rpms/wpa_supplicant/devel wpa_supplicant-0.5.7-fix-dynamic-wep-with-mac80211.patch, NONE, 1.1 wpa_supplicant-0.5.7-ignore-dup-ca-cert-addition.patch, NONE, 1.1 wpa_supplicant-0.5.7-use-IW_ENCODE_TEMP.patch, NONE, 1.1 wpa_supplicant-0.5.7-dbus-blobs.patch, 1.1, 1.2 wpa_supplicant.spec, 1.32, 1.33
Daniel Williams (dcbw)
fedora-extras-commits at redhat.com
Tue Nov 13 21:19:48 UTC 2007
- Previous message (by thread): rpms/kernel/F-8 linux-2.6-libata-sata_sis-fix-scr-read.patch, NONE, 1.1 linux-2.6-libata-sata_sis_correct-sg-table-size.patch, NONE, 1.1 kernel.spec, 1.259, 1.260
- Next message (by thread): rpms/moreutils/devel .cvsignore, 1.2, 1.3 moreutils.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dcbw
Update of /cvs/extras/rpms/wpa_supplicant/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31550
Modified Files:
wpa_supplicant-0.5.7-dbus-blobs.patch wpa_supplicant.spec
Added Files:
wpa_supplicant-0.5.7-fix-dynamic-wep-with-mac80211.patch
wpa_supplicant-0.5.7-ignore-dup-ca-cert-addition.patch
wpa_supplicant-0.5.7-use-IW_ENCODE_TEMP.patch
Log Message:
Copy -16 from F-8 branch
wpa_supplicant-0.5.7-fix-dynamic-wep-with-mac80211.patch:
--- NEW FILE wpa_supplicant-0.5.7-fix-dynamic-wep-with-mac80211.patch ---
Backport from 0.6.x branch; apparently this hasn't even landed on
the stable 0.5.x branch yet.
diff -up wpa_supplicant-0.5.7/driver_wext.c.dynamic-wep-mac80211 wpa_supplicant-0.5.7/driver_wext.c
--- wpa_supplicant-0.5.7/driver_wext.c.dynamic-wep-mac80211 2007-10-28 00:57:11.000000000 -0400
+++ wpa_supplicant-0.5.7/driver_wext.c 2007-10-28 00:57:38.000000000 -0400
@@ -1724,6 +1724,7 @@ static int wpa_driver_wext_keymgmt2wext(
{
switch (keymgmt) {
case KEY_MGMT_802_1X:
+ case KEY_MGMT_802_1X_NO_WPA:
return IW_AUTH_KEY_MGMT_802_1X;
case KEY_MGMT_PSK:
return IW_AUTH_KEY_MGMT_PSK;
wpa_supplicant-0.5.7-ignore-dup-ca-cert-addition.patch:
--- NEW FILE wpa_supplicant-0.5.7-ignore-dup-ca-cert-addition.patch ---
diff -up wpa_supplicant-0.5.7/tls_openssl.c.ignore-dup-ca-cert-addition wpa_supplicant-0.5.7/tls_openssl.c
--- wpa_supplicant-0.5.7/tls_openssl.c.ignore-dup-ca-cert-addition 2006-11-29 23:50:28.000000000 -0500
+++ wpa_supplicant-0.5.7/tls_openssl.c 2007-11-13 11:19:30.000000000 -0500
@@ -1105,11 +1105,21 @@ static int tls_connection_ca_cert(void *
}
if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
+ unsigned long err = ERR_peek_error();
+
tls_show_errors(MSG_WARNING, __func__,
"Failed to add ca_cert_blob to "
"certificate store");
- X509_free(cert);
- return -1;
+
+ if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
+ ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE) {
+ wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring "
+ "cert already in hash table error",
+ __func__);
+ } else {
+ X509_free(cert);
+ return -1;
+ }
}
X509_free(cert);
wpa_printf(MSG_DEBUG, "OpenSSL: %s - added ca_cert_blob "
@@ -1259,15 +1269,28 @@ static int tls_connection_client_cert(st
if (client_cert == NULL && client_cert_blob == NULL)
return 0;
- if (client_cert_blob &&
- SSL_use_certificate_ASN1(conn->ssl, (u8 *) client_cert_blob,
+ if (client_cert_blob) {
