wpa (2:2.6-15) unstable; urgency=medium * Update debian/control: - Update Maintainer field to point to $package@packages.debian.org - Update Vcs-* fields to point to salsa.d.o - Drop no longer active uploaders. -- Andrew Shadura Thu, 28 Dec 2017 11:26:28 +0100 wpa (2:2.6-14) unstable; urgency=medium * Replace the PEM fix patch by Lukasz Siudut with an upstream patch. Thanks to David Benjamin . * Apply patches from Beniamino Galvani: - Fix race condition in detecting MAC address change - Update MAC address when driver detects a change * Disable WNM to resolve a compatibility issue with wl. Thanks to YOSHINO Yoshihito . Hopefully really closes: #833507. -- Andrew Shadura Thu, 28 Dec 2017 09:51:29 +0100 wpa (2:2.6-13) unstable; urgency=medium * Fix a typo in functions.sh (Closes: #883659). -- Andrew Shadura Thu, 07 Dec 2017 18:24:27 +0100 wpa (2:2.6-12) unstable; urgency=medium * Add wl to the blacklist for MAC randomisation. (Closes: #833507) * Blacklist an out-of-tree driver for Realtek RTL8188EU too. -- Andrew Shadura Tue, 05 Dec 2017 12:32:27 +0100 wpa (2:2.6-11) unstable; urgency=medium * Unbreak EAP-TLS. Thanks to Dmitry Borodaenko -- Andrew Shadura Thu, 30 Nov 2017 11:21:43 +0100 wpa (2:2.6-10) unstable; urgency=medium * Mask hostapd every time it has no valid configuration. -- Andrew Shadura Tue, 28 Nov 2017 12:28:13 +0100 wpa (2:2.6-9) unstable; urgency=medium * Tell NetworkManager to not touch MAC addresses on unsupported drivers. Hopefully, this will fix #849077. -- Andrew Shadura Tue, 28 Nov 2017 11:27:52 +0100 wpa (2:2.6-8) unstable; urgency=medium * Revert "Build wpa_supplicant with interface matching support." (Closes: #882716). * Drop override_dh_builddeb. * Use dh 10. * Prevent hostapd from failing on the package install when there isn't a valid configuration file yet (Closes: #882740): - Don't enable hostapd.service by default. - Mask hostapd.service on the first install. -- Andrew Shadura Sun, 26 Nov 2017 19:38:57 +0000 wpa (2:2.6-7) unstable; urgency=medium * Upload to unstable. * Optional AP side workaround for key reinstallation attacks (LP: #1730399). -- Andrew Shadura Fri, 24 Nov 2017 16:29:25 +0000 wpa (2:2.6-6) experimental; urgency=medium [ Reiner Herrmann ] * Port wpa_gui to Qt5 (Closes: #875233). [ Andrew Shadura ] * Add a service file for hostapd. * Build wpa_supplicant with interface matching support (Closes: #879208). [ Benedikt Wildenhain (BO) ] * Install wpa_supplicant-wired@.service (Closes: #871488). [ Jan-Benedict Glaw ] * Consider all ifupdown configuration, not only /etc/network/interfaces (Closes: #853293). -- Andrew Shadura Fri, 24 Nov 2017 16:00:19 +0000 wpa (2:2.6-5) experimental; urgency=medium [ Yves-Alexis Perez ] * Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088): - hostapd: Avoid key reinstallation in FT handshake - Prevent reinstallation of an already in-use group key - Extend protection of GTK/IGTK reinstallation of - Fix TK configuration to the driver in EAPOL-Key 3/4 - Prevent installation of an all-zero TK - Fix PTK rekeying to generate a new ANonce - TDLS: Reject TPK-TK reconfiguration - WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode - WNM: Ignore WNM-Sleep Mode Response without pending - FT: Do not allow multiple Reassociation Response frames - TDLS: Ignore incoming TDLS Setup Response retries -- Andrew Shadura Fri, 20 Oct 2017 15:34:09 +0100 wpa (2:2.6-4) experimental; urgency=medium * Upload to experimental. * Bump the epoch to 2:, as the upload to unstable had to bump epoch. -- Andrew Shadura Fri, 24 Feb 2017 16:45:48 +0100 wpa (2:2.4-1.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088): - hostapd: Avoid key reinstallation in FT handshake - Prevent reinstallation of an already in-use group key - Extend protection of GTK/IGTK reinstallation of - Fix TK configuration to the driver in EAPOL-Key 3/4 - Prevent installation of an all-zero TK - Fix PTK rekeying to generate a new ANonce - TDLS: Reject TPK-TK reconfiguration - WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode - WNM: Ignore WNM-Sleep Mode Response without pending - FT: Do not allow multiple Reassociation Response frames - TDLS: Ignore incoming TDLS Setup Response retries -- Yves-Alexis Perez Mon, 16 Oct 2017 10:28:41 +0200 wpa (2:2.4-1) unstable; urgency=medium [ Vincent Danjean ] * Build with libssl1.0-dev (Closes: #828601). * Add an upstream patch to fix hostapd in SMPS mode (Closes: #854719). [ Andrew Shadura ] * Don't install debian/system-sleep/wpasupplicant (originally introduced to fix LP: #1422143), it doesn't improve the state of the things, introduces regressions in some cases, and at all isn't supposed to work with how wpa-supplicant is started these days (Closes: #835648). * Bump the epoch to 2:, so that we can set the upstream version to what we really mean. It also has to be higher than 2.6 in unstable and 1:2.6 (what hostapd binary package in unstable has). * Drop the binary package epoch override. -- Andrew Shadura Mon, 20 Feb 2017 11:55:11 +0100 wpa (2.6-3) unstable; urgency=medium * Cherry-pick the following patches from the upstream: - WPS: Force BSSID for WPS provisioning step connection - Check for NULL qsort() base pointers - Always propagate scan results to all interfaces - wpa_supplicant: Restore permanent MAC address on reassociation - nl80211: Update channel information after channel switch notification - Extend ieee80211_freq_to_channel_ext() to cover channels 52-64 - Use estimated throughput to avoid signal based roaming decision - Use random MAC address for scanning only in non-connected state -- Andrew Shadura Thu, 26 Jan 2017 17:53:41 +0100 wpa (2.6-2) unstable; urgency=medium * Upload to unstable. * Restore the patch descriptions. * Don't install debian/system-sleep/wpasupplicant (originally introduced to fix LP: #1422143), it doesn't improve the state of the things, introduces regressions in some cases, and at all isn't supposed to work with how wpa-supplicant is started these days. -- Andrew Shadura Tue, 20 Dec 2016 21:50:26 +0100 wpa (2.6-1) experimental; urgency=medium [ Andrew Shadura ] * New upstream version (Closes: #828601, #832034). * Add gbp.conf. [ Julian Wollrath ] * Refresh patches. -- Andrew Shadura Thu, 20 Oct 2016 18:28:10 +0200 wpa (2.5-2+v2.4-3) unstable; urgency=medium [ Helmut Grohne ] * Address FTCBFS: Set PKG_CONFIG (Closes: #836074). [ Andrew Shadura ] * Don't run wpa_cli suspend/resume if /run/wpa_supplicant isn't around (Closes: #835648). -- Andrew Shadura Wed, 14 Sep 2016 11:11:01 +0200 wpa (2.5-2+v2.4-2) unstable; urgency=medium * Apply patches from upstream to unbreak dedicated P2P Device support (closes: #833402). * Reapply an accidentally lost patch to fix pkcs11 OpenSSL engine initialisation (Closes: #827253). * Retroactively redact the last changelog entry to represent the actual upload more accurately. -- Andrew Shadura Tue, 09 Aug 2016 20:11:27 +0200 wpa (2.5-2+v2.4-1) unstable; urgency=medium [ Ricardo Salveti de Araujo ] * debian/patches/dbus-fix-operations-for-p2p-mgmt.patch: fix operations when P2P management interface is used (LP: #1482439) [ Stefan Lippers-Hollmann ] * wpasupplicant: install systemd unit (Closes: #766746). * wpasupplicant: configure driver fallback for networkd. * import changelogs from the security queues. * move previous patch for CVE-2015-1863 into a new subdirectory, debian/patches/2015-1/. * replace the Debian specific patch "wpasupplicant: fix systemd unit dependencies" with a backport of its official upstream change "systemd: Order wpa_supplicant before network.target". * fix dependency odering when invoked with DBus, by making sure that DBus isn't shut down before wpa_supplicant, as that would also bring down wireless links which are still holding open NFS shares. Thanks to Facundo Gaich and Michael Biebl (Closes: #785579). * import NMU changelogs and integrate NMU changes. * Add patches to address CVE-2016-4476 and CVE-2016-4477, thanks to Salvatore Bonaccorso (Closes: #823411): - WPS: Reject a Credential with invalid passphrase - Reject psk parameter set with invalid passphrase character - Remove newlines from wpa_supplicant config network output - Reject SET_CRED commands with newline characters in the string values - Reject SET commands with newline characters in the string values * use --buildsystem=qmake_qt4 (available since dh 8.9.1) for debhelper (Closes: #823171). * fix clean target, by splitting the find call into individual searches. * building wpa in a current unstable chroot using debhelper >= 9.20151219 will introduce automatic dbgsym packages, thereby indirectly providing the requested debug packages for stretch and upwards (Closes: #729934). Don't add a versioned build-dependency in order to avoid unnecessary complications with backports. * change Vcs-Browser location to prefer https, but keep the unsecure tag for Vcs-Svn, as there is no option allowing to pull from the svn+ssh:// location without an alioth account, this only makes lintian partially happy in regards to vcs-field-uses-insecure-uri. * debian/*: fix spelling errors noticed by lintian. * drop the obsolete Debian menu entry for wpa_gui, according to the tech-ctte decision on #741573. * fix debian/get-orig-source for wpa 2.6~. * add debian/watch file for the custom tarball generation. [ Paul Donohue ] * debian/ifupdown/functions.sh: Fix handling for "wpa-roam". Call ifquery instead of directly parsing /run/*/ifstate files to work with current ifupdown. (Closes: #545766, LP: #1545363) [ Martin Pitt ] * Add debian/system-sleep/wpasupplicant: Call wpa_cli suspend/resume before/after suspend, like the pm-utils hook. In some cases this brings back missing Wifi connection after resuming. (LP: #1422143) [ Andrew Shadura ] * Backout 2.5 release, switch to 2.4 (see #833507 for details). * New upstream release (Closes: #806889). * Refresh patches, drop patches applied upstream. * Update Vcs-* to point to Git. -- Andrew Shadura Fri, 05 Aug 2016 20:45:14 +0200 wpa (2.5-2) unstable; urgency=medium * Apply patches from upstream to unbreak dedicated P2P Device support (hopefully closes: #833402). -- Andrew Shadura Thu, 04 Aug 2016 11:17:37 +0300 wpa (2.5-1) unstable; urgency=medium [ Stefan Lippers-Hollmann ] * wpasupplicant: install systemd unit (Closes: #766746). * wpasupplicant: configure driver fallback for networkd. * import changelogs from the security