CONF_CTRL_DIR=$(sed -n -e 's/[[:space:]]*#.*//g' -e 's/[[:space:]]\+.*$//g' \ + -e 's/^ctrl_interface=\(DIR=\)\?\(.*\)/\2/p' "$IF_WPA_CONF") + if [ -n "$WPA_SUP_CONF_CTRL_DIR" ]; then + WPA_CTRL_DIR="$WPA_SUP_CONF_CTRL_DIR" + WPA_SUP_CONF="-c $IF_WPA_CONF" + else + # specify the default ctrl_interface since none was defined in + # the given IF_WPA_CONF + WPA_SUP_CONF="-c $IF_WPA_CONF -C $WPA_CTRL_DIR" + fi + else + # specify the default ctrl_interface + WPA_SUP_CONF="-C $WPA_CTRL_DIR" + fi +} + +do_stop () { + if test_wpa_cli; then + # if wpa_action is active for this IFACE and calling ifdown, + # do nothing + ifupdown_locked && exit 0 + elif test_wpa_supplicant; then + # wpa_supplicant process exists for this IFACE, but wpa_cli + # process does not. Allow stop mode to kill this process. + : + else + exit 0 + fi +} + +case "$MODE" in + start) + do_start + case "$PHASE" in + pre-up) + kill_wpa_supplicant + init_wpa_supplicant || exit 1 + conf_wpa_supplicant || { kill_wpa_supplicant; exit 1; } + ;; + post-up) + init_wpa_cli || { kill_wpa_supplicant; exit 1; } + ;; + esac + ;; + + stop) + do_stop + case "$PHASE" in + pre-down) + kill_wpa_cli + ;; + post-down) + kill_wpa_supplicant + ;; + *) + wpa_msg stderr "unknown phase: \"$PHASE\"" + exit 1 + ;; + esac + ;; + + *) + wpa_msg stderr "unknown mode: \"$MODE\"" + exit 1 + ;; +esac + +exit 0 diff --git a/debian/ifupdown/wpa_action.8 b/debian/ifupdown/wpa_action.8 new file mode 100644 index 0000000..e292500 --- /dev/null +++ b/debian/ifupdown/wpa_action.8 @@ -0,0 +1,150 @@ +.TH WPA_ACTION "8" "26 May 2006" "" "" +.SH NAME +wpa_action \- wpa_cli action script +.SH SYNOPSIS +\fBwpa_action\fR \fIIFACE ACTION\fR +.SH "DESCRIPTION" +\fBwpa_action\fR is a shell script designed to control the \fBifupdown\fR +framework according to \fIACTION\fR events received from \fBwpa_supplicant\fR. +\fBwpa_cli\fR receives \fICONNECTED\fR and \fIDISCONNECTED\fR events from +\fBwpa_supplicant\fR via the crtl_iface socket and gives the \fIACTION\fR event +to the \fBwpa_action\fR script as an argument, along with the \fIIFACE\fR to be +acted upon. +.PP +\fBwpa_action\fR also receives an environment variable from \fBwpa_cli\fR, +\fIWPA_ID_STR\fR, containing an alphanumeric identification string for the +\fICURRENT\fR network block. \fIWPA_ID_STR\fR is provided by the 'id_str' +network block option of \fBwpa_supplicant.conf\fR, and provides a means to map +the \fIACTION\fR to a \fILOGICAL\fR interface configured in the \fBinterfaces\fR +file. +.PP +If either the ifupdown \fBinterfaces\fR or \fIifstate\fR file cannot be found, +\fBwpa_action\fR will exit silently (status 0). \fBwpa_action\fR will search +the following locations for their existance: +.nf + /etc/network/run/ifstate + /var/run/network/ifstate + /etc/network/interfaces +.fi +.PP +.SH IFACE +Network interface to be acted upon, for example 'eth1' or 'wlan0'. +.SH ACTION +An \fIACTION\fR to be performed on the \fIIFACE\fR. +.TP +\fBCONNECTED\fR +\fBwpa_supplicant\fR has completed authentication. +\fBifup\fR \fIIFACE=WPA_ID_STR\fR is invoked and the action is logged to +\fI/var/log/wpa_action.IFACE.log\fR. Network settings for the \fILOGICAL\fR +interface \fIWPA_ID_STR\fR are applied. +.TP +\fBDISCONNECTED\fR +\fBwpa_supplicant\fR has detected disconnection. +\fBifdown\fR \fIIFACE=WPA_ID_STR\fR is invoked and the action is logged to +\fI/var/log/wpa_action.log\fR. Network settings for the \fILOGICAL\fR +interface \fIWPA_ID_STR\fR are undone. +.TP +\fBstop\fR +The 'stop' \fIACTION\fR is a called manually by the user, to stop the +\fBwpa_cli\fR daemon, invoke \fBifdown\fR \fIIFACE\fR (if the \fIIFACE\fR is +present in the \fIifstate\fR file) and stop the \fBwpa_supplicant\fR daemon. +The action is logged to \fI/var/log/wpa_action.log\fR. 'down' is a +synonym for 'stop' and can be used equally. +.TP +\fBreload\fR +The 'reload' \fIACTION\fR can be used to reload the \fBwpa_supplicant\fR +configuration file specified by \fIwpa-roam\fR . 