+ if (SSL_use_certificate_ASN1(conn->ssl, (u8 *) client_cert_blob,
client_cert_blob_len) == 1) {
- wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_ASN1 --> "
- "OK");
- return 0;
- } else if (client_cert_blob) {
- tls_show_errors(MSG_DEBUG, __func__,
- "SSL_use_certificate_ASN1 failed");
+ wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_ASN1"
+ " --> OK");
+ return 0;
+ } else {
+ unsigned long err = ERR_peek_error();
+
+ if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
+ ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE) {
+ wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring "
+ "cert already in hash table error",
+ __func__);
+ wpa_printf(MSG_DEBUG, "OpenSSL: "
+ "SSL_use_certificate_ASN1 --> OK");
+ return 0;
+ }
+
+ tls_show_errors(MSG_DEBUG, __func__,
+ "SSL_use_certificate_ASN1 failed");
+ }
}
if (client_cert == NULL)
@@ -1515,40 +1538,73 @@ static int tls_connection_private_key(vo
while (private_key_blob) {
if (SSL_use_PrivateKey_ASN1(EVP_PKEY_RSA, conn->ssl,
(u8 *) private_key_blob,
- private_key_blob_len) == 1) {
- wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_PrivateKey_"
- "ASN1(EVP_PKEY_RSA) --> OK");
- ok = 1;
- break;
- } else {
+ private_key_blob_len) != 1) {
+ unsigned long err = ERR_peek_error();
+
tls_show_errors(MSG_DEBUG, __func__,
"SSL_use_PrivateKey_ASN1(EVP_PKEY_RSA)"
" failed");
+ if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
+ ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE) {
+ wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring "
+ "cert already in hash table error",
+ __func__);
+ ok = 1;
+ }
+ } else
+ ok = 1;
+
+ if (ok == 1) {
+ wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_PrivateKey_"
+ "ASN1(EVP_PKEY_RSA) --> OK");
+ break;
}
if (SSL_use_PrivateKey_ASN1(EVP_PKEY_DSA, conn->ssl,
(u8 *) private_key_blob,
- private_key_blob_len) == 1) {
- wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_PrivateKey_"
- "ASN1(EVP_PKEY_DSA) --> OK");
- ok = 1;
- break;
- } else {
+ private_key_blob_len) != 1) {
+ unsigned long err = ERR_peek_error();
+
tls_show_errors(MSG_DEBUG, __func__,
"SSL_use_PrivateKey_ASN1(EVP_PKEY_DSA)"
" failed");
+ if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
+ ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE) {
+ wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring "
+ "cert already in hash table error",
+ __func__);
+ ok = 1;
+ }
+ } else
+ ok = 1;
+
+ if (ok == 1) {
+ wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_PrivateKey_"
+ "ASN1(EVP_PKEY_DSA) --> OK");
+ break;
}
if (SSL_use_RSAPrivateKey_ASN1(conn->ssl,
(u8 *) private_key_blob,
- private_key_blob_len) == 1) {
+ private_key_blob_len) != 1) {
+ unsigned long err = ERR_peek_error();
+
+ tls_show_errors(MSG_DEBUG, __func__,
+ "SSL_use_RSAPrivateKey_ASN1 failed");
+ if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
+ ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE) {
+ wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring "
+ "cert already in hash table error",
+ __func__);
+ ok = 1;
+ }
+ } else
+ ok = 1;
+
+ if (ok == 1) {
wpa_printf(MSG_DEBUG, "OpenSSL: "
