Hello community, here is the log from the commit of package wpa_supplicant for openSUSE:Factory checked in at 2013-04-26 07:47:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/wpa_supplicant (Old) and /work/SRC/openSUSE:Factory/.wpa_supplicant.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wpa_supplicant", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/wpa_supplicant/wpa_supplicant.changes 2012-12-19 14:51:19.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.wpa_supplicant.new/wpa_supplicant.changes 2013-04-26 07:47:11.000000000 +0200 @@ -1,0 +2,259 @@ +Wed Apr 24 03:48:27 UTC 2013 - [email protected] + +- Update to 2.0 + * removed Qt3-based wpa_gui (obsoleted by wpa_qui-qt4) + * removed unmaintained driver wrappers broadcom, iphone, osx, + ralink, hostap, madwifi (hostap and madwifi remain available + for hostapd; their wpa_supplicant functionality is obsoleted + by wext) + * improved debug logging (human readable event names, interface + name included in more entries) + * changed AP mode behavior to enable WPS only for open and + WPA/WPA2-Personal configuration + * improved P2P concurrency operations + - better coordination of concurrent scan and P2P search + operations + - avoid concurrent remain-on-channel operation requests by + canceling previous operations prior to starting a new one + - reject operations that would require multi-channel + concurrency if the driver does not support it + - add parameter to select whether STA or P2P connection is + preferred if the driver cannot support both at the same time + - allow driver to indicate channel changes + - added optional delay=<search delay in milliseconds> parameter + for p2p_find to avoid taking all radio resources + - use 500 ms p2p_find search delay by default during concurrent + operations + - allow all channels in GO Negotiation if the driver supports + multi-channel concurrency + * added number of small changes to make it easier for static + analyzers to understand the implementation + * fixed number of small bugs (see git logs for more details) + * nl80211: number of updates to use new cfg80211/nl80211 + functionality + - replace monitor interface with nl80211 commands for AP mode + - additional information for driver-based AP SME + - STA entry authorization in RSN IBSS + * EAP-pwd: + - fixed KDF for group 21 and zero-padding + - added support for fragmentation + - increased maximum number of hunting-and-pecking iterations + * avoid excessive Probe Response retries for broadcast Probe + Request frames (only with drivers using wpa_supplicant AP mode + SME/MLME) + * added "GET country" ctrl_iface command + * do not save an invalid network block in wpa_supplicant.conf to + avoid problems reading the file on next start + * send STA connected/disconnected ctrl_iface events to both the + P2P group and parent interfaces + * added preliminary support for using TLS v1.2 (CONFIG_TLSV12=y) + * added "SET pno <1/0>" ctrl_iface command to start/stop + preferred network offload with sched_scan driver command + * merged in number of changes from Android repository for P2P, + nl80211, and build parameters + * changed P2P GO mode configuration to use driver capabilities + to automatically enable HT operations when supported + * added "wpa_cli status wps" command to fetch WPA2-Personal + passhrase for WPS use cases in AP mode + * EAP-AKA: keep pseudonym identity across EAP exchanges to match + EAP-SIM behavior + * improved reassociation behavior in cases where association is + rejected or when an AP disconnects us to handle common load + balancing mechanisms + - try to avoid extra scans when the needed information is + available + * added optional "join" argument for p2p_prov_disc ctrl_iface + command + * added group ifname to P2P-PROV-DISC-* events + * added P2P Device Address to AP-STA-DISCONNECTED event and use + p2p_dev_addr parameter name with AP-STA-CONNECTED + * added workarounds for WPS PBC overlap detection for some P2P + use cases where deployed stations work incorrectly + * optimize WPS connection speed by disconnecting prior to WPS + scan and by using single channel scans