Bug#700870: [pkg-wpa-devel] Bug#700870: building eapol_test
Dear Stefan, Thanks for the prompt reply! I have been able to build the packages using the method outlined below for v2.3, v2.4, v2.5 and hostapd master (52844d6d at the time of writing) and they all build fine. Also, I observe that since October 2015 [0], cloning the http://w1.fi/hostap.git repository and building eapol_test [1] has been part of the continuous integration of the FreeRADIUS project. As the FreeRADIUS continuous integration tests typically run several times a day [2], this would imply that there has been a period of stability recently and also presumably that the FreeRADIUS project has an interest in ensuring that this remains the case. Christopher [0] http://lists.freeradius.org/pipermail/freeradius-devel/2015-October/011322.html [1] https://github.com/FreeRADIUS/freeradius-server/blob/v3.1.x/scripts/travis/eapol_test-build.sh [2] https://travis-ci.org/FreeRADIUS/freeradius-server/builds Package Building Method: git clone git://w1.fi/hostap.git cd hostap/ cp -r ../pkg-wpa/wpa/trunk/debian ./ wget -O eapoltest.patch " https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;filename=eapoltest.patch;bug=700870;msg=35 " patch -p1 < eapoltest.patch rm eapoltest.patch dch --newversion 2.5.52844d6d-1 git archive --format tar --prefix wpa-2.5.52844d6d/ master README COPYING CONTRIBUTIONS src wpa_supplicant hostapd hs20 tests eap_example doc wlantest wpadebug wpaspy radius_example mac80211_hwsim Android.mk build_release | xz -c6 > ../wpa_2.5.52844d6d.orig.tar.xz debuild -S (comment out any patches which nolonger apply in debian/patches/series) debuild For X =3,4,5 git checkout hostap_2_X dch --newversion 2.X-1 git archive --format tar --prefix wpa-2.X/ hostap_2_X README COPYING CONTRIBUTIONS src wpa_supplicant hostapd hs20 tests eap_example doc wlantest wpadebug wpaspy radius_example mac80211_hwsim patches Android.mk build_release | xz -c6 > ../wpa_2.X.orig.tar.xz debuild -S debuild
Bug#700870: [pkg-wpa-devel] Bug#700870: building eapol_test
Hi On 2016-03-24, Christopher Hoskin wrote: > Hello, I've been doing some work on the upstream FreeRADIUS 3 Debian > package, with a view to eventually getting it accepted into Debian (Bug > #797181). > > https://github.com/FreeRADIUS/freeradius-server/pulls?q=is%3Apr+author%3Amans0954 > > I'm currently looking at enabling build and autopkgtest tests. Upstream > have some tests which make use of eapol_test. > > If eapol_test isn't available on the system, the upstream script clones the > upstream hostap repository and builds it. This isn't appropriate for a > Debian package. Including enough of the hostap source within the FreeRADIUS > Debian package to build eapol_test would not be ideal. > > Therefore, I'd also like to request that Matthew Newton's patch is applied, > so that the proposed eapoltest package can be specified as a build > dependency of FreeRADIUS. The patch appears to apply and build against the > latest wpa source package trunk (on amd64 at least). > > Please, would this be possible? Just a very quick/ short preliminary response, in general I'm not exactly thrilled about adding this -considering my build issues with eapol_test in previous src:wpa versions- but I haven't actually revisited this particular question recently. *If* eapol_test builds with v2.3, v2.4, v2.5 and hostapd HEAD without having to fix bugs in the upstream code (I haven't tested this yet), I could be convinced to add this functionality (well, v2.5 and HEAD would be more important than the previous versions) to src:wpa, but if this would still be a 'constant' source for build issues (demonstrating that this isn't actually tested by upstream - last time I looked into it, the build issues were trivial, but quite numerous), I'd tend towards declining this (however, if there'd be an src:wpa co-maintainer who'd take care of this aspect...). Have you checked buildability recently? Regards Stefan Lippers-Hollmann pgpa50bOT3paK.pgp Description: Digitale Signatur von OpenPGP
Bug#700870: [pkg-wpa-devel] Bug#700870: building eapol_test