'restart' is a synonym +for 'reload' and can be used equally. The action is logged to +\fI/var/log/wpa_action.log\fR. +.SH ENVIRONMENT +An alphanumeric identification string provided by the 'id_str' network block +option of \fBwpa_supplicant.conf\fR is exported to \fBwpa_action\fR as an +environment variable, \fIWPA_ID_STR\fR. When 'id_str' is not configured for the +\fICURRENT\fR network block, 'default' is substituted for the absent +\fIWPA_ID_STR\fR environment variable. +.PP +A unique network identifier, \fIWPA_ID\fR, is exported to \fBwpa_action\fR. It +is the number assigned to the \fICURRENT\fR \fBwpa_supplicant\fR network block +(network_id). +.SH USAGE +The only reasons for \fBwpa_action\fR to be explicitly executed by the user is +to stop \fBwpa_cli\fR from controlling \fBifupdown\fR or reload the +\fIwpa_supplicant.conf\fR file after editing. +.PP +.RS +\fBwpa_action\fR \fIeth1 stop\fR +.RE +.PP +Otherwise, \fBwpa_action\fR is given as an argument to a \fBwpa_cli\fR +daemon. +.PP +.RS +\fBwpa_cli\fR \fI-i eth1 -a /sbin/wpa_action -B\fR +.RE +.PP +This can be done by using the \fIwpa-roam\fR option in the \fBinterfaces\fR +file. \fIwpa-roam\fR takes one argument, a user provided +\fBwpa_supplicant.conf\fR file. +.PP +The inet \fIMETHOD\fR must be 'manual' for this interface, as it will +be configured according to \fBwpa_cli\fR action events. Also supply a 'default' +\fBinterfaces\fR stanza using the dhcp inet \fIMETHOD\fR so that networks +without an 'id_str' option can fallback to attempting to receive an ip via +dhcp. If one or more networks requires additional network configuration, +provide an unique 'id_str' for each network, and an \fBinterfaces\fR stanza +using the 'id_str' value as a \fILOGICAL\fR interface. The following interfaces +file is configured to use dhcp for any network without an 'id_str', a static ip +for the network with an 'id_str' of 'home_static' and dhcp plus an additional +post-up command for the network with an 'id_str' of 'uni'. +.PP +An example wpa_supplicant.conf configured to roam between 3 different networks: +.PP +.RS +.nf +network={ + ssid="foo" + id_str="uni" + key_mgmt=NONE +} + +network={ + ssid="bar" + id_str="home_static" + psk=123456789... +} + +network={ + ssid="" + key_mgmt=NONE +} +.fi +.RE +.PP +The corresponding \fBinterfaces\fR file would contain \fILOGICAL\fR interfaces, +that correlate to each unique 'id_str' provided by the configuration file: +.PP +.RS +.nf +iface eth1 inet manual + wpa-driver wext + wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf + +iface default inet dhcp + +iface uni inet dhcp + +iface home_static inet static + address 192.168.0.20 + netmask 255.255.255.0 + network 192.168.0.0 + broadcast 192.168.0.255 + gateway 192.168.0.1 +.fi +.RE +.PP +.SH SEE ALSO +\fBwpa_cli(8)\fR, \fBwpa_supplicant(8)\fR, \fBwpa_supplicant.conf(5)\fR, +\fBifup(8)\fR, \fBinterfaces(5)\fR +.SH AUTHOR +This manual page was written by Kel Modderman for +the Debian GNU system (but may be used by others). diff --git a/debian/ifupdown/wpa_action.sh b/debian/ifupdown/wpa_action.sh new file mode 100644 index 0000000..08d75e7 --- /dev/null +++ b/debian/ifupdown/wpa_action.sh @@ -0,0 +1,89 @@ +#!/bin/sh + +# Copyright (C) 2006 - 2008 Debian/Ubuntu wpasupplicant Maintainers +# +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# On Debian GNU/Linux systems, the text of the GPL license can be +# found in /usr/share/common-licenses/GPL. + +if [ -n "$IF_WPA_ROAM_MAINT_DEBUG" ]; then + set -x +fi + +if [ -z "$1" ] || [ -z "$2" ]; then + echo "Usage: $0 IFACE ACTION" + exit 1 +fi + +# network interface +WPA_IFACE="$1" +# [CONNECTED|DISCONNECTED|stop|reload|check] +WPA_ACTION="$2" + +if [ -f /etc/wpa_supplicant/functions.sh ]; then + . /etc/wpa_supplicant/functions.sh +else + exit 0 +fi + +case "$WPA_ACTION" in + "CONNECTED") + wpa_log_init + wpa_hysteresis_check || exit 1 + wpa_log_action + wpa_log_environment + ifupdown_check || exit 1 + wpa_hysteresis_event + ifup + wpa_cli status + ifupdown_status || wpa_cli reassociate + ;; + + "DISCONNECTED") + wpa_log_init + wpa_hysteresis_check || exit 1 + wpa_log_action + wpa_log_environment + ifupdown_check || exit 1 + ifdown + if_post_down_up + ;; + + "stop"|"down") + test_wpa_cli && kill_wpa_cli + ifupdown_check || exit 1 + ifdown + test_wpa_supplicant && kill_wpa_supplicant + wpa_log_init + wpa_log_action + ;; + + "restart"|"reload") + test_wpa_supplicant || exit 1 + reload_wpa_supplicant + wpa_log_init + wpa_log_action + ;; + + "check") + test_wpa_supplicant || exit 1 + test_wpa_cli || exit 1 + ;; + + *) + echo "Unknown action: \"$WPA_ACTION\"" + exit 1 + ;; +esac + +exit 0 diff --git