when AP channel is + known + * PCSC and SIM/USIM improvements: + - accept 0x67 (Wrong length) as a response to READ RECORD to + fix issues with some USIM cards + - try to read MNC length from SIM/USIM + - build realm according to 3GPP TS 23.003 with identity from + the SIM + - allow T1 protocol to be enabled + * added more WPS and P2P information available through D-Bus + * improve P2P negotiation robustness + - extra waits to get ACK frames through + - longer timeouts for cases where deployed devices have been + identified have issues meeting the specification + requirements + - more retries for some P2P frames + - handle race conditions in GO Negotiation start by both + devices + - ignore unexpected GO Negotiation Response frame + * added support for libnl 3.2 and newer + * added P2P persistent group info to P2P_PEER data + * maintain a list of P2P Clients for persistent group on GO + * AP: increased initial group key handshake retransmit timeout to + 500 ms + * added optional dev_id parameter for p2p_find + * added P2P-FIND-STOPPED ctrl_iface event + * fixed issues in WPA/RSN element validation when roaming with + ap_scan=1 and driver-based BSS selection + * do not expire P2P peer entries while connected with the peer in a + group + * fixed WSC element inclusion in cases where P2P is disabled + * AP: added a WPS workaround for mixed mode AP Settings with + Windows 7 + * EAP-SIM: fixed AT_COUNTER_TOO_SMALL use + * EAP-SIM/AKA: append realm to pseudonym identity + * EAP-SIM/AKA: store pseudonym identity in network configuration + to allow it to persist over multiple EAP sessions and + wpa_supplicant restarts + * EAP-AKA': updated to RFC 5448 (username prefixes changed); + note: this breaks interoperability with older versions + * added support for WFA Hotspot 2.0 + - GAS/ANQP to fetch network information + - credential configuration and automatic network selections + based on credential match with ANQP information + * limited PMKSA cache entries to be used only with the network + context that was used to create them + * improved PMKSA cache expiration to avoid unnecessary + disconnections + * adjusted bgscan_simple fast-scan backoff to avoid too frequent + background scans + * removed ctrl_iface event on P2P PD Response in join-group case + * added option to fetch BSS table entry based on P2P Device + Address ("BSS p2p_dev_addr=<P2P Device Address>") + * added BSS entry age to ctrl_iface BSS command output + * added optional MASK=0xH option for ctrl_iface BSS command to + select which fields are included in the response + * added optional RANGE=ALL|N1-N2 option for ctrl_iface BSS + command to fetch information about several BSSes in one call + * simplified licensing terms by selecting the BSD license as the + only alternative + * added "P2P_SET disallow_freq <freq list>" ctrl_iface command + to disable channels from P2P use + * added p2p_pref_chan configuration parameter to allow preferred + P2P channels to be specified + * added support for advertising immediate availability of a WPS + credential for P2P use cases + * optimized scan operations for P2P use cases (use single channel + scan for a specific SSID when possible) + * EAP-TTLS: fixed peer challenge generation for MSCHAPv2 + * SME: do not use reassociation after explicit disconnection + request (local or a notification from an AP) + * added support for sending debug info to Linux tracing (-T on + command line) + * added support for using Deauthentication reason code 3 as an + indication of P2P group termination + * added wps_vendor_ext_m1 configuration parameter to allow + vendor specific attributes to be added to WPS M1 + * started using separate TLS library context for tunneled TLS + (EAP-PEAP/TLS, EAP-TTLS/TLS, EAP-FAST/TLS) to support different + CA certificate configuration between Phase 1 and Phase 2 + * added optional "auto" parameter for p2p_connect to request + automatic GO Negotiation vs. join-a-group selection + * added disabled_scan_offload parameter to disable automatic scan + offloading (sched_scan) + * added optional persistent=<network id> parameter for + p2p_connect to