Control: reassign -1 wpa Control: tags -1 + patch Hi Stefan, On Fri, Feb 21, 2014 at 02:26:30AM +, Stefan Lippers-Hollmann wrote: > On Monday 18 February 2013, Matthew Newton wrote: > > The wpa_supplicant package contains a really useful tool, > > eapol_test. It is not currently packaged, and it would be great if > > this could be. Use of this, for example, often comes up on the > At the moment, as of wpa_supplicant 1.1, this causes too many build > problems, e.g. right now (after fixing the first one), I'm at: ... > I will revisit this once we've switched to wpa 2.1 (very soon), but > won't make any promises yet; an updated and slightly fixed variant of > your patch is attached. I have updated the patch again for the latest source wpa package. This builds cleanly with sbuild on jessie and unstable, and passes lintian checks on both (aside from warnings not from this patch). Is this able to be added now, please? Many thanks! Matthew -- Matthew Newton, Ph.D.Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, diff --git a/debian/config/wpasupplicant/kfreebsd b/debian/config/wpasupplicant/kfreebsd index 8179215..efd4d8a 100644 --- a/debian/config/wpasupplicant/kfreebsd +++ b/debian/config/wpasupplicant/kfreebsd @@ -185,7 +185,7 @@ CONFIG_HT_OVERRIDES=y CONFIG_VHT_OVERRIDES=y # Development testing -#CONFIG_EAPOL_TEST=y +CONFIG_EAPOL_TEST=y # Select control interface backend for external programs, e.g, wpa_cli: # unix = UNIX domain sockets (default for Linux/*BSD) diff --git a/debian/config/wpasupplicant/linux b/debian/config/wpasupplicant/linux index 2224fc3..9018eb5 100644 --- a/debian/config/wpasupplicant/linux +++ b/debian/config/wpasupplicant/linux @@ -185,7 +185,7 @@ CONFIG_HT_OVERRIDES=y CONFIG_VHT_OVERRIDES=y # Development testing -#CONFIG_EAPOL_TEST=y +CONFIG_EAPOL_TEST=y # Select control interface backend for external programs, e.g, wpa_cli: # unix = UNIX domain sockets (default for Linux/*BSD) diff --git a/debian/control b/debian/control index 0ade1ee..e109346 100644 --- a/debian/control +++ b/debian/control @@ -97,3 +97,13 @@ Description: Client support for WPA and WPA2 (IEEE 802.11i) association with IEEE 802.11i networks. . This is a udeb of wpasupplicant for use by the debian-installer. + +Package: eapoltest +Architecture: any +Depends: ${shlibs:Depends}, + ${misc:Depends} +Description: EAPoL testing utility + eapol_test allows testing EAP authentication methods without using + a full 802.1X connection. It is frequently used to test the EAP + configuration of RADIUS systems. It is an administrator tool and not + required for standard 802.1X authentication. diff --git a/debian/eapoltest.install b/debian/eapoltest.install new file mode 100644 index 000..d3fe2c3 --- /dev/null +++ b/debian/eapoltest.install @@ -0,0 +1 @@ +wpa_supplicant/eapol_test usr/bin/ diff --git a/debian/eapoltest.lintian-overrides b/debian/eapoltest.lintian-overrides new file mode 100644 index 000..45ffdbc --- /dev/null +++ b/debian/eapoltest.lintian-overrides @@ -0,0 +1,6 @@ +# We distribute the package under the terms of the BSD license due to the +# openssl issue, tell lintian to not complain: +eapoltest: possible-gpl-code-linked-with-openssl + +# These are numerous and unlikely to be fixed anytime soon, filter them out. +eapoltest: hyphen-used-as-minus-sign diff --git a/debian/eapoltest.manpages b/debian/eapoltest.manpages new file mode 100644 index 000..1c02297 --- /dev/null +++ b/debian/eapoltest.manpages @@ -0,0 +1 @@ +wpa_supplicant/doc/docbook/eapol_test.8 diff --git a/debian/rules b/debian/rules index 478b47e..135ac62 100755 --- a/debian/rules +++ b/debian/rules @@ -64,6 +64,8 @@ override_dh_auto_build: --buildsystem=makefile \ --parallel dh_auto_clean --sourcedirectory=src --buildsystem=makefile + # build eapol_test + $(MAKE) -C wpa_supplicant/ eapol_test override_dh_auto_clean: dh_auto_clean --sourcedirectory=wpa_supplicant/doc/docbook \ @@ -118,6 +120,7 @@ override_dh_installchangelogs: dh_installchangelogs --package=hostapd hostapd/ChangeLog dh_installchangelogs --package=wpasupplicant wpa_supplicant/ChangeLog dh_installchangelogs --package=wpagui wpa_supplicant/ChangeLog + dh_installchangelogs --package=eapoltest wpa_supplicant/ChangeLog override_dh_gencontrol: dh_gencontrol -phostapd -- '-v1:$(VERSION)'
Bug#700870: [pkg-wpa-devel] Bug#700870: building eapol_test