queues. * move previous patch for CVE-2015-1863 into a new subdirectory, debian/patches/2015-1/. * fix dependency ordering when invoked with DBus, by making sure that DBus isn't shut down before wpa_supplicant, as that would also bring down wireless links which are still holding open NFS shares. Thanks to Facundo Gaich and Michael Biebl (Closes: #785579). * import NMU changelogs and integrate NMU changes. * Add patches to address CVE-2016-4476 and CVE-2016-4477, thanks to Salvatore Bonaccorso (Closes: #823411): - WPS: Reject a Credential with invalid passphrase - Reject psk parameter set with invalid passphrase character - Remove newlines from wpa_supplicant config network output - Reject SET_CRED commands with newline characters in the string values - Reject SET commands with newline characters in the string values * use --buildsystem=qmake_qt4 (available since dh 8.9.1) for debhelper (Closes: #823171). * fix clean target, by splitting the find call into individual searches. * building wpa in a current unstable chroot using debhelper >= 9.20151219 will introduce automatic dbgsym packages, thereby indirectly providing the requested debug packages for stretch and upwards (Closes: #729934). Don't add a versioned build-dependency in order to avoid unnecessary complications with backports. * change Vcs-Browser location to prefer https * debian/*: fix spelling errors noticed by lintian. * drop the obsolete Debian menu entry for wpa_gui, according to the tech-ctte decision on #741573. * fix debian/get-orig-source for wpa 2.6~. * add debian/watch file for the custom tarball generation. [ Paul Donohue ] * debian/ifupdown/functions.sh: Fix handling for "wpa-roam". Call ifquery instead of directly parsing /run/*/ifstate files to work with current ifupdown. (Closes: #545766, LP: #1545363) [ Martin Pitt ] * Add debian/system-sleep/wpasupplicant: Call wpa_cli suspend/resume before/after suspend, like the pm-utils hook. In some cases this brings back missing Wifi connection after resuming. (LP: #1422143) [ Andrew Shadura ] * New upstream release (Closes: #806889). * Refresh patches, drop patches applied upstream. * Fix pkcs11 OpenSSL engine initialisation (Closes: #827253). * Update Vcs-* to point to Git. -- Andrew Shadura Sun, 31 Jul 2016 18:05:59 +0300 wpa (2.3-2.4) unstable; urgency=medium * Non-maintainer upload. * Add patches to address CVE-2016-4476 and CVE-2016-4477, thanks to Salvatore Bonaccorso (Closes: #823411): - WPS: Reject a Credential with invalid passphrase - Reject psk parameter set with invalid passphrase character - Remove newlines from wpa_supplicant config network output - Reject SET_CRED commands with newline characters in the string values - Reject SET commands with newline characters in the string values * Refresh patches to apply cleanly. -- Andrew Shadura Thu, 21 Jul 2016 09:01:51 +0200 wpa (2.3-2.3) unstable; urgency=high * Non-maintainer upload. * Add patch to address CVE-2015-5310. CVE-2015-5310: wpa_supplicant unauthorized WNM Sleep Mode GTK control. (Closes: #804707) * Add patches to address CVE-2015-5314 and CVE-2015-5315. CVE-2015-5314: hostapd: EAP-pwd missing last fragment length validation. CVE-2015-5315: wpa_supplicant: EAP-pwd missing last fragment length validation. (Closes: #804708) * Add patch to address CVE-2015-5316. CVE-2015-5316: EAP-pwd peer error path failure on unexpected Confirm message. (Closes: #804710) -- Salvatore Bonaccorso Thu, 12 Nov 2015 20:54:12 +0100 wpa (2.3-2.2) unstable; urgency=high * Non-maintainer upload. * Add patch to address CVE-2015-4141. CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding. (Closes: #787372) * Add patch to address CVE-2015-4142. CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing. (Closes: #787373) * Add patches to address CVE-2015-414{3,4,5,6} CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146: EAP-pwd missing payload length validation. (Closes: #787371) * Add patch to address 2015-5 vulnerability. NFC: Fix payload length validation in NDEF record parser (Closes: #795740) * Thanks to Julian Wollrath for the initial debdiff provided in #787371. -- Salvatore Bonaccorso Sat, 31 Oct 2015 14:13:50 +0100 wpa (2.3-2.1) unstable; urgency=medium * Non-maintainer upload. * Import four patches from upstream git (wpasupplicant_band_selection_*.patch), manually unfuzzed, to improve 2.4/5 GHz band selection. (Closes: #795722) -- Steinar H. Gunderson Sun, 30 Aug 2015 14:47:56 +0200 wpa (2.3-2) unstable; urgency=high * remove Kel Modderman from Uploaders as per his request, many thanks for all past efforts Kel. * fix systemd unit dependencies for wpasupplicant, it needs to be started before the network target (Closes: 780552), many thanks to Michael Biebl for reporting and suggesting the patch. * hostapd: avoid segfault with driver=wired, by merging upstream commit e9b783d58c23a7bb50b2f25bce7157f1f3b5d58b "Fix hostapd operation without hw_mode driver data." * import "P2P: Validate SSID element length before copying it (CVE-2015-1863)" from upstream (Closes: #783148). -- Stefan Lippers-Hollmann Thu, 23 Apr 2015 05:02:21 +0200 wpa (2.3-1) unstable; urgency=medium * New upstream release: - fixed by the new upstream version: + wpa: arbitrary command execution via action scripts (Closes: #765352). wpasupplicant: fixed wpa_cli action script execution to use more robust mechanism (CVE-2014-3686). hostapd: fixed hostapd_cli action script execution to use more robust mechanism (CVE-2014-3686). + wpasupplicant: MAC addressing changing broken after updating to 2.2-1 (Closes: #763775). + drop ap_config_c_fix-typo-for-capabilities, applied upstream. - backport "Include ieee802_11_common.c in wpa_supplicant build unconditionally" from HEAD, to fix a newly introduced FTBS on, at least, kfreebsd. * bump standards version to 3.9.6, no changes necessary. -- Stefan Lippers-Hollmann Tue, 14 Oct 2014 21:29:37 +0200 wpa (2.2-1) unstable; urgency=medium * New upstream release: - import suggested changes from Gerald Turner (see #718651 for details). + disable ACS for hostapd on kfreebsd-any (FTBS). - fixed by the new upstream version: + wpa_supplicant: OpenSSL: tls_connection_handshake - Failed to read (Closes: #561081). + wpasupplicant: new upstream release 2.2 (Closes: #718651). + wpasupplicant: -s option not documented in man page (Closes: #608135). - refresh patches: + drop 13_human_readable_signal.patch, applied upstream. + drop hostapd_fix-WDS-VLAN-bridge-handling.patch, applied upstream. + drop fix-spelling-s-algorith-algorithm.patch, applied upstream. - adapt build configs for hostapd/ wpa_supplicant 2.2: + sync with updated upstream defconfigs. + keep Hotspot 2.0 support disabled for the time being. + hostapd: keep sqlite3 support disabled for the time being. - update debian/copyright manually, the wpa v2 branch was relicensed from (BSD-3-clause || GPL-2) to BSD-3-clause only (for the most part). This doesn't change the licensing state as the BSD-3-clause license is compatible with GPL-2. * drop pre-wheezy /lib/init/rw/sendsigs.omit.d/ migration support, invert the versioned initscripts dependency to a versioned breaks relation. * migrate from /var/run/ to /run/. * adapt get-orig-source for wpa 2.2. * drop version qualifiers for libnl3 build dependencies, as they're fullfilled by wheezy. * drop version qualifiers for the lsb-base build dependency, as they're fullfilled by squeeze. * shorten short description for hostapd. * sort debian/control entries. * make lintian happy (invalid-short-name-in-dep5-copyright bsd) and call it BSD-3-clause. * enable DEBUG_SYSLOG and set DEBUG_SYSLOG_FACILITY=LOG_DAEMON, as requested by Cyril Brulebois to improve logging options for d-i and netcfg (Closes: #761922). * fix various typos around "existence", thanks to A. Costa , (Closes: #683636). * ap_config.c: fix typo for "capabilities". * remove no longer required lintian override (spelling-error-in-binary for the). -- Stefan Lippers-Hollmann Wed, 17 Sep 2014 04:52:36 +0200 wpa (1.1-1) unstable; urgency=medium * New upstream release: - drop 11_wpa_gui_ftbfs_gcc_4_7, applied upstream. - drop EAP-TLS-server_fix-TLS-Message-length-validation, applied upstream. - fixes: - EAP access point constantly roaming with proactive key caching (Closes: #711063). * enable IBSS RSN, thanks to Nicolas Cavallari (Closes: #678147). * enable simple AP support for wpasupplicant, thanks to Patrik Flykt (Closes: #690536). * use the readline6, wpa_cli doesn't link to openssl. * link with --as-needed. * compress binaries with xz. * debian/get-orig-source: switch to xz compressed upstream tarballs. * debian/get-orig-source: adapt for the post 1.x upstream branch. * debian/get-orig-source: support named snapshots, see debian/README.source for detailed syntax and semantics. * debian/README.source: explain fetching git snapshots by specifying their git hash. * debian/README.source: update to match current reality and apply grammar fixes. * debian/README.source: drop trailing whitespace. * fix hardening flags, thanks a lot to Florent Daigniere (Closes: #725865). * debian/control: fold dependencies. * bump standards version to 3.9.5, no changes necessary. * reflect reality and adapt the maintainer mail address not to claim representing Ubuntu. * drop wheezy-specific comments in the configuration files. * glob 'wpa-password' as well and hide its debugging output, this hopefully closes: #728092. * enable EAP-FAST, openssl in Debian is now new enough (Closes: #685685). * update to new alioth URIs (vcs-field-not-canonical). * add Keywords entry for desktop files (desktop-entry-lacks-keywords-entry). * functions.sh: s/particuarly/particularly/, thanks to Vincent Lefevre (Closes: #734422). * fix FTBS using gcc-4.8 by linking with -ldl on kfreebsd-any; the udeb packages don't provide EAP support and are therefore unaffected. This is already accounted for by the upstream Makefile, however wrongly depending on !CONFIG_DRIVER_BSD, while it is actually depending on the target libc rather than the kernel (Closes: #737465). Thanks to Cyril Brulebois and Steven Chamberlain . * import "hostapd: Fix WDS VLAN bridge handling" by Felix Fietkau from upstream, thanks to Mark Hindley (Closes: #737109). * drop build-conflicts with libqt3-dev as the package is no longer available >= lenny, thanks to Michael Biebl . * drop pre-dependency on dpkg (>= 1.15.6~), data.tar.xz-member-without-dpkg- pre-depends