a/debian/patches.debian/01_use_pkg-config_for_pcsc-lite_module.patch b/debian/patches.debian/01_use_pkg-config_for_pcsc-lite_module.patch new file mode 100644 index 0000000..5964ad9 --- /dev/null +++ b/debian/patches.debian/01_use_pkg-config_for_pcsc-lite_module.patch @@ -0,0 +1,17 @@ +From: Reinhard Tartler +References: none +Description: Use pkg-config for libpcsclite linkage flags + At least in debian, we can rely on pkg-config being available and + returning more accurate ldflags. + +--- a/wpa_supplicant/Makefile ++++ b/wpa_supplicant/Makefile +@@ -579,7 +579,7 @@ ifdef CONFIG_NATIVE_WINDOWS + #dynamic symbol loading that is now used in pcsc_funcs.c + #LIBS += -lwinscard + else +-LIBS += -lpcsclite -lpthread ++LIBS += $(shell pkg-config --libs libpcsclite) + endif + endif + diff --git a/debian/patches.debian/02_dbus_group_policy.patch b/debian/patches.debian/02_dbus_group_policy.patch new file mode 100644 index 0000000..088353f --- /dev/null +++ b/debian/patches.debian/02_dbus_group_policy.patch @@ -0,0 +1,19 @@ +From: Michael Biebl +Reference: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=15;bug=412179 +Description: Debian does not use pam_console but uses group membership + to control access to D-Bus. Activating both options in the conf file + makes it work on Debian and Ubuntu. + +--- a/wpa_supplicant/dbus-wpa_supplicant.conf ++++ b/wpa_supplicant/dbus-wpa_supplicant.conf +@@ -8,6 +8,10 @@ + + + ++ ++ ++ ++ + + + diff --git a/debian/patches.debian/03_dbus_service_activation_logfile.patch b/debian/patches.debian/03_dbus_service_activation_logfile.patch new file mode 100644 index 0000000..ed2deb8 --- /dev/null +++ b/debian/patches.debian/03_dbus_service_activation_logfile.patch @@ -0,0 +1,14 @@ +From: Kel Modderman +Reference: none +Description: Make diagnostics of wpa_supplicant as dbus service easier + When the supplicant is running as dbus service, make it write to + the /var/log/wpa_supplicant.log file. + +--- a/wpa_supplicant/dbus-wpa_supplicant.service ++++ b/wpa_supplicant/dbus-wpa_supplicant.service +@@ -1,4 +1,4 @@ + [D-BUS Service] + Name=fi.epitest.hostap.WPASupplicant +-Exec=/sbin/wpa_supplicant -u ++Exec=/sbin/wpa_supplicant -u -f /var/log/wpa_supplicant.log + User=root diff --git a/debian/patches.debian/04_append_mmd_to_default_cflags.patch b/debian/patches.debian/04_append_mmd_to_default_cflags.patch new file mode 100644 index 0000000..f974aeb --- /dev/null +++ b/debian/patches.debian/04_append_mmd_to_default_cflags.patch @@ -0,0 +1,22 @@ +From: Kel Modderman +Reference: http://thread.gmane.org/gmane.linux.drivers.hostap/17265 +Description: Cleanup in the build system. + Upstream makes overriding the CFLAGs variable unnecessary hard. This + patch make this more straightforward by moving the flag for dependency + generation out of the initial definition of the CFLAGS variable. It is + appended later then. + +--- a/wpa_supplicant/Makefile ++++ b/wpa_supplicant/Makefile +@@ -3,9 +3,10 @@ CC=gcc + endif + + ifndef CFLAGS +-CFLAGS = -MMD -O2 -Wall -g ++CFLAGS = -O2 -Wall -g + endif + ++CFLAGS += -MMD + CFLAGS += -I../src + CFLAGS += -I../src/crypto + CFLAGS += -I../src/utils diff --git a/debian/patches.debian/05_qmake_version_makefile.patch b/debian/patches.debian/05_qmake_version_makefile.patch new file mode 100644 index 0000000..cc776e4 --- /dev/null +++ b/debian/patches.debian/05_qmake_version_makefile.patch @@ -0,0 +1,25 @@ +From: Kel Modderman +Reference: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463547 +Description: fix FTBFS if both qt3 and qt4 are installed + invoke versioned qmake binary when preparing the Makefile for + wpa_gui/wpa_gui-qt4 or else a failure to build from source can be possible + when more than one QT version is installed. + +--- a/wpa_supplicant/Makefile ++++ b/wpa_supplicant/Makefile +@@ -1107,13 +1107,13 @@ windows-bin: $(WINALL) + $(STRIP) $(WINALL) + + wpa_gui/Makefile: +- qmake -o wpa_gui/Makefile wpa_gui/wpa_gui.pro ++ qmake-qt3 -o wpa_gui/Makefile wpa_gui/wpa_gui.pro + + wpa_gui: wpa_gui/Makefile + $(MAKE) -C wpa_gui + + wpa_gui-qt4/Makefile: +- qmake -o wpa_gui-qt4/Makefile wpa_gui-qt4/wpa_gui.pro ++ qmake-qt4 -o wpa_gui-qt4/Makefile wpa_gui-qt4/wpa_gui.pro + + wpa_gui-qt4: wpa_gui-qt4/Makefile + $(MAKE) -C wpa_gui-qt4 diff --git a/debian/patches.debian/06_wpa_gui_menu_exec_path.patch