allow forcing of a specific SSID/passphrase for + GO Negotiation + * added support for OBSS scan requests and 20/40 BSS coexistence + reports + * reject PD Request for unknown group + * removed scripts and notes related to Windows binary releases + (which have not been used starting from 1.x) + * added initial support for WNM operations + - Keep-alive based on BSS max idle period + - WNM-Sleep Mode + - minimal BSS Transition Management processing + * added autoscan module to control scanning behavior while not + connected + - autoscan_periodic and autoscan_exponential modules + * added new WPS NFC ctrl_iface mechanism + - added initial support NFC connection handover + - removed obsoleted WPS_OOB command (including support for + deprecated UFD config_method) + * added optional framework for external password storage + ("ext:<name>") + * wpa_cli: added optional support for controlling wpa_supplicant + remotely over UDP (CONFIG_CTRL_IFACE=udp-remote) for testing + purposes + * wpa_cli: extended tab completion to more commands + * changed SSID output to use printf-escaped strings instead of + masking of non-ASCII characters + - SSID can now be configured in the same format: + ssid=P"abc\x00test" + * removed default ACM=1 from AC_VO and AC_VI + * added optional "ht40" argument for P2P ctrl_iface commands to + allow 40 MHz channels to be requested on the 5 GHz band + * added optional parameters for p2p_invite command to specify + channel when reinvoking a persistent group as the GO + * improved FIPS mode builds with OpenSSL + - "make fips" with CONFIG_FIPS=y to build wpa_supplicant with + the OpenSSL FIPS object module + - replace low level OpenSSL AES API calls to use EVP + - use OpenSSL keying material exporter when possible + - do not export TLS keys in FIPS mode + - remove MD5 from CONFIG_FIPS=y builds ++++ 62 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/wpa_supplicant/wpa_supplicant.changes ++++ and /work/SRC/openSUSE:Factory/.wpa_supplicant.new/wpa_supplicant.changes Old: ---- wpa_supplicant-1.1.tar.bz2 wpa_supplicant-libnl3.patch New: ---- wpa_supplicant-2.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wpa_supplicant.spec ++++++ --- /var/tmp/diff_new_pack.EV1bDk/_old 2013-04-26 07:47:14.000000000 +0200 +++ /var/tmp/diff_new_pack.EV1bDk/_new 2013-04-26 07:47:14.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package wpa_supplicant # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -30,12 +30,12 @@ BuildRequires: libnl-devel %endif Url: http://hostap.epitest.fi/wpa_supplicant/ -Version: 1.1 +Version: 2.0 Release: 0 Summary: WPA supplicant implementation License: BSD-3-Clause and GPL-2.0+ Group: Productivity/Networking/Other -Source: http://hostap.epitest.fi/releases/wpa_supplicant-%{version}.tar.bz2 +Source: http://hostap.epitest.fi/releases/wpa_supplicant-%{version}.tar.gz Source1: config Source2: %{name}.conf Source3: fi.epitest.hostap.WPASupplicant.service @@ -49,7 +49,6 @@ # is not portable Patch2: wpa_supplicant-sigusr1-changes-debuglevel.patch Patch3: wpa_supplicant-errormsg.patch -Patch4: wpa_supplicant-libnl3.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: logrotate @@ -89,7 +88,6 @@ %patch1 -p0 %patch2 -p0 %patch3 -p0 -%patch4 -p1 %build cd wpa_supplicant ++++++ config ++++++ --- /var/tmp/diff_new_pack.EV1bDk/_old 2013-04-26 07:47:14.000000000 +0200 +++ /var/tmp/diff_new_pack.EV1bDk/_new 2013-04-26 07:47:14.000000000 +0200 @@ -75,7 +75,7 @@ #CONFIG_DRIVER_IPW=y # Driver interface for Ralink driver -CONFIG_DRIVER_RALINK=y +#CONFIG_DRIVER_RALINK=y # Driver interface for generic Linux wireless extensions # Note: WEXT is deprecated in the current Linux kernel version and no new @@ -204,6 +204,8 @@ # Disable credentials for an open network by default when acting as a WPS # registrar. #CONFIG_WPS_REG_DISABLE_OPEN=y +# Enable WPS support with NFC config method +#CONFIG_WPS_NFC=y # EAP-IKEv2 CONFIG_EAP_IKEV2=y @@ -220,6 +222,9 @@ # Enable this if EAP-SIM or EAP-AKA is included #CONFIG_PCSC=y +# Support HT overrides (disable HT/HT40, mask MCS rates, etc.) +#CONFIG_HT_OVERRIDES=y + # Development testing #CONFIG_EAPOL_TEST=y @@ -227,6 +232,7 @@ # unix = UNIX domain sockets (default for Linux/*BSD) # udp = UDP sockets using localhost (127.0.0.1) # named_pipe = Windows Named Pipe (default for Windows) +# udp-remote = UDP sockets with remote access (only for tests systems/purpose) # y = use default (backwards compatibility) # If this option is commented out, control interface is not included in the # build. @@ -303,6 +309,9 @@ # eloop_none = Empty template #CONFIG_ELOOP=eloop +# Should we use poll instead of select? Select is used by default. +#CONFIG_ELOOP_POLL=y + # Select layer 2 packet implementation # linux = Linux packet socket (default) # pcap = libpcap/libdnet/WinPcap @@ -315,9 +324,7 @@ # PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) CONFIG_PEERKEY=y -# IEEE 802.11w (management frame protection) -# This version is an experimental implementation based on IEEE 802.11w/D1.0 -# draft and is subject to change since the standard has not yet been finalized. +# IEEE 802.11w (management frame protection), also known as PMF # Driver support is also needed for IEEE 802.11w. CONFIG_IEEE80211W=y @@ -335,6 +342,13 @@ # sent prior to negotiating which version will be used) #CONFIG_TLSV11=y +# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2) +# can be enabled to enable use of stronger crypto algorithms. It should be +# noted that some existing TLS v1.0 -based implementation may not be compatible +# with TLS v1.2 message (ClientHello is sent prior to negotiating which version +# will be used) +#CONFIG_TLSV12=y + # If CONFIG_TLS=internal is used, additional library and include paths are # needed for LibTomMath. Alternatively, an integrated, minimal version of # LibTomMath can be used. See beginning of libtommath.c for details on benefits @@ -400,6 +414,12 @@ # Set syslog facility for debug messages #CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON +# Add support for sending all debug messages (regardless of debug verbosity) +# to the Linux kernel tracing facility. This helps debug the entire stack by +# making it easy to record everything happening from the driver up into the +# same file, e.g., using trace-cmd. +#CONFIG_DEBUG_LINUX_TRACING=y + # Enable privilege separation (see README 'Privilege separation' for details) #CONFIG_PRIVSEP=y @@ -459,11 +479,48 @@ # IEEE 802.11n (High Throughput) support (mainly for AP mode) #CONFIG_IEEE80211N=y +# Wireless Network Management (IEEE Std 802.11v-2011) +# Note: This is experimental and not complete implementation. +#CONFIG_WNM=y + # Interworking (IEEE 802.11u) # This can be used to enable functionality to improve interworking with # external networks (GAS/ANQP to learn more about the networks and network # selection based on available credentials). #CONFIG_INTERWORKING=y +# Hotspot 2.0 +#CONFIG_HS20=y + +# AP mode operations with wpa_supplicant +# This can be used for controlling AP mode operations with wpa_supplicant. It +# should be noted that this is mainly aimed at simple cases like +# WPA2-Personal while more complex configurations like WPA2-Enterprise with an +# external RADIUS server can be supported with hostapd. +#CONFIG_AP=y + +# P2P (Wi-Fi Direct) +# This can be used to enable P2P support in wpa_supplicant. See README-P2P for +# more information on P2P operations. +#CONFIG_P2P=y + +# Autoscan +# This can be used to enable automatic scan support in wpa_supplicant. +# See wpa_supplicant.conf for more information on autoscan usage. +# +# Enabling directly a module will enable autoscan support. +# For exponential module: +#CONFIG_AUTOSCAN_EXPONENTIAL=y +# For periodic module: +#CONFIG_AUTOSCAN_PERIODIC=y + +# Password (and passphrase, etc.) backend for external storage +# These optional mechanisms can be used to add support for storing passwords +# and other secrets in external (to wpa_supplicant) location. This allows, for +# example, operating system specific key storage to be used +# +# External password backend for testing purposes (developer use) +#CONFIG_EXT_PASSWORD_TEST=y + # Enable background scan to improve roaming CONFIG_BGSCAN_SIMPLE=y -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