is no longer a problem after Ubuntu lucid is EOL. Thanks to Michael Biebl for noticing. * drop build-dependency on libdbus-glib-1-dev, it is no longer required for dbus-binding-tool, thanks to Michael Biebl. * allow parallel building. * fix spelling s/algorith/algorithm/. * add lintian overrides for false positive spelling complaints. -- Stefan Lippers-Hollmann Fri, 21 Feb 2014 01:07:28 +0100 wpa (1.0-3.1) unstable; urgency=low * Non-Maintainer Upload * enable IBSS RSN, thanks to Nicolas Cavallari (Closes: #678147). -- Daniel Kahn Gillmor Thu, 05 Dec 2013 13:56:15 -0500 wpa (1.0-3) unstable; urgency=high * ship forgotten README-P2P. * revert to GNU readline for wpa_cli, instead of using the internal readline implementation added in wpa 1~. Prefer libreadline-gplv2-dev, because libnl is GPL-2 (only) - switching back to the internal readline implementation is targeted for wheezy+1 (Closes: #677993, #678077). * Fix DoS via specially crafted EAP-TLS messages with longer message length than TLS data length (CVE-2012-4445, DSA 2557-1, Closes: #689990). -- Stefan Lippers-Hollmann Mon, 08 Oct 2012 17:48:04 +0200 wpa (1.0-2) unstable; urgency=low * Really enable hardened build flags, thanks Simon Ruderich . (Closes: #657332) * Do not suppress compilation output, set V=1. -- Kel Modderman Mon, 14 May 2012 06:39:13 +1000 wpa (1.0-1) unstable; urgency=low [ Stefan Lippers-Hollmann ] * New upstream release, no code changes since 1.0~rc3. * upload to unstable, to fix FTBS with gcc-4.7. * update debian/README.source. [ Kel Modderman ] * No longer explicitly add --as-needed to LDFLAGS, it is no longer required since wpa_cli stopped linking to libreadline (WPA_CLI_EDIT=y). -- Kel Modderman Fri, 11 May 2012 13:58:51 +1000 wpa (1.0~rc3-1) experimental; urgency=low [ Stefan Lippers-Hollmann ] * import new upstream snapshot 1.0-rc3: - fixes: - hostapd: Fails to authenticate on wpa2 password (Closes: #483924) - hostapd: EAPOL reauthentication/rekeying timeout loop when using WMM (Closes: #655129, #659059) - rebase patches: - libnl3-includes - update hostapd configs. - update wpa_supplicant configs. * merge source packages for hostapd and wpasupplicant under the new name "wpa", which is also used by upstream. * restrict wpasupplicant to linux-any and kfreebsd-any, hurd lacks kernel support. * bump standards version to 3.9.3, no changes necessary. * update dep-5 version to final 1.0, no changes necessary: - order licenses alphabetically. * build-depend on docbook-to-man explicitly. * convert packaging to Multi-Arch, bump compat level to 9 and debhelper build-dependency accordingly; all binaries are Multi-Arch=foreign. * update debian/copyright for wpa 1.0~rc2 and merged sources. * fix clean target and make sure to succeed building twice in a row. * drop build-dependency on libreadline-dev, it's no longer needed with WPA_CLI_EDIT. * remove watch file, there is no corresponding upstream tarballs at the moment. * add (temporary?) get-orig-source target to debian/rules, which fetches the last tagged upstream version corresponding to debian/changelog. - add a lintian override for this, upstream doesn't want to release tarballs at the moment. * use epoche only for hostapd binaries. [ Kel Modderman ] * export BINDIR=/sbin, the build system now requires it when patching D-Bus/systemd configuration. * quieten the upstream build system so that errors/warning are more visible. * assist with adaptation of debian/rules for merge of wpa_supplicant/hostapd: - add docbook-utils to build dependency list and make documentation from sgml source - ensure shared code under src/ is cleaned between wpa_supplicant/hostapd builds - put wpa_supplicant/hostapd ifupdown hooks in their own namespace, adapt installation of ifupdown hooks * drop the netdev_wrapper script from wpagui and associated patch * install systemd service unit file * refresh D-Bus service activation file patch which starts process with syslog and control socket support, also patch systemd service file * drop 09_dbus_emit_change_events.patch, applied upstream. * fix ftbfs with gcc/g++ 4.7 (Closes: 667416) * enable hardened build flags. (Closes: #657332) * remove DEB_BUILD_OPTIONS=noopt handling from debian/rules, no longer required since dpkg-buildflags honors it. * Add ability to set CC for cross building support (untested). * Remove Faidon Liambotis from Uploaders as per his request, many thanks for all past efforts Faidon. * Only build manpages from docbook source, we do not currently use the html or pdf products. -- Kel Modderman Sat, 21 Apr 2012 15:59:32 +1000 wpasupplicant (0.7.3-6) unstable; urgency=low * add "hostap: Allow linking with libnl-3" from Ben Greear to allow building against libnl3 3.2. * raise versioned build-dependency to (>= 3.2.3-2~), we need libnl-genl-3-200-udeb and expect it in /lib/. * switch build dependency from libnl3-dev to libnl-3-dev && libnl-genl-3-dev accordingly. * symlink /usr/share/doc/wpasupplicant/ to /usr/share/doc/wpa_supplicant, which is referred to from upstream documentation (Closes: #537375, #616120). * enable BGSCAN_SIMPLE (Closes: #650834). * add "For MS-CHAP, convert the password from UTF-8 to UCS-2" from Evan Broder , accepted upstream into hostap-1.git (Closes: #649202). -- Stefan Lippers-Hollmann Mon, 19 Dec 2011 23:31:20 +0100 wpasupplicant (0.7.3-5) unstable; urgency=low * restrict wpasupplicant-udeb to linux-any, until a udeb for libpcap0.8 gets available for kfreebsd-any (Closes: #644823). * build-depend on libncurses5-dev explicitly, as it is no longer pulled in indirectly. -- Stefan Lippers-Hollmann Fri, 14 Oct 2011 10:35:42 +0200 wpasupplicant (0.7.3-4) unstable; urgency=low [ Kel Modderman ] * Support /run/sendsigs.omit.d/ (Closes: #633040): - depend on initscripts (>= 2.88dsf-13.3) - create new omission pid files in /run/sendsigs.omit.d/ unconditionally - migrate existing omission pid files from /lib/init/rw/ to /run/sendsigs.omit.d/ * ACK NMU (Closes: #610931) - add wpasupplicant-udeb - build against libnl3 * Improve integration of the udeb addition with existing debian/rules: - build the required binary in the build target in similar way to standard package build - install binary manually in dh_auto_install override rather than wpasupplicant-udeb.install to handle renaming of binary - sync udeb CFLAGS with the standard build - allow potential for non-linux udebs, add a kfreebsd udeb configuration snippet * Filter the numerous hyphen-used-as-minus-sign informational messages from lintian output. * Add preferred options to debian/source/local-options to assist with quilt patch management. * Add patch for wpa_gui-qt4 which displays scan results signal strength in dBm with bar indicator. (Closes: #630681) [ Stefan Lippers-Hollmann ] * make wpasupplicant-udeb arch=any, an initial kfreebsd udeb config is now provided as well. * use Package-Type instead of XC-Package-Type for wpasupplicant-udeb, dpkg-dev >1.15.7 is available in squeeze. * add a dependency on ${misc:Depends} for the udeb package as well. * adapt debian/copyright to recent changes (r174) in DEP-5 and use the new anonscm URL. * don't use /run/sendsigs.omit.d/ if it hasn't already been created by mountkernfs.sh (e.g. when using systemd), thanks to Michael Biebl. -- Stefan Lippers-Hollmann Mon, 26 Sep 2011 23:30:00 +0200 wpasupplicant (0.7.3-3.1) unstable; urgency=low * Non-maintainer upload with the agreement of Kel Modderman. [ Stefan Lippers-Hollmann ] * bump standards version to 3.9.2, no changes necessary. [ Gaudenz Steinlin ] * Add wpasupplicant-udeb for debian-installer. Thanks to Mathew Palmer for providing the initial patch. (Closes: #610931) * Build against libnl3 -- Gaudenz Steinlin Sat, 30 Jul 2011 14:10:31 +0200 wpasupplicant (0.7.3-3) unstable; urgency=low * Restore code which loop waits for wpa_supplicant generated PID and UNIX socket on the filesystem before proceeeding with execution of ifupdown script. (Closes: #622757, #622589) * On DISCONNECTED event using wpa-roam, do not immediately issue reassociation command. (Closes: #622821) * Enable CONFIG_IEEE80211W in build configuration. (Closes: #622587) -- Kel Modderman Sun, 17 Apr 2011 21:07:58 +1000 wpasupplicant (0.7.3-2) unstable; urgency=low * Upload to unstable. * Remove 08_pcsc_dynamic.patch and forget the idea about dynamically loading libpcsc. (Closes: #618719) * Build with support for pcsc and link with libpcsc. Reopens #531592 and #612715. -- Kel Modderman Tue, 12 Apr 2011 22:37:40 +1000 wpasupplicant (0.7.3-1) experimental; urgency=low [ Kel Modderman ] * ACK NMU (Closes: #582917) and integrate changelog. * New upstream release (Closes: #591371). - nl80211 driver interface doesn't use WEXT compat layer (Closes: #570688) * Adjust debian/watch for 0.7.X series of upstream. * Drop patches applied upstream: - 11_syslog.patch - 18_wpa_gui_wps_ap_avail_annoyance.patch - 20_wpa_msg_ctrl_wps.patch - 21_kfreebsd.patch - 30_cfg80211_association_optimisation.patch * Refresh patch series and merge with new upstream. * Change build configuration: - remove all comments from our config - enable new D-Bus interface - disable experimental feature CONFIG_EAP_PSK - enable CONFIG_AP, which allows hostapd-like functionality * Install D-Bus service activation file for new interface. * Set default driver type to nl80211,wext in ifupdown glue. * Remove duplicate handling of wpa-mode in ifupdown/functions.sh. * Add support for scan_freq and freq_list in ifupdown/functions.sh. * Install pm-utils action script to notify wpa_supplicant of susepnd and resume events. * Remove pm-utils stuff from debian/ifupdown/action_wpa.sh. * Remove sleep loops which wait for creation of interface specific control sockets, these are now created before the process is backgrounded (http://w1.fi/bugz/show_bug.cgi?id=283). * After a disconnected event, attempt to reassociate to a network when using wpa-roam. * Add statement to debian/copyright about our choice to distribute this software under BSD license and link with openssl. * Override lintian in the case of possible-gpl-code-linked-with- openssl. * Establish control interface when D-Bus activated wpa_supplicant daemon starts. (Closes: #606051) * Update all patches with DEP-3 compliant header information. * Cherry pick upstream commit which fixes up emission of change events over D-bus. (Closes: #617199) * Add patch to