b/debian/patches.debian/06_wpa_gui_menu_exec_path.patch new file mode 100644 index 0000000..d84f081 --- /dev/null +++ b/debian/patches.debian/06_wpa_gui_menu_exec_path.patch @@ -0,0 +1,14 @@ +Debian specific patch to desktop meny entry, so that we may exec wpa_gui +with best estimated privilege level via /usr/share/netdev_wrapper. +--- +--- a/wpa_supplicant/wpa_gui-qt4/wpa_gui.desktop ++++ b/wpa_supplicant/wpa_gui-qt4/wpa_gui.desktop +@@ -2,7 +2,7 @@ + Version=1.0 + Name=wpa_gui + Comment=Graphical user interface for wpa_supplicant +-Exec=wpa_gui ++Exec=/usr/share/wpagui/netdev_wrapper + Icon=wpa_gui + GenericName=wpa_supplicant user interface + Terminal=false diff --git a/debian/patches.debian/series b/debian/patches.debian/series new file mode 100644 index 0000000..374ba31 --- /dev/null +++ b/debian/patches.debian/series @@ -0,0 +1,6 @@ +01_use_pkg-config_for_pcsc-lite_module.patch +02_dbus_group_policy.patch +03_dbus_service_activation_logfile.patch +04_append_mmd_to_default_cflags.patch +05_qmake_version_makefile.patch +06_wpa_gui_menu_exec_path.patch diff --git a/debian/rules b/debian/rules new file mode 100644 index 0000000..5bb1247 --- /dev/null +++ b/debian/rules @@ -0,0 +1,136 @@ +#!/usr/bin/make -f + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +#include /usr/share/quilt/quilt.make + +WPAGUI = wpa_gui-qt4 + +CFLAGS = -Wall -g +LDFLAGS = -Wl,--as-needed + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif + +DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) + +ifeq ($(DEB_HOST_ARCH_OS),kfreebsd) + CONFIG := debian/config/kfreebsd +else + CONFIG := debian/config/linux +endif + + +build: build-stamp +build-stamp: + dh_testdir + + # wpa_supplicant + cp -v $(CONFIG) wpa_supplicant/.config + CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" $(MAKE) -C wpa_supplicant all + + # wpa_gui + $(MAKE) -C wpa_supplicant + + # manpages + #$(MAKE) -C wpa_supplicant/doc/docbook man + + touch $@ + +clean: + dh_testdir + + $(MAKE) -C wpa_supplicant clean + + if [ -f wpa_supplicant/$(WPAGUI)/Makefile ]; then \ + $(MAKE) -C wpa_supplicant/$(WPAGUI) distclean ; \ + fi + + #$(MAKE) -C wpa_supplicant/doc/docbook clean + + dh_clean wpa_supplicant/.config build-stamp install-stamp + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + dh_install + + # wpa_gui + #dh_install --package=wpagui wpa_supplicant/$(WPAGUI)/wpa_gui usr/sbin/ + #dh_install --package=wpagui wpa_supplicant/$(WPAGUI)/wpa_gui.desktop \ + # usr/share/applications/ + #dh_install --package=wpagui wpa_supplicant/$(WPAGUI)/icons/wpa_gui.svg \ + # usr/share/icons/hicolor/scalable/apps/ + #dh_desktop --package=wpagui + # wpa_gui pixmaps were created with: + # `make -C wpa_supplicant/$(WPAGUI)/icons/' + # Not built as part of package build process due to excess build + # dependencies of inkscape + imagemagick. + #dh_install --package=wpagui debian/wpa_gui/wpa_gui.xpm \ + # usr/share/pixmaps/ + #dh_install --package=wpagui debian/wpa_gui/wpa_gui-16.xpm \ + # usr/share/pixmaps/ + #dh_installmenu --package=wpagui + # wpa_gui menu exec wrapper + #install --mode=755 -D debian/wpa_gui/netdev_wrapper \ + # debian/wpagui/usr/share/wpagui/netdev_wrapper + + # ifupdown + install --mode=755 -D debian/ifupdown/ifupdown.sh \ + debian/wpasupplicant/etc/wpa_supplicant/ifupdown.sh + install --mode=755 -D debian/ifupdown/functions.sh \ + debian/wpasupplicant/etc/wpa_supplicant/functions.sh + install --mode=755 -D debian/ifupdown/action_wpa.sh \ + debian/wpasupplicant/etc/wpa_supplicant/action_wpa.sh + + # wpa_action + install --mode=755 -D debian/ifupdown/wpa_action.sh \ + debian/wpasupplicant/sbin/wpa_action + + # D-Bus + install --mode=644 -D wpa_supplicant/dbus-wpa_supplicant.conf \ + debian/wpasupplicant/etc/dbus-1/system.d/wpa_supplicant.conf + install --mode=644 -D wpa_supplicant/dbus-wpa_supplicant.service \ + debian/wpasupplicant/usr/share/dbus-1/system-services/fi.epitest.hostap.WPASupplicant.service + + # sanitise the example configuration + mkdir -p debian/wpasupplicant/usr/share/doc/wpasupplicant + sed 's/^\([^#]\+=.