Hi On Monday 18 February 2013, Matthew Newton wrote: [...] The wpa_supplicant package contains a really useful tool, eapol_test. It is not currently packaged, and it would be great if this could be. Use of this, for example, often comes up on the FreeRADIUS mailing list for RADIUS administrators to test their EAP configuration. It's fairly easy to build from source, but our use case has it installed on all our RADIUS servers for system monitoring. In this case, having it packaged would make things much easier to deploy and maintain. It doesn't build by default, and is generally only of interest to administrators, so probably is not worth putting in the wpasupplicant package, although that would be an option. I've created two small patches to the build system (for squeeze/0.6.10-2.1 and unstable/1.0-3) that build eapol_test and create a new 'eapoltest' package. Please would you consider adding this? [...] At the moment, as of wpa_supplicant 1.1, this causes too many build problems, e.g. right now (after fixing the first one), I'm at: cc -c -o ../src/rsn_supp/wpa_ie.o -g -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -MMD -Wall -D_FORTIFY_SOURCE=2 -I../src -I../src/utils -Werror -DEAPOL_TEST -DCONFIG_BACKEND_FILE -DCONFIG_IEEE80211W -DCONFIG_IEEE80211R -DCONFIG_PEERKEY -DCONFIG_IBSS_RSN -DCONFIG_P2P -DCONFIG_INTERWORKING -DCONFIG_DRIVER_WIRED -DCONFIG_DRIVER_NL80211 -DCONFIG_LIBNL20 `pkg-config --cflags libnl-3.0` -DCONFIG_DRIVER_NONE -DCONFIG_DRIVER_WEXT -DCONFIG_WIRELESS_EXTENSION -DEAP_TLS -DEAP_PEAP -DEAP_TTLS -DEAP_MD5 -DEAP_MSCHAPv2 -DEAP_GTC -DEAP_OTP -DEAP_SIM -DEAP_LEAP -DEAP_PSK -DEAP_AKA -DEAP_AKA_PRIME -DEAP_FAST -DEAP_PAX -DEAP_SAKE -DEAP_GPSK -DEAP_GPSK_SHA256 -DEAP_PWD -DCONFIG_WPS2 -DCONFIG_WPS -DEAP_WSC -DCONFIG_WPS_ER -DCONFIG_WPS_UPNP -DCONFIG_WPS_REG_DISABLE_OPEN -DEAP_IKEV2 -DEAP_TNC -DIEEE8021X_EAPOL -DCONFIG_AP -DCONFIG_NO_RADIUS -DCONFIG_NO_ACCOUNTING -DCONFIG_NO_VLAN -DEAP_SERVER -DEAP_SERVER_IDENTITY -DCONFIG_IEEE80211N -DNEED_AP_MLME -DEAP_SERVER_WSC -DCONFIG_NO_RADIUS -DPCSC_FUNCS -I/usr/include/PCSC -DPKCS12_FUNCS -DCONFIG_SMARTCARD -DCONFIG_TLSV11 -DEAP_TLS_OPENSSL -DCONFIG_SHA256 -DALL_DH_GROUPS -DCONFIG_CTRL_IFACE -DCONFIG_CTRL_IFACE_UNIX -DCONFIG_CTRL_IFACE_DBUS -DDBUS_API_SUBJECT_TO_CHANGE -I/usr/include/dbus-1.0 -I/usr/lib/i386-linux-gnu/dbus-1.0/include -DCONFIG_CTRL_IFACE_DBUS_NEW -DCONFIG_CTRL_IFACE_DBUS_INTRO -I/usr/include/dbus-1.0 -I/usr/lib/i386-linux-gnu/dbus-1.0/include -DCONFIG_DBUS -DCONFIG_SME -DCONFIG_DEBUG_SYSLOG -DLOG_HOSTAPD=LOG_DAEMON -DCONFIG_DEBUG_FILE -DCONFIG_DELAYED_MIC_ERROR_REPORT -DCONFIG_BGSCAN_SIMPLE -DCONFIG_BGSCAN -DCONFIG_GAS -DCONFIG_OFFCHANNEL ../src/rsn_supp/wpa_ie.c ../src/utils/wpa_debug.c: In function '_wpa_hexdump': ../src/utils/wpa_debug.c:196:10: error: format '%lu' expects argument of type 'long unsigned int', but argument 4 has type 'size_t' [-Werror=format=] title, len, display); with CONFIG_EAPOL_TEST=y enabled, another problem is the missing manpage for the eapoltest binary. The number of (trivial) build problems however indicates that this build target is barely tested upstream. I will revisit this once we've switched to wpa 2.1 (very soon), but won't make any promises yet; an updated and slightly fixed variant of your patch is attached. Regards Stefan Lippers-Hollmann Index: debian/config/wpasupplicant/kfreebsd === --- debian/config/wpasupplicant/kfreebsd (revision 1858) +++ debian/config/wpasupplicant/kfreebsd (working copy) @@ -223,7 +223,7 @@ CONFIG_PCSC=y # Development testing -#CONFIG_EAPOL_TEST=y +CONFIG_EAPOL_TEST=y # Select control interface backend for external programs, e.g, wpa_cli: # unix = UNIX domain sockets (default for Linux/*BSD) Index: debian/config/wpasupplicant/linux === --- debian/config/wpasupplicant/linux (revision 1858) +++ debian/config/wpasupplicant/linux (working copy) @@ -222,7 +222,7 @@ CONFIG_PCSC=y # Development testing -#CONFIG_EAPOL_TEST=y +CONFIG_EAPOL_TEST=y # Select control interface backend for external programs, e.g, wpa_cli: # unix = UNIX domain sockets (default for Linux/*BSD) Index: debian/control === --- debian/control (revision 1858) +++ debian/control (working copy) @@ -96,3 +96,12 @@ association with IEEE 802.11i networks. . This is a udeb of wpasupplicant for use by the debian-installer. + +Package: eapoltest +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: EAPoL testing utility + eapol_test allows testing EAP authentication methods without using + a full 802.1X connection. It is frequently used to test the EAP + configuration of RADIUS systems. It is an administrator tool and not + required for standard 802.1X