load libpcsclite1 via dlopen(), making pcsc support optional. (Closes: #612842, #612715, #583671, #531592) * Set build config option CONFIG_PCSC=dyn to use above mentioned feature. * Add patch to wpa_gui to use KDE's KNotify when running under KDE. (Closes: #582793) * Adjust versioned debhelper build-depends to (>> 8). * Use architecture wildcards in debian/control. * Adjust wpagui versioned dependency on wpasupplicant to >= 0.7.3 to make sure all new UI features are supported. [ Stefan Lippers-Hollmann ] * Add myself to uploaders. * Bump policy version to 3.9.1: - Include full text of the employed BSD license variant and no longer refer to Debian's common license template. * Bump compat level to 8 and debhelper build-depends to >= 7.9.3~ accordingly, retaining backportability for squeeze (plain lenny isn't an option due to simplified dh7 usage). * Refresh patch series and merge with new upstream (0.7.3). * Drop patches applied upstream: - patches/10_wpa_gui_qt4_network_id_qregexp.patch - patches/11_wpa_supplicant_enable_network_tweak.patch * update machine readable debian/copyright to be compatible with DEP5 r135. * initial update of existing debian/copyright entries. -- Kel Modderman Tue, 08 Mar 2011 22:02:17 +1000 wpasupplicant (0.6.10-2.1) unstable; urgency=low * Non-maintainer upload approved by Kel Modderman. * Added patch 31_fallback_to_full_EAP_authentication.patch (closes: #582917). -- Micha Lenk Sun, 28 Nov 2010 12:22:01 +0100 wpasupplicant (0.6.10-2) unstable; urgency=low * Switch to source format 3.0 (quilt), drop quilt build dependency and remove '--with quilt' from dh command in debian/rules. * Fix "FTBFS on kfreebsd-gnu" with addition of 21_kfreebsd.patch. Thanks to work by Stefan Lippers-Hollmann and Petr Salinger. (Closes: #480572) * Disable experimental feature CONFIG_IEEE80211W (management frame protection) due to it not being supported by any driver but ath9k and it generating ioctl errors which cause much concern among users for little to no benefit. * Add traling blank line to debian/NEWS to assist apt-listchanges as per lintian advice. * Cherry pick 30_cfg80211_association_optimisation.patch from upstream git. Add cfg80211-specific optimization to avoid silly behavior. -- Kel Modderman Sat, 27 Feb 2010 11:30:53 +1000 wpasupplicant (0.6.10-1) unstable; urgency=low * New upstream release. - wpa_msg_ctrl helper which can send messages to the control interface without logging when running in non-debug mode. Used for CTRL-EVENT-SCAN-RESULTS. (Closes: #539915) (LP: #352118) * Remove members of pkg-wpa-devel team from Uploaders who no longer participate in maintenance. Thanks for their past work. (Closes: #529501) * Disable building of atmel driver backend, neither atmel_{cs,pci}, nor at76c50x-usb ever used it and atmelwlandriver is not in Debian and has been abandoned upstream in 2005. Thanks to Stefan Lippers- Hollmann for doing the research. * Remove a few traces of ath/madwifi from debian/NEWS and debian/README.Debian, thanks again to Stefan Lippers-Hollmann. * Prefix etc/pm/sleep.d/ pm-utils hook in the 50 - 74 sequence range to comply with sequencing rules as per pm-action(8) (LP: #307493). Provide the symlink to our hook in /usr/lib/pm-utils/sleep.d/ rather than /etc/pm/sleep.d/. (Closes: #557344) * Modify wpa_action and associated functions to use logger(1) instead of piping to /var/log/wpa_action.$IFACE.log. * Ensure removal of obsolete logrotate conffiles now that all wpa_supplicant/wpa_cli output is logged to syslog. * Support help action in action_wpa.sh. (Closes: #548995) * Build-depend on libreadline-dev instead of libreadline5-dev. (Closes: #553891) * Do not use sed to comment all network blocks out in the example wpa_supplicant.conf. * Do not strip upstream manual pages from source tree, do no generate them at build time, do not build-depend on dockbook. We currently do not modify them, so these build-dependencies and steps are expensive. * Convert debian/rules to use dh - build depend on debhelper (>= 7.4.12~) for dh override support, qmake build class support and --builddirectory argument support - install wpagui files via debian/wpagui.install - rename debian/ifupdown/wpa_action.sh to debian/ifupdown/wpa_action and install via debian/wpasupplicant.install - install wpasupplicant ifupdown scripts via debian/wpasupplicant.install * CFLAGS, CXXFLAGS, LDFLAGS and V are exported by debian/rules. * Remove uupdate command from debian/watch, it is not useful. * Add ${misc:Depends} to debian/control for debhelpers to use as required. * Remove debian/get-git-snapshot and debian/rules target. * Bump Standards-Version to 3.8.4, no extra changes required. * wpa_action shell functions no longer require an ifupdown state file to function as future providers of ifup/ifdown may not need or provide it. * wpa_action shell functions ifup and ifdown create and delete the wpa_supplicant sendsigs omission file thus removing the need for /etc/init.d/wpa-ifupdown. Remove /etc/init.d/wpa-ifupdown on upgrade via maintainer scripts. (Closes: #545173) * Drop debian/patches/10_multi_driver.patch due to its invasiveness - it may make future patches which fix serious issues harder to apply while providing an experimental feature only. * Add debian/patches/18_wpa_gui_wps_ap_avail_annoyance.patch to stop notifying about WPS_EVENT_AP_* events via wpa_gui tray status bubbles - they are too frequent. * Cherry pick 20_wpa_msg_ctrl_wps.patch from upstream to avoid too frequent logging of WPS events. * Drop debian/patches/05_qmake_version_makefile.patch, use qmake build class in debian/rules, Build-Depend on qt4-qmake and Build-Conflict with libqt3-dev. * Ensure wpa_supplicant/wpa_gui-qt4 is really clean, qmake seems to leave some crumbs (.obj, .moc & .ui). * Adjust debian/watch to scan for the 0.6.X stable releases only. * Remove debian/wpasupplicant.postrm - it is no longer needed to handle purge of log files, none are created anymore. * Enable make concurrency via dh --parallel option in debian/rules. -- Kel Modderman Tue, 16 Feb 2010 21:26:26 +1000 wpasupplicant (0.6.9-3) unstable; urgency=low * Drop debian/patches/12_syslog_supplement.patch. It adds code which attempts to prettify output but doesn't handle large output well. (Closes: #528639) -- Kel Modderman Sat, 16 May 2009 03:47:08 +1000 wpasupplicant (0.6.9-2) unstable; urgency=low * Add debian/patches/07_dbus_service_syslog.patch to enable syslog logging when wpa_supplicant is started via D-Bus. * Start wpa_supplicant with default level of verbosity via ifupdown hooks, rather than in quiet mode. * Merge some differences from wpasupplicant_0.6.6-2ubuntu1.patch, with very minor modification: - 12_syslog_supplement.patch: Add a few more bits missing from the upstream patch, based on http://cvs.fedoraproject.org/viewvc/rpms/wpa_supplicant/OLPC-2/wpa_supplicant-0.5.7-use-syslog.patch. Compile with -DCONFIG_DEBUG_SYSLOG if CONFIG_DEBUG_SYSLOG is set in the configuration file. - Enable CONFIG_DEBUG_SYSLOG in debian/config/* (rather than CFLAGS += -DCONFIG_DEBUG_SYSLOG). - debian/ifupdown/functions.sh: Silence wpa_log_* if /var/log is not yet writable; there is little we can do in this case (logger is in /usr, so may well also be unusable), and the user can always get more information by reconnecting later. - Thanks to Colin Watson * Sync common build configuration options between debian/config/kfreebsd and debian/config/linux. * Add patch description to debian/patches/06_wpa_gui_menu_exec_path.patch. -- Kel Modderman Mon, 13 Apr 2009 23:25:17 +1000 wpasupplicant (0.6.9-1) unstable; urgency=low * New upstream release * Drop patches applied upstream: - 10_wpa_gui_qt4_wps_tab_cleanups.patch - 11_wpa_gui_qt4_qsession.patch * Refresh debian/patches/04_append_mmd_to_default_cflags.patch to apply. * Refresh all other patches to apply without offset. * Activate CONFIG_DRIVER_NL80211 in debian/config/linux. * Sync debian/config/linux with wpa_supplicant/defconfig. * Add libnl-dev to build dependencies. * Modify debian/wpasupplicant.postrm and debian/wpasupplicant.postinst to set -e in body of script rather than in shebang line as per pedantic lintian suggestion. * Upload to unstable. * Add copyright information for src/wps/wps* to debian/copyright. * Add note about linkage with OpenSSL and impact it has on the choice of BSD license in lieu of GPL imcompatibility to debian/copyright. * Add copyright information about src/wps/httpread.* to debian/copyright. * Bump Standards-Version to 3.8.1, no other changes required. * Instead of patching upstream to append -MMD compiler flag set that as default in debian/rules. Purge debian/patches/04_append_mmd_to_default_cflags.patch. * Backport syslog support patch from 0.7.X development branch. Patch name is debian/patches/11_syslog.patch. * Backport patch from 0.7.X to allow multiple driver wrappers to be tried until one works. This will allow some kind of transition smoothing as drivers transition from wext -> nl80211 in the future. * Remove debian/patches/03_dbus_service_activation_logfile.patch, wpa_supplicant can now log to syslog instead. * Update copyright info in debian/ifupdown/*. * When starting wpa_supplicant via ifupdown hook script, do not log to file by default now that we have syslog support. * Update README.Debian for nl80211 driver and change in logging behaviour. -- Kel Modderman Sat, 28 Mar 2009 03:46:12 +1000 wpasupplicant (0.6.7-1) experimental; urgency=low * New upstream release. * Enable CONFIG_WPS in debian/config/*. * Install README-WPS to docs directory. * Refresh debian/copyright for new years which are covered by copyright. * Refresh debian/patches/05_qmake_version_makefile.patch and debian/patches/01_use_pkg-config_for_pcsc-lite_module.patch. * Add debian/patches/10_wpa_gui_qt4_wps_tab_cleanups.patch to cleanup a couple of minor glitches with new wpa_gui-qt4 WPS additions. * Add debian/patches/11_wpa_gui_qt4_qsession.patch to enhance wpa_gui with session saving support. -- Kel Modderman Mon, 02 Feb 2009 06:57:36 +1000 wpasupplicant (0.6.6-2) experimental; urgency=low [ Martin Pitt ] * debian/ifupdown/action_wpa.sh: pm-utils now supplies a second argument to the hooks, thus telling ifplugd and pm-utils apart by the number of arguments does not work any more. Fix up the script to just evaluate the arguments themselves, to work with current and older pm-utils. This unbreaks suspend. (LP: #307312) (Closes: #508526, #509484) [ Kel Modderman ] * It has been reported by Alexander E. Patrakov that WEP keys are set in quick time in newer wpa_supplicant releases and no longer cause problems attempting to connect to specific access point during boot sequence. (Closes: #489948) * Do not start wpa_gui in system tray per default when executed from menu system (discussion with upstream resulted in desire to have app opened in foreground, no need to diverge from that). -- Kel Modderman Sun, 28 Dec 2008 23:53:53 +1000 wpasupplicant (0.6.6-1) experimental; urgency=low * New upstream release. * Update debian/copyright to include copyright holders of new source files (src/drivers/driver_roboswitch.