"SSL_use_RSAPrivateKey_ASN1 --> OK");
- ok = 1;
break;
- } else {
- tls_show_errors(MSG_DEBUG, __func__,
- "SSL_use_RSAPrivateKey_ASN1 failed");
}
if (tls_read_pkcs12_blob(ssl_ctx, conn->ssl, private_key_blob,
wpa_supplicant-0.5.7-use-IW_ENCODE_TEMP.patch:
--- NEW FILE wpa_supplicant-0.5.7-use-IW_ENCODE_TEMP.patch ---
Index: wpa_supplicant-0.4.8/driver_wext.c
===================================================================
--- wpa_supplicant-0.4.8.orig/driver_wext.c 2006-07-13 11:23:05.000000000 +0200
+++ wpa_supplicant-0.4.8/driver_wext.c 2006-07-13 11:23:57.000000000 +0200
@@ -1280,6 +1280,7 @@ static int wpa_driver_wext_set_key_ext(v
memset(&iwr, 0, sizeof(iwr));
strncpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
iwr.u.encoding.flags = key_idx + 1;
+ iwr.u.encoding.flags |= IW_ENCODE_TEMP;
if (alg == WPA_ALG_NONE)
iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
iwr.u.encoding.pointer = (caddr_t) ext;
@@ -1401,6 +1402,7 @@ int wpa_driver_wext_set_key(void *priv,
memset(&iwr, 0, sizeof(iwr));
strncpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
iwr.u.encoding.flags = key_idx + 1;
+ iwr.u.encoding.flags |= IW_ENCODE_TEMP;
if (alg == WPA_ALG_NONE)
iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
iwr.u.encoding.pointer = (caddr_t) key;
@@ -1415,6 +1417,7 @@ int wpa_driver_wext_set_key(void *priv,
memset(&iwr, 0, sizeof(iwr));
strncpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
iwr.u.encoding.flags = key_idx + 1;
+ iwr.u.encoding.flags |= IW_ENCODE_TEMP;
iwr.u.encoding.pointer = (caddr_t) NULL;
iwr.u.encoding.length = 0;
if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
wpa_supplicant-0.5.7-dbus-blobs.patch:
Index: wpa_supplicant-0.5.7-dbus-blobs.patch
===================================================================
RCS file: /cvs/extras/rpms/wpa_supplicant/devel/wpa_supplicant-0.5.7-dbus-blobs.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- wpa_supplicant-0.5.7-dbus-blobs.patch 21 Oct 2007 16:02:20 -0000 1.1
+++ wpa_supplicant-0.5.7-dbus-blobs.patch 13 Nov 2007 21:19:45 -0000 1.2
@@ -17,7 +17,7 @@
index 5e952ec..3ece2fe 100644
--- a/wpa_supplicant/ctrl_iface_dbus_handlers.c
+++ b/wpa_supplicant/ctrl_iface_dbus_handlers.c
-@@ -1203,3 +1203,128 @@ DBusMessage * wpas_dbus_iface_get_state(DBusMessage *message,
+@@ -1203,3 +1203,129 @@ DBusMessage * wpas_dbus_iface_get_state(DBusMessage *message,
return reply;
}
@@ -84,6 +84,7 @@
+ }
+
+ blob->name = os_strdup(entry.key);
++ blob->len = entry.array_len;
+ os_memcpy(blob->data, (u8 *) entry.bytearray_value,
+ entry.array_len);
+ if (blob->name == NULL || blob->data == NULL) {
@@ -163,3 +164,23 @@
#endif /* CONFIG_CTRL_IFACE_DBUS */
#endif /* CTRL_IFACE_DBUS_HANDLERS_H */
+diff -up wpa_supplicant-0.5.7/config.c.dbus-blobs wpa_supplicant-0.5.7/config.c
+--- a/wpa_supplicant-0.5.7/config.c.dbus-blobs 2007-10-24 16:41:37.000000000 -0400
++++ b/wpa_supplicant-0.5.7/config.c 2007-10-24 16:41:49.000000000 -0400
+@@ -70,13 +70,14 @@ static char * wpa_config_parse_string(co
+ if (hlen & 1)
+ return NULL;
+ *len = hlen / 2;
+- str = os_malloc(*len);
++ str = os_malloc(*len + 1);