*\|}\)/#\1/' < wpa_supplicant/wpa_supplicant.conf \ + > debian/wpasupplicant/usr/share/doc/wpasupplicant/README.wpa_supplicant.conf + +# Build architecture-independent files here. +binary-indep: install + +# Build architecture-dependent files here. +binary-arch: install + dh_testdir + dh_testroot + dh_installchangelogs wpa_supplicant/ChangeLog + dh_installdocs + dh_installexamples + dh_installlogrotate --package=wpasupplicant --name=wpa_action + dh_installlogrotate --package=wpasupplicant --name=wpa_supplicant + dh_installinit --package=wpasupplicant --name=wpa-ifupdown --no-start -- start 15 0 6 . + #dh_installman + dh_link + dh_strip + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean install binary-indep binary-arch binary install + +get-git-snapshot: + chmod a+rx debian/$@ + debian/$@ .. diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..7b20972 --- /dev/null +++ b/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://w1.fi/releases/wpa_supplicant-(.*)\.tar\.gz debian uupdate diff --git a/debian/wpa_gui/netdev_wrapper b/debian/wpa_gui/netdev_wrapper new file mode 100644 index 0000000..27904c9 --- /dev/null +++ b/debian/wpa_gui/netdev_wrapper @@ -0,0 +1,24 @@ +#!/bin/sh -e + +# Wrapper script to determine if user is a member of the netdev group or not +# and exec wpa_gui with or without root privileges. +# +# Copyright: Copyright (c) 2008, Kel Modderman +# License: GPL-2 + +WPAGUI=/usr/sbin/wpa_gui + +if id -Gn | grep -q -w netdev; then + # caller is a member of the netdev group, if instructions in + # README.Debian were followed to setup wpa-roam they will find + # wpa_gui quite useful + exec $WPAGUI "$@" +elif which su-to-root >/dev/null; then + # caller is not a member of netdev group, and thus most + # likely requires root for wpa_gui to be useful + exec su-to-root -X -c $WPAGUI "$@" +else + # not a member of netdev group and not able to su-to-root, just + # exec it and hope for the best ... + exec $WPAGUI "$@" +fi diff --git a/debian/wpa_gui/wpa_gui-16.xpm b/debian/wpa_gui/wpa_gui-16.xpm new file mode 100644 index 0000000..d4e25d4 --- /dev/null +++ b/debian/wpa_gui/wpa_gui-16.xpm @@ -0,0 +1,149 @@ +/* XPM */ +static char *__x__[] = { +/* columns rows colors chars-per-pixel */ +"16 16 127 2", +" c black", +". c gray5", +"X c gray8", +"o c #151515", +"O c gray10", +"+ c #1B1B1B", +"@ c #1D1D1D", +"# c #1E1E1E", +"$ c #202020", +"% c gray13", +"& c #222222", +"* c #232323", +"= c gray14", +"- c #252525", +"; c gray15", +": c #272727", +"> c #282828", +", c gray16", +"< c #2A2A2A", +"1 c gray17", +"2 c #2C2C2C", +"3 c #2F2F2F", +"4 c gray19", +"5 c #323232", +"6 c gray20", +"7 c #343434", +"8 c #353535", +"9 c #373737", +"0 c gray22", +"q c gray23", +"w c #3C3C3C", +"e c gray24", +"r c #3E3E3E", +"t c #414141", +"y c gray26", +"u c #434343", +"i c #444444", +"p c gray27", +"a c #464646", +"s c gray28", +"d c #484848", +"f c #494949", +"g c #4B4B4B", +"h c #4C4C4C", +"j c gray30", +"k c #4E4E4E", +"l c gray31", +"z c #505050", +"x c #515151", +"c c gray32", +"v c gray33", +"b c #555555", +"n c gray34", +"m c #585858", +"M c #5A5A5A", +"N c #5B5B5B", +"B c gray36", +"V c gray37", +"C c #5F5F5F", +"Z c #606060", +"A c #626262", +"S c gray39", +"D c gray40", +"F c #676767", +"G c DimGray", +"H c #6C6C6C", +"J c #6D6D6D", +"K c gray43", +"L c #6F6F6F", +"P c #717171", +"I c #747474", +"U c #777777", +"Y c #7B7B7B", +"T c #7C7C7C", +"R c #818181", +"E c gray51", +"W c gray52", +"Q c #898989", +"! c gray55", +"~ c #8D8D8D", +"^ c #9B9B9B", +"/ c gray61", +"( c gray62", +") c gray63", +"_ c #A2A2A2", +"` c gray64", +"' c #A4A4A4", +"] c #A5A5A5", +"[ c gray65", +"{ c #A7A7A7", +"} c #ACACAC", +"| c gray68", +" . c gray69", +".. c #B2B2B2", +"X. c gray70", +"o. c gray71", +"O. c gray72", +"+. c #BBBBBB", +"@. c #BCBCBC", +"#. c gray75", +"$. c #C0C0C0", +"%. c #C3C3C3", +"&. c #C8C8C8", +"*. c gray79", +"=. c gray82", +"-. c #D2D2D2", +";. c LightGray", +":. c gray83", +">. c #E1E1E1", +",. c #E2E2E2", +"<. c #E4E4E4", +"1. c #E6E6E6", +"2. c #EAEAEA", +"3. c #ECECEC", +"4. c gray93", +"5. c #EEEEEE", +"6. c gray95", +"7. c gray96", +"8. c #F6F6F6", +"9. c gray97", +"0. c gray98", +"q. c #FBFBFB", +"w. c gray99", +"e. c #FDFDFD", +"r. c #FEFEFE", +"t. c gray100", +"y. c None", +/* pixels */ +"y.y.e s x z f a f h n S G F y.y.", +"y.9 k n g N ! } | ! C c s l M y.", +"4 e S Z ( 4.t.t.t.t.5.' J M d w ", +"< i v ( r.<.) Q ~ { 1.r.` C - 7 ", +"> 5 G e.=.G ) -.:._ K ;.e.K 1 > ", +"> < O.7.B [ t.3.2.t.{ A 9.@.2 & ", +"; - ,.+.c w.%.m n $.q.m #.<.; # ", +"- & q./ j t.W ^ ^ E t.v ( 0.% + ", +"- % >...6 7.&.< : *.8.7 o.>.