*). * Drop patches applied upstream: - debian/patches/10_ftbfs_gcc_4.4.patch - debian/patches/20_delay_mic_error_report.patch * Add libqt4-svg to Dependencies of wpagui for tray icon support. (Closes: #505492) -- Kel Modderman Mon, 08 Dec 2008 00:47:32 +1000 wpasupplicant (0.6.5-2) experimental; urgency=low * Bugfix: "Missing -d in testing for a directory in init script". Thanks to Braun Gábor for reporting and the patch. (Closes: #506328) -- Reinhard Tartler Tue, 02 Dec 2008 20:52:16 +0100 wpasupplicant (0.6.5-1) experimental; urgency=low * New upstream release. * Purge patches applied upstream. * Modify 20_wpa_gui_menu_exec_path.patch to use the new -t command line option and start wpa_gui in the system tray and avoid desktop startup notifications. * When using wpa-roam and connecting to an interface for which an id_str is defined but no matching /e/n/i logical interfaces has been configured, try to configure the default logical interface. * Adjust debian/ifupdown/functions.sh to use not depend on /sbin/ip to use ip. * Rename 20_wpa_gui_menu_exec_path.patch to 06_wpa_gui_menu_exec_path.patch, it will possibly be a long term patch. * Update debian/copyright for new files, as well as better conformance with proposed copyright format. * Cleanup wording of README.Debian paragraph which explains how to debug wpa_supplicant via logging. * Reduce difference with wpa_supplicant/defconfig, adding sections for new options, updating option description, and removal of CONFIG_EAP_WSC which had previously been removed from wpa_supplicant. * Refresh debian/patches/01_use_pkg-config_for_pcsc-lite_module.patch and debian/patches/05_qmake_version_makefile.patch to apply without offset. * Add 10_ftbfs_gcc_4.4.patch to include header files required for compilation with GCC 4.4, thanks to Martin Michlmayr. (Closes: #505041) * Add 20_delay_mic_error_report.patch, an upstream commit which adds a mitigation mechanism for certain attacks against TKIP by delaying Michael MIC error reports by a random amount of time between 0 and 60 seconds. * Enable CONFIG_DELAYED_MIC_ERROR_REPORT in debian/config/linux. -- Kel Modderman Sun, 09 Nov 2008 21:19:13 +1000 wpasupplicant (0.6.4-3) experimental; urgency=low * Target at experimental due to current archive conditions with respect to stable release freeze. * Install /etc/wpa_supplicant/action_wpa.sh to enhance wpa-roam integration with pm-utils and ifplugd. (Closes: #488538) * wpa_gui need not depend stricly upon the same binary version of wpa_supplicant, it just requires a version of wpa_supplicant which support the set of ctrl_interface commands that are used, which to the best of my knowledge is (>= 0.6.2-1). [debian/control] * Cleanup short description of wpasupplicant, and improve short description of wpagui. [debian/control] * Add a series of patches to enhance wpa_gui-qt4: - 10_wpa_gui_icons.patch - 11_desktop_entry.patch - 12_wpa_gui_icons_resource.patch - 13_remove_qPixmapFromMimeSource_ref.patch - 14_qsystemtray_icon.patch - 15_tray_status_state.patch - 16_wpa_gui_icon_touchup.patch * Install icon and menu entry for wpa_gui. [debian/rules] (Closes: #498923) * Add a shell script wrapper, debian/wpa_gui/netdev_wrapper, which will be used by the menu entry to try and exec /usr/sbin/wpa_gui with best estimated privilege level. Install it to /usr/share/wpagui/netdev_wrapper. [debian/rules] * Add 20_wpa_gui_menu_exec_path.patch to modify exec path of wpa_gui.desktop to point at our new wrapper, /usr/share/wpagui/netdev_wrapper. * Add debian menu file for wpa_gui, it also uses the netdev_wrapper. * Create xpm icons from new upstream icon build system, and store them in debian/wpa_gui/*.xpm to avoid creating them during package build because inkscape and imagemagick would be required which are quite large and uneccessary build dependencies. Leave a note in debian/rules to remind us about their origin and the reasoning behind this decision. * wpagui package Recommends: menu, as menu provides su-to-root, which we may need. [debian/control] * Add two upstream patches to improve the retrieval of scan results from userspace: - 07_restore_scanreq_if_initassoc_failed.patch - 08_only_use_cached_scan_results_if_nonempty.patch * Refresh patch series to apply without offset. -- Kel Modderman Thu, 25 Sep 2008 07:52:06 +1000 wpasupplicant (0.6.4-2) unstable; urgency=low * Bugfix: wpasupplicant crashes (closes: #485769). Patch taken from upstream git. -- Reinhard Tartler Wed, 27 Aug 2008 10:10:20 +0200 wpasupplicant (0.6.4-1) unstable; urgency=low [ Kel Modderman ] * New upstream release * Retroactively cleanse past changelog entries of information indicating that they were not released, as they were. * Use short option for grep (-q) and sed (-n) instead of the busybox incompatible --quiet as per advice of Charles-Henri Gros. * wpa_action: on connected action, call wpa_hysteresis_event before ifup, so that a disconnected action may still be effective should the ifup take a long time (eg. dhcp request takes a long time and eventually fails). [ Alessio Treglia ] * Added build-depends on libdbus-glib-1-dev, fixes FTBFS (LP: #256274). -- Reinhard Tartler Sat, 16 Aug 2008 10:09:01 +0200 wpasupplicant (0.6.4~git20080716.93ef879-1) unstable; urgency=low [ Kel Modderman ] * New upstream git snapshot. * Drop patches applied upstream: - 10_silence_siocsiwauth_icotl_failure.patch - 11_avoid_dbus_version_namespace.patch - 12_fix_potential_use_after_free.patch - 13_defined_IEEE8021X_EAPOL.patch - 14_fix_compile_without_eap.patch - 15_silence_out_of_bounds_warnings.patch - 41_manpage_format_fixes.patch - 42_manpage_explain_available_drivers.patch - 43_remove_w_from_help.patch - 50_wext_dont_overwrite_bss_freq.patch - 51_dont_reschedule_specific_scans_for_hidden_ssids.patch - 52_handle_mac80211_mode_switch.patch - 53_give_adhoc_assoc_more_time.patch * Drop -20_wpa_gui_qt4_disable_link_prl.patch, the qt4 linking problem has been fixed by our qt4 maintainers. * Refresh remaining patch series. * Increase Standards_version to 3.8.0. Explain in debian/README.Debian-source that the `debian/rules patch` command is required to prepare the source tree for building. * Cleanup debian/wpasupplicant.links, removing trailing whitespace and leading / from target symlink pathname. * Remove debian/README.Debian, the information therin was irrelevant for the current release cycle, and is better explained by the README.modes document. * Move debian/README.modes to debian/README.Debian, and create a backwards compat symlink (/usr/share/doc/wpasupplicant/README.modes.gz -> README.Debian.gz) to avoid breaking current online documentation. * Fix spelling error in new debian/README.Debian found by lintian. * Don't install the wpa_supplicant/eap_testing.txt document, it contains information about development features and testing that is not possible with what is provided by the wpasupplicant package. * Remove the QMAKE variable from debian/rules, it is no longer used with upstream build system. * Remove debian/wpagui.install and instead invoke dh_install explicitly in debian/rules, making use of the WPAGUI variable, to have the correct version of wpa_gui installed (assist in switch to-fro different QT ports). * Remove possible bashisms (local(x, y)) from debian/ifupdown/functions.sh. * Add rudimentary locking system when wpa_action(8) calls ifup/ifdown, so that /etc/network/if-*.d/wpasupplicant can differentiate between admin calling ifup/ifdown or wpa_action. (Closes: #488078, #373180) * When wpa_action calls ifup/ifdown, use verbose command line option for more detailed log of what hook scripts are executed. * wpa-ifupdown.init should always stop wpa_action daemon, ifupdown is only guaranteed to stop it if interface is currently configured. * Move debian/README.Debian-source to debian/README.source, as policy seem to prefer this filename now as of version 3.8.0. [ Reinhard Tartler ] * lower debhelper compat level to 6 to ease backporting -- Kel Modderman Wed, 16 Jul 2008 22:59:25 +1000 wpasupplicant (0.6.3-2) unstable; urgency=low * Add patch to remove -w option from help output, it has been removed in previous versions. (Closes: #472853) * Correctly refer to wpa-debug-level (not wpa-verbosity-level) ifupdown parameter to control logging output. (Closes: #474440) * Apply patch to permit package build on GNU/kFreeBSD. - add debian/config.kfreebsd build configuration file - adapt debian/rules to use debian/config/kfreebsd when building for kfreebsd DEB_HOST_ARCH_OS * Fix arch specific build dependency declarations introduced by GNU/kFreeBSD compat patch. * Build depend on debhelper >= 7, adjust debian/compat to suit. * Simplify debian/rules, cleaning up the sanitization of README.wpa_supplicant.conf, clean , build and install targets. * Span the Build-Depends field of debian/control over multiple lines. * Add debian/patches/13_defined_IEEE8021X_EAPOL.patch to allow compilation when CONFIG_IEEE8021X_EAPOL is not defined and allow people attempting to progress on wpasuplicant udeb (and netcfg integration) to move on. * Add 14_fix_compile_without_eap.patch to fix another FTBFS when IEEE8021X_EAPOL is not defined. * Rename debian/extra-examples/ to debian/examples/. * Slightly modify the way get-git-snapshot is invoked by debian/rules. * Create debian/config/ directory to contain various build configuration files for different targets (eg. udeb, kfreebsd, linux). * Disable building of test driver backend, no development can sanely be done with this binary package. * Disable building of hostap driver backend, the version of hostap driver in existence since Linux 2.6.14 (or before) uses