+ if (str == NULL)
+ return NULL;
+ if (hexstr2bin(value, str, *len)) {
+ os_free(str);
+ return NULL;
+ }
++ str[*len] = '\0';
+ return (char *) str;
+ }
+ }
+
Index: wpa_supplicant.spec
===================================================================
RCS file: /cvs/extras/rpms/wpa_supplicant/devel/wpa_supplicant.spec,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- wpa_supplicant.spec 21 Oct 2007 16:02:20 -0000 1.32
+++ wpa_supplicant.spec 13 Nov 2007 21:19:45 -0000 1.33
@@ -2,8 +2,8 @@
Name: wpa_supplicant
Epoch: 1
Version: 0.5.7
-Release: 11%{?dist}
-License: GPLv2
+Release: 16%{?dist}
+License: BSD
Group: System Environment/Base
Source0: http://hostap.epitest.fi/releases/%{name}-%{version}.tar.gz
Source1: %{name}.config
@@ -25,6 +25,9 @@
Patch9: wpa_supplicant-0.5.7-dbus-iface-segfault-fix.patch
Patch10: wpa_supplicant-0.5.7-dbus-blobs.patch
Patch11: wpa_supplicant-0.5.7-dbus-permissions-fix.patch
+Patch12: wpa_supplicant-0.5.7-ignore-dup-ca-cert-addition.patch
+Patch13: wpa_supplicant-0.5.7-fix-dynamic-wep-with-mac80211.patch
+Patch14: wpa_supplicant-0.5.7-use-IW_ENCODE_TEMP.patch
URL: http://w1.fi/wpa_supplicant/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -63,6 +66,9 @@
%patch9 -p1 -b .dbus-iface-segfault-fix
%patch10 -p2 -b .dbus-blobs
%patch11 -p1 -b .dbus-permissions-fix
+%patch12 -p1 -b .ignore-dup-ca-cert-addition
+%patch13 -p1 -b .fix-dynamic-wep-with-mac80211
+%patch14 -p1 -b .use-IW_ENCODE_TEMP
%build
cp %{SOURCE1} ./.config
@@ -148,6 +154,28 @@
%{_bindir}/wpa_gui
%changelog
+* Tue Nov 13 2007 Dan Williams <dcbw at redhat.com> - 0.5.7-16
+- Add IW_ENCODE_TEMP patch for airo driver and Dynamic WEP
+- Fix error in wpa_supplicant-0.5.7-ignore-dup-ca-cert-addition.patch that
+ caused the last error to not be printed
+- Fix wpa_supplicant-0.5.7-ignore-dup-ca-cert-addition.patch to ignore
+ duplicate cert additions for all certs and keys
+- Change license to BSD due to linkage against OpenSSL since there is no
+ OpenSSL exception in the GPLv2 license text that upstream ships
+
+* Sun Oct 28 2007 Dan Williams <dcbw at redhat.com> - 0.5.7-15
+- Fix Dynamic WEP associations with mac80211-based drivers
+
+* Sun Oct 28 2007 Dan Williams <dcbw at redhat.com> - 0.5.7-14
+- Don't error an association on duplicate CA cert additions
+
+* Wed Oct 24 2007 Dan Williams <dcbw at redhat.com> - 0.5.7-13
+- Correctly set the length of blobs added via the D-Bus interface
+
+* Wed Oct 24 2007 Dan Williams <dcbw at redhat.com> - 0.5.7-12
+- Fix conversion of byte arrays to strings by ensuring the buffer is NULL
+ terminated after conversion
+
* Sat Oct 20 2007 Dan Williams <dcbw at redhat.com> - 0.5.7-11
- Add BLOB support to the D-Bus interface
- Fix D-Bus interface permissions so that only root can use the wpa_supplicant
- Previous message (by thread): rpms/kernel/F-8 linux-2.6-libata-sata_sis-fix-scr-read.patch, NONE, 1.1 linux-2.6-libata-sata_sis_correct-sg-table-size.patch, NONE, 1.1 kernel.spec, 1.259, 1.260
- Next message (by thread): rpms/moreutils/devel .cvsignore, 1.2, 1.3 moreutils.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list