% + ", +": % .6.7 I t.S H t.U 8 6. .& + ", +"1 % a w.+.2 l m Y L y #.w.s * + ", +"3 % & E t.] i C K V X.r.R = & O ", +"$ 4 % * G D t v B v T P - * & o ", +"y.r % & * , 0 s h i 8 > * * @ y.", +"y.X 0 q t p d h z c b k u : . y.", +"y.y.y. y.y.y." +}; diff --git a/debian/wpa_gui/wpa_gui.xpm b/debian/wpa_gui/wpa_gui.xpm new file mode 100644 index 0000000..23fc58b --- /dev/null +++ b/debian/wpa_gui/wpa_gui.xpm @@ -0,0 +1,221 @@ +/* XPM */ +static char *__x__[] = { +/* columns rows colors chars-per-pixel */ +"32 32 183 2", +" c black", +". c #060606", +"X c gray3", +"o c #191919", +"O c #1B1B1B", +"+ c #1E1E1E", +"@ c gray12", +"# c #202020", +"$ c gray13", +"% c #222222", +"& c #232323", +"* c gray14", +"= c #252525", +"- c gray15", +"; c #272727", +": c #282828", +"> c gray16", +", c #2A2A2A", +"< c gray17", +"1 c #2C2C2C", +"2 c #2D2D2D", +"3 c gray18", +"4 c #2F2F2F", +"5 c gray19", +"6 c #313131", +"7 c #323232", +"8 c gray20", +"9 c #343434", +"0 c #353535", +"q c gray21", +"w c #373737", +"e c gray22", +"r c #393939", +"t c #3A3A3A", +"y c gray23", +"u c #3C3C3C", +"i c gray24", +"p c #3E3E3E", +"a c #3F3F3F", +"s c gray25", +"d c #414141", +"f c gray26", +"g c #434343", +"h c #444444", +"j c gray27", +"k c #464646", +"l c gray28", +"z c #484848", +"x c #494949", +"c c gray29", +"v c #4B4B4B", +"b c #4C4C4C", +"n c gray30", +"m c #4E4E4E", +"M c gray31", +"N c #505050", +"B c #515151", +"V c gray32", +"C c #535353", +"Z c gray33", +"A c #555555", +"S c #565656", +"D c #585858", +"F c gray35", +"G c #5A5A5A", +"H c #5B5B5B", +"J c gray36", +"K c #5D5D5D", +"L c gray37", +"P c #5F5F5F", +"I c #606060", +"U c gray38", +"Y c #626262", +"T c #646464", +"R c #656565", +"E c gray40", +"W c #676767", +"Q c #686868", +"! c DimGray", +"~ c #6A6A6A", +"^ c gray42", +"/ c #6C6C6C", +"( c #6D6D6D", +") c gray43", +"_ c #6F6F6F", +"` c #717171", +"' c #727272", +"] c gray45", +"[ c #747474", +"{ c gray46", +"} c #767676", +"| c #777777", +" . c gray47", +".. c #797979", +"X. c gray48", +"o. c #7B7B7B", +"O. c #7C7C7C", +"+. c gray49", +"@. c #7E7E7E", +"#. c #7F7F7F", +"$. c #808080", +"%. c #818181", +"&. c gray51", +"*. c #838383", +"=. c gray52", +"-. c gray53", +";. c #888888", +":. c #898989", +">. c gray54", +",. c gray55", +"<. c #8D8D8D", +"1. c #8E8E8E", +"2. c #909090", +"3. c #939393", +"4. c gray58", +"5. c #959595", +"6. c gray59", +"7. c #989898", +"8. c #9A9A9A", +"9. c #9D9D9D", +"0. c gray62", +"q. c #A0A0A0", +"w. c gray63", +"e. c #A2A2A2", +"r. c gray64", +"t. c #A4A4A4", +"y. c #A5A5A5", +"u. c gray66", +"i. c #AAAAAA", +"p. c gray67", +"a. c #ACACAC", +"s. c gray68", +"d. c gray69", +"f. c #B1B1B1", +"g. c #B2B2B2", +"h. c gray71", +"j. c #B6B6B6", +"k. c #B7B7B7", +"l. c #B9B9B9", +"z. c #BBBBBB", +"x. c gray74", +"c. c gray", +"v. c gray75", +"b. c #C0C0C0", +"n. c #C1C1C1", +"m. c #C3C3C3", +"M. c #C6C6C6", +"N. c gray81", +"B. c #D0D0D0", +"V. c gray82", +"C. c #D2D2D2", +"Z. c gray83", +"A. c gray84", +"S. c #D7D7D7", +"D. c #DADADA", +"F. c gray86", +"G. c #DDDDDD", +"H. c gray87", +"J. c #DFDFDF", +"K. c gray88", +"L. c #E1E1E1", +"P. c #E2E2E2", +"I. c gray89", +"U. c #E4E4E4", +"Y. c #E7E7E7", +"T. c gray91", +"R. c #E9E9E9", +"E. c gray92", +"W. c gray93", +"Q. c #EEEEEE", +"!. c gray94", +"~. c #F3F3F3", +"^. c #F4F4F4", +"/. c gray96", +"(. c #F6F6F6", +"). c gray97", +"_. c #F8F8F8", +"`. c #F9F9F9", +"'. c #FBFBFB", +"]. c gray99", +"[. c #FDFDFD", +"{. c gray100", +"}. c None", +/* pixels */ +"}.}.}.}.t i d k b V A D J P Y R ! / _ ' } ..O.#.*.@.' U }.}.}.}.", +"}.}.}.0 e x M B z t 1 : > , , , , , , , > : 1 t z F Y ] E }.}.}.", +"}.}.5 t v k d q 3 8 u g z N F T T F N l s u 0 2 > q h n R J }.}.", +"}.4 3 j j F T T ^ ] | -.k.B.U.(.`.Y.V.z.,.o.} ' ^ U B f l P g }.", +"}.2 y s D U I Q ) O.x._.{.{.{.{.{.{.{.{.`.c.@.` ( Q I m u M l }.", +"}., i p J J Y E 7.).{.{.{.{.{.{.{.{.{.{.{.{./.9.^ E U F 2 d l }.", +"}.= s w Z H P 3.'.{.{.{.T.j.q.<.<.r.l.R.{.{.{.].5.T P G ; 6 h }.", +"}.= w 2 C S <.'.{.{.Q.e.' ] [ { | { [ [ r.W.{.{.'.,.H S 4 # d }.", +"}.- , 6 m K /.{.{.R.{ W ! #.i.n.m.p.$.^ ! } R.{.{._.Y V 8 $ i }.", +"}.; # 9 z u.{.{.E./ K R v.[.{.{.{.{.[.b.Q P _ E.{.{.s.b q $ t }.", +"}.: $ 0 B (.{.{.<.Z H C.{.{.{.{.{.{.{.{.C.K A >.{.{.(.B w $ q }.", +"}.> $ 9 6.{.{.K.c b a.{.{.{.S.t.r.S.{.{.{.p.m n H.{.{.8.w # 8 }.", +"}.< $ 6 h.{.{.2.f C ).