the wext driver backend. * Provide code in ./debian/ifupdown/functions.sh that warns about invalid wpa-driver choice, and falls back to the usage of a default backend. * Modify debian/README.modes to not contain blurb about which driver_backend to use, wext should almost _always_ be used. * Refresh debian/patches/14_fix_compile_without_eap.patch with what was applied upstream. * Add 50_wext_dont_overwrite_bss_freq.patch to fix handling of channel and frequency information returned by mac80211 using drivers in ad-hoc mode. * 51_dont_reschedule_specific_scans_for_hidden_ssids.patch to optimize scan rescheduling in order to better detect hidden SSIDs. * Simplify debian/rules handling of wpa_supplicant/.config, just cp it in as needed in build target. Move dh_install into install target. These will make integration of possible future udeb cleaner. * Add 52_handle_mac80211_mode_switch.patch to enhance handling of mode switching for mac80211 using interfaces. * Add 53_give_adhoc_assoc_more_time.patch to give adhoc associations a bit more time. * Add 15_silence_out_of_bounds_warnings.patch to silence gcc-4.3 warnings about accessing out of bounds array index. * Purge debian/madwifi-headers/* and no longer activate the driver_madwifi backend of wpa_supplicant. Remove reference to it in support documentation. If "wpa-driver madwifi" is used in an /e/n/i stanza print a warning and use "wext" instead. -- Kel Modderman Mon, 09 Jun 2008 09:30:23 +1000 wpasupplicant (0.6.3-1) unstable; urgency=low * New upstream release. * Drop patches applied upstream: - debian/patches/30_wpa_gui_qt4_eventhistoryui_rework.patch - debian/patches/31_wpa_gui_qt4_eventhistory_always_scrollbar.patch - debian/patches/32_wpa_gui_qt4_eventhistory_scroll_with_events.patch - debian/patches/40_dbus_ssid_data.patch * Tidy up the clean target of debian/rules. Now that the madwifi headers are handled differently we no longer need to do any cleanup. * Fix formatting error in debian/ifupdown/wpa_action.8 to make lintian quieter. * Add patch to fix formatting errors in manpages build from sgml source. Use tags to hightlight keywords instead of surrounding them in strong quotes. - debian/patches/41_manpage_format_fixes.patch * wpasupplicant binary package no longer suggests pcscd, guessnet, iproute or wireless-tools, nor does it recommend dhcp3-client. These are not needed. * Add debian/patches/10_silence_siocsiwauth_icotl_failure.patch to disable ioctl failure messages that occur under normal conditions. * Cherry pick two upstream git commits concerning the dbus interface: - debian/patches/11_avoid_dbus_version_namespace.patch - debian/patches/12_fix_potential_use_after_free.patch * Add debian/patches/42_manpage_explain_available_drivers.patch to explain that not all of the driver backends are available in the provided wpa_supplicant binary, and that the canonical list of supported driver backends can be retrieved from the wpa_supplicant -h (help) output. (Closes: #466910) * Add debian/patches/20_wpa_gui_qt4_disable_link_prl.patch to remove link_prl CONFIG compile flag added by qmake-qt4 >= 4.3.4-2 to avoid excess linking. -- Kel Modderman Wed, 12 Mar 2008 20:03:04 +1000 wpasupplicant (0.6.2+git20080206.g8c0dad4-1) unstable; urgency=low [ Kel Modderman ] * New Upstream git snapshot. - fixes infinite loop in EAPOL state machine when dynamic wep keys are used (Closes: #464514) * install-stamp was not properly implimented, fix it up. [debian/rules] * Drop patches to ctrl interface bss scan results iterator that will not be applied upstream. The iterator will be redesigned to not suffer from the identified problem of one bssid being encountered in more than one cell of the scan results. - debian/patches/84_ctrl_iface_scan_bss_count.patch - debian/patches/85_ctrl_iface_scan_bss_count_warning.patch - debian/patches/94_wpa_gui_qt4_scanres_bss_count.patch * Drop patches applied upstream. - debian/patches/30_src_clean_existing_dirs.patch - debian/patches/31_ctrl_iface_x86_64_compile_warning.patch - debian/patches/93_wpa_gui_qt4_scanres_really_remove_qtimer.patch * wpa_gui should depend on the wpa_supplicant binary from the same build, therefore set versioned dependency of wpasupplicant (= ${binary:Version}) for the wpagui package. [debian/control] * Reimpliment 70_wpa_gui_qt4_wpagui_scroll_follow_eventhistory.patch in the form of three patch series for resubmission to upstream. - debian/patches/30_wpa_gui_qt4_eventhistoryui_rework.patch - debian/patches/31_wpa_gui_qt4_eventhistory_always_scrollbar.patch - debian/patches/32_wpa_gui_qt4_eventhistory_scroll_with_events.patch [ Reinhard Tartler ] * move debian/patches/01_debian_wpa_roam_example.patch to debian/extra-examples/wpa-roam.conf to have the example as proper file instead of a diff. * Add documentation headers to the files in debian/patches/* * Don't manage wpasupplicant/.config as patch system, but have it as debian/config instead. therefore remove 00_defconfig.patch and 21_config_driver_madwifi.patch * move madwifi headers from debian/patches/20_madwifi_headers to debian/madwifi-headers. also update debian/copyright. * remove ${misc:Depends}. Nothing does use it and generates an unnecessary warning. * use -Wl,--as-needed to avoid unnecessary linking to ncurses, libpthread and libdl. * use pkg-config for detecting how to link against pcsc-lite - debian/patches/01_use_pkg-config_for_pcsc-lite_module -- Reinhard Tartler Sat, 09 Feb 2008 23:21:37 +0100 wpasupplicant (0.6.2+git20080202.gde6ccd7-1) unstable; urgency=low * New Upstream git snapshot. - the -w (wait for interface) option has been removed (Closes: #350963) - wpa_gui has been massively enhanced * Drop all patches applied to upstream git. * Add debian/patches/30_src_clean_existing_dirs.patch to adjust upstream build system for removal of src/wps (as done in upstream build_release script). * Make sure wpa_supplicant process is checked for and killed by wpa_action on stop or down actions. * Update debian/NEWS to alert users about the removal of the -w command line option. * Truncate debian/NEWS, none of the items are relevant for current upgrade paths, nor do they hold any historical relevance. * Clarify the license of the debian packaging. No license was initially given until now, so we could assume the original packager contributed the packaging under the same terms as the upstream license (BSD | GPL-2). * /etc/init.d/wpa-ifupdown must stop before sendsigs does when using dependency based init system. Add $remote_fs to Required-Stop keyword of LSB header in debian/wpasupplicant.wpa-ifupdown.init. * Add debian/patches/38_dbus_blob_support.patch to allow support for loading of blobs via the D-Bus interface. Patch cherry picked from upstream git. * Move README.wpa_supplicant.conf from examples to docs. Generate the file in the wpa_supplicant/ directory. * Add ${misc:depends} to Depends field of our packages to ensure we do not miss out on any substvars that debhelper may provide us with. * Add debian/patches/39_wpa_gui_qt4_closeevent.patch to improve handling of wpa_gui-qt4 exit, both from File->exit and the X button on the titlebar. * Start daemon in quiet mode by default, the scan event is being written to logfile far too often. [debian/ifupdown/functions.sh] * When starting daemon with debug option, include timestamps in logfile. [debian/ifupdown/functions.sh] * Simplfy return check in init_wpa_supplicant(), init_wpa_cli() kill_wpa_supplicant() and kill_wpa_cli() reduce one level of indentation for each function. [debian/ifupdown/functions.sh] * Add patch to invoke versioned qmake binary when preparing the Makefile for wpa_gui/wpa_gui-qt4 or else a failure to build from source can be possible when more than one QT version is installed. (Closes: #463547) - debian/patches/05_qmake_version_makefile.patch -- Kel Modderman Mon, 04 Feb 2008 16:00:38 +1000 wpasupplicant (0.6.2-1) experimental; urgency=low * New upstream release. * Allow "wpa-key-mgmt NONE" to form a network block via the wpa_cli calls in wpa_conf() of functions.sh. * Overhaul wpa_key_check_and_set() function of functions.sh to better handle wep keys. Function now does similar checking of wep keys that it does for wpa keys. Valid wep keys can be hex of length 10|26|32|58 or ascii with length of at least 5. * Check wpa_cli return value in wpa_cli() function of functions.sh. * Adjust Standards-Version to 3.7.3, no extra changes required. * Switch to quilt patch management from dpatch: - build-depend on quilt, adjust debian/rules accordingly - debian/madwifi/mk-madwifi-header-patch becomes obsolete, removed * Remove debian/defconfig.sh, and re-impliment it in patch form again, but this time with a patch management system that can be used more naturally. This also allows an oppurtunity to go over our default build configuration. * Add svn:ignore property for .pc quilt by-product. * Ensure src/drivers/driver_madwifi/ directory is purged from source tree in clean target of debian/rules. * /var/lock/wpa_action.*.lock was not used in a version of wpasupplicant package in a stable release, no longer need to handle its removal in postrm anymore. * Activate support for PC/SC interface for smartcards along with SIM and AKA EAP methods. Build-depend on libpcsclite-dev. Suggest pcscd. * Update email address in debian/ifupdown/wpa_action.8 manpage. * Sanitize whitepsace in debian/README.modes, swapping tabs for 8 spaces, improving layout of basic tables. Fix a couple of typo's too. * Clarify in debian/README.modes the URI to BTS discussions. Also add a note that using ap_scan=2 requires explicit security policies to be set for each network. * dbus-wpa_supplicant.service now provided by upstream. * Impliment debian/examples/wpa_supplicant.conf.template in patch form. It is planned to expand this small template into a more usable and documented beginning point for the wpa-roam schema. * Add useful comments to the new wpa-roam.conf example configuration file. * README.modes now gives sound advice to setup the roaming daemon to be used with the netdev group, and offers advice on howto set various data sensitive conffiles to be readable only by owner. (Closes: #428620) * wpa_gui manpage exists in upstream, remove debian/wpa_gui.8. * If the path to ctrl_interface directory can be determined from the supplied configuration, do not append the -C option to wpa_supplicant start-stop-daemon command in ifupdown.sh. This breaks the new DIR= GROUP= ctrl_interface syntax. * Add initial subsection to README.modes about "Interacting with wpa_supplicant with wpa_cli and wpa_gui". * Activate CONFIG_IEEE80211R, CONFIG_IEEE80211W and CONFIG_EAP_WSC in the default build configuration. * Log wpa_supplicant output to /var/log/wpa_supplicant.$IFACE.log per default when using ifupdown to manage wpa_supplicant. wpa_supplicant supports logging somewhere via -f cli option. (Closes: #317180) * Add support for managing debug level of wpa_supplicant via the ifupdown scripts. * Enhance README.modes with new supplicant debugging methods. * Build the wpa_gui-qt4 variant now that it doesn't require qt3 support code. It also closes all child windows on File->Exit. (Closes: #426924) * wpasupplicant now Suggests wpagui. * wpa_action now logs to an interface specific logfile, and the logrotate rule was updated to take care of both the old and new locations. * Update copyright headers of ifupdown scripts, also add a few more code comments, a statement of purpose and package ownership as well as some other trivial cleanups. * Remove upgrade removal of conffiles from wpasupplicant versions that exist in oldstable and before. The preinst part of the upgrade handling was removed in pkg-wpa commit r852. * Create sendsigs omission pidfile in /lib/init/rw/sendsigs.omit.d/ for wpa_supplicant and wpa_cli processes managed by ifupdown. Determine runlevel when wpa_cli roaming daemon is active, and allow ot to be killed in runlevels 0 and 6. This allows wpa_supplicant process to survive until networking is stopped. (Closes: #401645) * Add debian/patches/03_dbus_service_activation_customise.patch to start wpa_supplicant with "-f /var/log/wpa_supplicant.log" per default. * Add debian/patches/30_scan_even_when_disconnected.patch to allow scan request to succeed even when interface is in disconnected state. * Modify debian/copyright to be machine-interpretable. Annotate all copyright holders in new format. * State clearly in debian/copyright that the BSD license has been chosen by us, the maintainers, as there is no exception to link against OpenSSL in the text of the given GPL-2 license. * No license had been chosen for the debian packaging information, so GPL-2+ has been chosen and recorded in debian/copyright. * Add debian/README.Debian-source to document handling of upstream manual pages. * Build upstream manual pages from sgml source. Build-Depend on docbook and docbook-utils. * Add debian/patches/31_wpa_gui_qt4_select_any.patch to allow selection of any network already defined in network combobox when more than 1 network is defined. * Modify debian/wpasupplicant.wpa-ifupdown.init to be no-op when sendsigs omission interface is supported. * Add debian/patches/32_append_mmd_to_default_cflags.patch to assist in allowing CFLAGS to be overriden without possible bad effects on upstream build system. -- Kel Modderman Tue, 08 Jan 2008 22:51:36 +1000 wpasupplicant (0.6.1~git20071119-1) unstable; urgency=low * New upstream git snapshot. - support for dbus >= 1.1.1 dbus_watch_get_unix_fd() api * Convert to non-cdbs traditional debhelper-centric debian/rules and remove build dependency on cdbs. This converges with style of hostapd package. * Correct poorly formatted debian/NEWS entry that was causing lintian to complain. * Cleanup files in ./debian/* - move debian/wpa_supplicant.conf.template to debian/examples/ - move debian/mk-madwifi-header-patch to debian/madwifi/ - move debian/dbus-wpa_supplicant.service to debian/dbus/ - rename debian/dot.config.mk to debian/defconfig.mk * Remove MADWIFI variable from debian/defconfig.mk. * No longer build "ndiswrapper" or "ipw" backends. Etch shipped with a kernel in which neither of these backends could work (> Linux 2.6.14) so it is about time we no longer pretended to support for them. * Activate D-Bus system activation support. Install the service file into /usr/share/dbus-1/system-service/. The filename reflects the service bus name of "fi.epitest.hostap.WPASupplicant". In addition, the service must be started by root user. Thanks to Michael Biebl. (Closes: #412179) * Build depend on docbook and docbook-utils to generate upstream manpages from sgml source. * Upstream wpa_cli(8) is no longer incorrect with regard to CONNECTED and DISCONNECTED signal events. (Closes: #432904) * Drop debian/patches/10_fix_non_wpa_zero_len_ssid.dpatch and debian/patches/50_fix_wext_tsf_stack_overflow.dpatch, applied upstream. * debian/patches/40_debian_doc_examples.dpatch does not apply to git snapshot, remove it and rethink how we can best integrate our debian specific bits. * wpa_action: check status with respect to ifupdown after CONNECTED event has ensued. If the interface is not recorded in ifupdown's state file attempt reassociation. (Closes: #428304). * Adjust logic when using sed to determine ctrl_interface socket directory from the configfile to handle ctrl_interface=DIR= GROUP= syntax. -- Kel Modderman Thu, 22 Nov 2007 17:10:29 +1000 wpasupplicant (0.6.0-4) unstable; urgency=low * Fix stack overflow condition that could exist if driver reported bad tsf data in iwevent and scan results. (Closes: #442387) * Update Vcs fields of debian/control to format of current consensus. * Add Homepage field to debian/control. -- Kel Modderman Tue, 16 Oct 2007 18:12:03 +1000 wpasupplicant (0.6.0-3) unstable; urgency=low * Add debian/mk-madwifi-header-patch, a quick and dirty bash script for generating the madwifi header patch. * Fix typo in README.modes, wpa-default-iface is really wpa-roam-default-iface. (Closes: #435718) * Simplify debian/dot.config.mk. * Confirm that the ifupdown scripts do set ssid when wpa-ssid is used with a value in /etc/network/interfaces. (Closes: #367655) * Truncate default build .config. Make madwifi config option conditional on MADWIFI variable. * Add 10_fix_non_wpa_zero_len_ssid.dpatch to fix regression inhibiting selection of non-WPA zero length ssid. (Closes: #431102) * Fix debian-rules-ignores-make-clean-error lintian error. -- Kel Modderman Sat, 25 Aug 2007 00:23:50 +1000 wpasupplicant (0.6.0-2) unstable; urgency=low * Really allow 'wpa-conf managed' to pass through. -- Kel Modderman Wed, 04 Jul 2007 17:18:45 +1000 wpasupplicant (0.6.0-1) unstable; urgency=low [Kel Modderman] * New upstream release. - restructured source layout * Adjust debian/wpasupplicant.examples, debian/wpagui.install, debian/wpasupplicant.install, debian/wpasupplicant.manpages, and debian/wpasupplicant.docs for new layout. * Redjust debian/patches/30_dbus_policy.dpatch and debian/patches/40_debian_doc_examples.dpatch to apply against new layout. * Drop debian/patches/10_config.dpatch and debian/patches/21_madwifi_includes.dpatch. * Introduce makefile fragment for wpa_supplicant .config creation. Call it from debian/rules. It is named debian/dot.config.mk. * Add WPADIR variable to debian/rules, adjust build and install targets to use WPADIR. * Update madwifi_headers patch with code from current madwifi SVN trunk. * Damage control: allow 'wpa-conf managed' to pass through without failure for those people who followed the poor example outlined in the hidden ssid's section of README.modes. Also remove the offending line from the documentaion. (Closes: #428137) [Reinhard Tartler] * Fix building wpagui. * remove debian/wpasupplicant.preinst, since we don't support upgrades from oldstable. This way we don't need to look at /var/lib/dpkg/status anymore, which is unreliable anyway. Makes lintian happy. -- Reinhard Tartler Sun, 17 Jun 2007 10:33:31 +0100 wpasupplicant (0.6.0~cvs20070224-3) unstable; urgency=low * Add netdev group if it does not exist, since we provide a dbus configuration file that insists on using that group. (Closes: #418641) -- Kel Modderman Sun, 22 Apr 2007 19:19:07 +1000 wpasupplicant (0.6.0~cvs20070224-2) unstable; urgency=low [Kel Modderman] * Update XS-Vcs fields of debian/control to reflect pkg-wpa archive change. * Update debian/copyright with new upstream URL's and Jouni's new email address. * Rename madwifi related dpatches to match that of hostapd source package. * Update debian/watch with new upstream release URL. [Reinhard Tartler] * Remove the prerm script as discussed on pkg-wpa-devel@ * upload to unstable -- Kel Modderman Mon, 09 Apr 2007 18:09:08 +1000 wpasupplicant (0.6.0~cvs20070224-1) experimental; urgency=low * New upstream development release. (Closes: #401809) * wpa_supplicant no longer segfaults on failure to initialize a network interface. (Closes: #403301, #403313) * Fixes EAP-PEAP/TTLS/FAST to use the correct EAP identifier in tunnelled identity request. (Closes: #402619) * Drop deprecated init script example. debian/wpa_supplicant.init-daemon. * Drop debian/patches/10_orinoco_wep_key_fix.dpatch as the appropriate driver fix has been included in mainline linux since 2.6.19-rc. * Drop debian/patches/21_madwifiold_20060207_includes.dpatch, madwifi-old is deprecated upstream. * Remove false instructions from NEWS file regarding madwifi-old support that has since been discarded from the source package. * Drop debian/patches/11_erroneous_manpage_ref.dpatch, applied upstream. * Remove wpa-stakey code from conf_wpasupplicant() in functions.sh since it is removed from upstream. * Allow 'wpa-essid' to do the same thing as 'wpa-ssid'. (Closes: #403316) * Update Uploader: email address. * Update private madwifi includes to r2156 of madwifi.org SVN trunk. * Make a large note in README.modes wpa-roam documentation that a ctrl_interface MUST be defined for the roaming setup to function. (Closes: #407936). * Activate wpa_supplicant's dbus interface by installing dbus-wpa_supplicant.conf to the appropriate location. (Closes: #412179) * Add debian/patches/30_dbus_policy.dpatch to allow access control to wpa_supplicant's dbus interface via the netdev group. (Michael Biebl). * Install a service file to /usr/share/dbus-1/services/ for dbus aware applications that may take advantage of that in the future (Michael Biebl). * Add support to ifupdown.sh for `wpa-mode' and `wpa-frequency' options used in IBSS mode. Note that ifupdown.sh does not do any sanity checking for the other many requirements for using wpa_supplicant in IBSS mode. * Update XS-Vcs-* fields in control file, add Vcs-Browser token. * Move debian spcific ifupdown sh glue into