{.{.y.n n n n t.{.{./.C j 1.{.{.z.0 # 5 }.", +"}.1 $ = V.{.{.~ u ..{.{.K.j x 0.0.x h J.{.{.+.p ^ {.{.Z.- $ 1 }.", +"}.2 $ $ !.{.{.j 9 4.{.{.p.u $.{.{.$.y i.{.{.5.w x {.{.Q.$ $ > }.", +"}.3 $ % `.{.{.0 2 ,.{.{.g.8 H '.'.H 6 f.{.{.:.5 0 {.{.].& $ = }.", +"}.4 $ $ A.{.{.D * K {.{.Q.7 : u t ; 7 W.{.{.J = D {.{.F.$ $ % }.", +"}.5 $ $ d.{.{.%.= > P.{.{.M.4 > , 7 M.{.{.I.< = *.{.{.f.% $ @ }.", +"}.6 $ $ >.{.{.C.- - ] {.{.{.6.a d 5.{.{.{.] ; - N.{.{.;.% $ + }.", +"}.8 $ % y `.{.{.( - ; 1.{.{.2.S J r.{.{.5.> ; ! {.{.'.a % % + }.", +"}.9 $ % & 0.{.{.L.e ; 5 L #.D ! o.) ,.X.i 5 0 H.{.{.w.& & % + }.", +"}.0 $ % & 9 ^.{.{.D.i 0 d N P ) | _ I N f k S.{.{.~.q & & % + }.", +"}.q $ $ % & } [.{.{.G.h h B P ! ) ! L B B L.{.{.[.{ * & % $ + }.", +"}.w # $ % & * ] ].{.{.#.h m F Y R Y H M 7.{.{.'._ * * & % $ + }.", +"}.e 2 $ $ & & * _ Q.T.A d v Z G J G Z b ~ [.).E = * & & $ $ @ }.", +"}.9 t # $ % % * * : 0 0 p l n B C B n l p a p = * * % % $ @ # }.", +"}.% d 7 # $ % & & * , 7 t s l c b c l s t 7 , * & & % $ # $ o }.", +"}. r j 2 $ $ % & * ; 3 q y s g j g s y 0 < = * & % $ % : % }.", +"}.}.X p m r : $ % % * * = : , 2 2 < > = * * * % % , 4 9 * . }.}.", +"}.}.}. = j B H L Y R Q ^ _ ' { .O.#.&.=.&.o.[ ( V r O }.}.}.", +"}.}.}.}. }.}.}.}.", +"}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}." +}; diff --git a/debian/wpagui.manpages b/debian/wpagui.manpages new file mode 100644 index 0000000..6667f65 --- /dev/null +++ b/debian/wpagui.manpages @@ -0,0 +1 @@ +wpa_supplicant/doc/docbook/wpa_gui.8 diff --git a/debian/wpagui.menu b/debian/wpagui.menu new file mode 100644 index 0000000..c861fdd --- /dev/null +++ b/debian/wpagui.menu @@ -0,0 +1,7 @@ +?package(wpagui): \ + needs="X11" \ + section="Applications/Network/Monitoring" \ + title="wpa_supplicant user interface" \ + icon32x32="/usr/share/pixmaps/wpa_gui.xpm" \ + icon16x16="/usr/share/pixmaps/wpa_gui-16.xpm" \ + command="/usr/share/wpagui/netdev_wrapper" diff --git a/debian/wpasupplicant.docs b/debian/wpasupplicant.docs new file mode 100644 index 0000000..e9c4243 --- /dev/null +++ b/debian/wpasupplicant.docs @@ -0,0 +1 @@ +wpa_supplicant/README diff --git a/debian/wpasupplicant.examples b/debian/wpasupplicant.examples new file mode 100644 index 0000000..47c9f37 --- /dev/null +++ b/debian/wpasupplicant.examples @@ -0,0 +1,2 @@ +wpa_supplicant/examples/*.conf +debian/examples/*.conf diff --git a/debian/wpasupplicant.install b/debian/wpasupplicant.install new file mode 100644 index 0000000..43397c8 --- /dev/null +++ b/debian/wpasupplicant.install @@ -0,0 +1,3 @@ +wpa_supplicant/wpa_cli sbin/ +wpa_supplicant/wpa_passphrase usr/bin/ +wpa_supplicant/wpa_supplicant sbin/ diff --git a/debian/wpasupplicant.links b/debian/wpasupplicant.links new file mode 100644 index 0000000..e6ef311 --- /dev/null +++ b/debian/wpasupplicant.links @@ -0,0 +1,7 @@ +etc/wpa_supplicant/ifupdown.sh etc/network/if-pre-up.d/wpasupplicant +etc/wpa_supplicant/ifupdown.sh etc/network/if-up.d/wpasupplicant +etc/wpa_supplicant/ifupdown.sh etc/network/if-down.d/wpasupplicant +etc/wpa_supplicant/ifupdown.sh etc/network/if-post-down.d/wpasupplicant +etc/wpa_supplicant/action_wpa.sh etc/pm/sleep.d/action_wpa +etc/wpa_supplicant/action_wpa.sh etc/ifplugd/action.d/action_wpa +usr/share/doc/wpasupplicant/README.Debian usr/share/doc/wpasupplicant/README.modes diff --git a/debian/wpasupplicant.manpages b/debian/wpasupplicant.manpages new file mode 100644 index 0000000..97c3489 --- /dev/null +++ b/debian/wpasupplicant.manpages @@ -0,0 +1,6 @@ +debian/ifupdown/wpa_action.8 +wpa_supplicant/doc/docbook/wpa_background.8 +wpa_supplicant/doc/docbook/wpa_cli.8 +wpa_supplicant/doc/docbook/wpa_passphrase.8 +wpa_supplicant/doc/docbook/wpa_supplicant.8 +wpa_supplicant/doc/docbook/wpa_supplicant.conf.5 diff --git a/debian/wpasupplicant.postinst b/debian/wpasupplicant.postinst new file mode 100644 index 0000000..09bf6ac --- /dev/null +++ b/debian/wpasupplicant.postinst @@ -0,0 +1,30 @@ +#!/bin/sh -e +# This script can be called in the following ways: +# +# After the package was installed: +# configure +# +# +# If prerm fails during upgrade or fails on failed upgrade: +# abort-upgrade +# +# If prerm fails during deconfiguration of a package: +# abort-deconfigure in-favour +# removing +# +# If prerm fails during replacement due to conflict: +# abort-remove in-favour + +case "$1" in + configure) + ;; + abort-upgrade|abort-deconfigure|abort-remove) + ;; + *) + echo "$0 called with unknown argument \`$1'" 1>&2 + exit 1 + ;; +esac + +#DEBHELPER# +exit 0 diff --git a/debian/wpasupplicant.postrm b/debian/wpasupplicant.postrm new file mode 100644 index 0000000..76e2fdd --- /dev/null +++ b/debian/wpasupplicant.postrm @@ -0,0 +1,48 @@ +#!/bin/sh -e +# This script can be called in the following ways: +# +# After the package was removed: +# remove +# +# After the package was purged: +# purge +# +# After the package was upgraded: +# upgrade +# if that fails: +# failed-upgrade +# +# +# After all of the packages files have been replaced: +# disappear +# +# +# If preinst fails during install: +# abort-install +# +# If preinst fails during upgrade of removed package: +# abort-install +# +# If preinst fails during upgrade: +# abort-upgrade + +case "$1" in + remove) + ;; + purge) + # Remove logfiles + rm -f /var/log/wpa_action.log* /var/log/wpa_action.*.log* + rm -f /var/log/wpa_supplicant.log* /var/log/wpa_supplicant.*.log* + ;; + upgrade|failed-upgrade|disappear) + ;; + abort-install|abort-upgrade) + ;; + *) + echo "$0 called with unknown argument \`$1'" 1>&2 + exit 1 + ;; +esac + +#DEBHELPER# +exit 0 diff --git a/debian/wpasupplicant.wpa-ifupdown.init b/debian/wpasupplicant.wpa-ifupdown.init new file mode 100644 index 0000000..0509169 --- /dev/null +++ b/debian/wpasupplicant.wpa-ifupdown.init @@ -0,0 +1,88 @@ +#!/bin/sh + +### BEGIN INIT INFO +# Provides: wpa-ifupdown +# Required-Start: $network +# Required-Stop: $network $remote_fs +# Should-Start: +# Should-Stop: +# Default-Start: +# Default-Stop: 0 6 +# Short-Description: Stop wpa_supplicant processes started via ifupdown +# Description: Run ifdown on interfaces authenticated via +# wpa_supplicant. Sendsigs terminates wpa_supplicant +# processes before networking is stopped causing each +# network interface authenticated via a wpa_supplicant +# daemon to be terminated abrubtly. +# Since initscripts package version 2.86.ds1-48 an +# interface exists to omit process id's from sendsigs. If +# this interface is present this script is a no-op. +### END INIT INFO + +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +test -d /var/run || exit 0 + +test -x /sbin/ifdown || exit 0 + +. /lib/lsb/init-functions + +stop_wpa_action () { + test -x /sbin/wpa_action || return 0 + IFACES=$(find /var/run -maxdepth 1 -type f -name 'wpa_action.*.pid' -printf '%P\n' | \ + cut -d'.' -f2 2>/dev/null) + if test -n "$IFACES"; then + log_daemon_msg "Stopping wpa_action roaming interfaces" + for iface in $IFACES; do + log_progress_msg "$iface" + # wpa_action executes /sbin/ifdown + wpa_action "$iface" stop >/dev/null 2>&1 + done + log_end_msg 0 + fi +} + +stop_wpa_supplicant () { + IFACES=$(find /var/run -maxdepth 1 -type f -name 'wpa_supplicant.*.pid' -printf '%P\n' | \ + grep -v wpa_supplicant.dbus.pid | cut -d'.' -f2 2>/dev/null) + if test -n "$IFACES"; then + log_daemon_msg "Stopping wpa_supplicant interfaces" + for iface in $IFACES; do + log_progress_msg "$iface" + ifdown "$iface" >/dev/null 2>&1 + done + log_end_msg 0 + fi +} + +sendsigs_omission_support () { + if [ -d /lib/init/rw/sendsigs.omit.d/ ]; then + # Debian + return 0 + elif [ -d /var/run/sendsigs.omit.d/ ]; then + # Ubuntu, cf. https://bugs.launchpad.net/bugs/181541 + return 0 + fi + + return 1 +} + +case "$1" in + start|restart|force-reload) + # No-op + ;; + stop) + if sendsigs_omission_support; then + stop_wpa_action + else + stop_wpa_action + stop_wpa_supplicant + fi + ;; + *) + echo "Usage: $0 {start|stop|restart|force-reload}" >&2 + exit 3 + ;; +esac + +exit 0 diff --git a/debian/wpasupplicant.wpa_action.logrotate b/debian/wpasupplicant.wpa_action.logrotate new file mode 100644 index 0000000..273e15b --- /dev/null +++ b/debian/wpasupplicant.wpa_action.logrotate @@ -0,0 +1,7 @@ +/var/log/wpa_action.log /var/log/wpa_action.*.log { + rotate 5 + daily + compress + copytruncate + missingok +} diff --git a/debian/wpasupplicant.wpa_supplicant.logrotate b/debian/wpasupplicant.wpa_supplicant.logrotate new file mode 100644 index 0000000..7743c77 --- /dev/null +++ b/debian/wpasupplicant.wpa_supplicant.logrotate @@ -0,0 +1,7 @@ +/var/log/wpa_supplicant.log /var/log/wpa_supplicant.*.log { + rotate 5 + daily + compress + copytruncate + missingok +}