debian/ifupdown/. * Have prerm gracefully bring down interfaces under the influence of wpa_supplicant via wpa-ifupdown init script. * Remove unrequired `unset' usage in wpa-ifupdown.init, discard stderr of find invocations. * Don't stop dbus wpasupplicant daemon via wpa-ifupdown. * Suggest wireless-tools. (Closes: #413689) -- Kel Modderman Thu, 8 Mar 2007 03:23:51 +1000 wpasupplicant (0.5.5-4) unstable; urgency=low * Settings for wired networks are no longer ignored by functions.sh. (Closes: #401413) -- Kel Modderman Sun, 10 Dec 2006 01:25:11 +1000 wpasupplicant (0.5.5-3) unstable; urgency=low * Make needlessly global shell function variables local. Use local consistently. [debian/functions.sh] * Enhance error message when wpa-conf or wpa-roam mode is requested, but the supplied configuration file is not readable or incorrect. [debian/ifupdown.sh] * Exchange bogus copyright holder information of functions.sh, ifupdown.sh and wpa_action.sh for information reflecting the _group_ behind them. * Force ap_scan=0 for "wired" IEEE8021X type authentication. [debian/functions.sh] * Add debian specific location for example wpa_supplicant.conf files to wpa_supplicant.conf(8). (Closes: #396005) * Fix typo in wpa_supplicant(8) that referred to non-existant manpage. (Closes: #389948) * Update madwifi private includes to latest (r1794). * Add XS-X-Vcs-Svn field to debian/control file. * Shunt env var IFACE to WPA_IFACE in the ifupdown.sh, wpa_action.sh and function.sh scripts. This allows further flexibility, such as the ability to start wpa_supplicant on an arbitary interface specified by a 'wpa-iface' line in /etc/network/interfaces. -- Kel Modderman Fri, 10 Nov 2006 11:12:56 +1000 wpasupplicant (0.5.5-2) unstable; urgency=low * Update madwifi headers to latest SVN. (Closes: #388316) * Remove failed attempt at action locking. [debian/functions.sh, debian/wpa_action.sh] * Add hysteresis checking functions, to avoid "event loops" while using wpa-roam. [debian/functions.sh, debian/wpa_action.sh] * Change of co-maintainer email address. * Add ishex() function to functions.sh to determine wpa-psk value type in plaintext or hex. This effectively eliminates the need for the bogus and somewhat confusing wpa-passphrase contruct specific to our scripts and allows wpa-psk to work with either a 8 to 63 character long plaintext string or 64 character long hex string. * Adjust README.modes to not refer to the redundant wpa-passphrase stuff. * Add big fat NOTE about acceptable wpa-psk's to top of example gallery. * Strip surrounding quotes from wpa-ssid if present, instead of just whining about them. * Update email address in copyright blurb of functions.sh, ifupdown.sh and wpa_action.sh. -- Kel Modderman Thu, 5 Oct 2006 08:04:01 +1000 wpasupplicant (0.5.5-1) unstable; urgency=low * wpa_supplicant(8) now describes the -P (PID file) line option in the manpage. (Closes: #381721) * wpa_passphrase(8) is clearer about describing its purpose. * Start a paragraph in README.modes containing information about best security practises while using and configuring wpa_supplicant. For now it briefly covers the topic of file permissions. (Closes: #382241) * Implement PSK and ASCII passphrase key sanity checking, and warn user about suspicious key lengths (managed mode only). * Add leading example network conf, using wpa-passphrase, to README.modes. * README.Debian documentation changes as sugested by Eduard Bloch (Closes: #382314) - reordered sections by importance for a new user, this ensures wext info for ipw drivers is obvious (Closes: #384299) - rewrote the first chapter to give a fluent introduction, refered to wireless-tools doc - add missing .gz to README.notes path (Closes: #386603) * Reshuffle of README.modes, moving How It Works section toward the latter end to avoid stopping people from missing out on important info. * Rename 'Notes About Managed Mode' to 'Important Notes About Managed Mode'. * Clarify the status of madwifi and 'wext' in README.modes. (Closes: #382651) * Return exit status of daemon start commands. * Further cleanup of ifupdown.sh, move functions to head of script. * wpa-ifupdown no longer checks interface state. * Touch logfile before redirecting output to it via exec, to make sure it is writeable. * Split common code into /etc/wpa_supplicant/ifupdown_common.sh, so that ifupdown.sh and wpa_action.sh may share it. * Add 'wpa_action iface check' option, to test if interface is under influence of wpa_cli or not.. * Start wpa_cli daemon from post-up to avoid a race condition with the roaming daemon where association occurred before the master interface state was recorded. This would cause the mapped logical interface to fail on ifup, as wpa_action would fail to detect the state of the master interface, thus not supply the --force option. This is where a stateless ifupdown would really help. * Make conf_wpa_supplicant no-act for roaming daemon. This is important, so that we do not attach wpa_cli to the ctrl_interface socket and initiate roaming before state is tracked. * Add hints about 'auto' and 'allow-hotplug' options with respect to the roaming interface in README.modes. (Closes: #384501) * Drop patchset for commenting out large wpa_supplicant.conf, use sed instead. * Active dbus interface via CONFIG_CTRL_IFACE_DBUS, add build-dep of libdbus-1-dev to debian/control. * Upstream now provides a connect-to-open-ssid example in the large wpa_supplicant.conf file, therefore there is no need to maintain such an example. Rename wpa_connect_open_ap.conf to wpa_supplicant.conf.template and adjust docs to use this as a starting point for the wpa-roam daemon. * Install wpa_passphrase to /usr/bin, there is no need for it in early boot. * Build qt4 wpa_gui from wpa_gui dir rather than pure qt4 variant (wpa_gui-qt4) as per Jouni's advice. * Add versioned dependency on lsb-base >= 3.0-6 for use of log_action_* in wpa-ifupdown.init. (Closes: #386164) * Use correct terminology when describing wpa-roam in wpa_action(8). (Closes: #386813) -- Kel Modderman Mon, 11 Sep 2006 19:23:05 +1000 wpasupplicant (0.5.4-5) unstable; urgency=low * STDIN was not given to external mapping script correctly. Use the power of eval to fix the issue. [wpa_action.sh] * Fix stupid debian/control error: duplicate Suggests fields. -- Kel Modderman Thu, 10 Aug 2006 01:03:38 +1000 wpasupplicant (0.5.4-4) unstable; urgency=low * Add support to wpa_action.sh and ifupdown.sh for allowing external mapping logic to be used as opposed to the id_str logic. Thanks to Felix Homman for the great insight while implementing this feature. * Add a timeout loop of max 60s when waiting for an action to finish. [wpa_action.sh] * Minor cleanups wrt code comments and function placement in ifupdown.sh. * Suggest guessnet, now that it can directly "plug in" to wpa_action. Also demote iproute from Recommends to Suggests, it is not important by any means and was only added to honour a wishlist request. * Prepare for ctrl_interface socket changes in 0.5.5. It can be provided by 'DIR=foo GID=bar' or 'ctrl_interface=foo' in wpa_supplicant.conf. Our sed check for this path in ifupdown.sh should now support both alternatives. * Move LOCKFILE and LOGFILE into WPA_ namespace. [wpa_action.sh] * Use semi-colon instead of comma for verbose output as that seems to be a standard among many different applications. -- Kel Modderman Tue, 8 Aug 2006 20:04:11 +1000 wpasupplicant (0.5.4-3) unstable; urgency=low * UNRELEASED * Further optimisation of ifupdown.sh, use return values in init_wpa_supplicant() to dictate if further commands should follow, rather than exiting immediately. * Standardize echo'ing in ifupdown.sh. Add a wpa_msg() function to take care of "verbose|action|stdout|stderr" messages. * Add a 5 second timeout loop to init_wpa_supplicant() that waits for the ctrl_interface socket to be established before allowing wpa_cli to launch, and avoid a race condition. This means other functions no longer need to test for existence of the ctrl_interface socket. [ifupdown.sh] * Rename WPA_DRIVER to WPA_SUP_DRIVER to conform with name scheme of other similar variables. [ifupdown.sh] * Add (untested) wpa-bridge support to ifupdown.sh. This is an experimental upstream feature. * Major refactoring of wpa_action.sh, with all related commands put into independent shell functions. * Improve feedback from wpa_action.sh when used interactively. Give usage statement instead of simply returning "insufficient parameters". * 'wpa_action reload' is logged after the action. It is called interactively, and should also give interactive feedback. Same for 'wpa_action stop'. * Remove superfluous check for /var/log, and put logging initialisation into its own function, log_init(). [wpa_action.sh] * Shut `ip addr flush dev "$IFACE" up', it almost always has nothing to flush. * wpa-ifupdown init script now takes care of all interfaces while displaying only one line. * Don't set -e in wpa_action.sh. wpa-ifupdown script no longer takes exit status into account, and I'd prefer to account for all possible avenues of exit possible and log all encountered problems. * Really fix #375599, by containing the CTRL_IFACE_DIR path in WPA_SUP_CONF always, customised or not. The WPA_CTRL_IFACE socket was not being created when ommitted from the wpa_supplicant.conf file. * Add 'wpa-maint-debug' to enable set -x in ifupdown.sh, so that we can easy track down vague problems. * Slightly modify the way in which madwifi is activated. The default config we apply does not activate madwifi by default any longer, it is done via seperate patches; 20_include_madwifi modifies the .config file to activate the driver_madwifi backend, and adds the required CFLAGS to find the includes that are later added via one of the 21_madwifi*_includes patches. * Update madwifi includes to that of the current offering in the debian archive, r1680. * Implement basic locking for wpa_action action's for when the user callable "stop" action is executed while wpa_action is busy configuring the device. The wpa_cli daemon is killed, then wpa_action waits for the current action to finish gracefully before killing wpa_suppliant. This helps avoid inconsistencies with ifupdown when volatile conditions are experienced as part of the roaming setup (for example, driver problems causing connection loops). * Rename WPA_CLI_ACTFILE to WPA_CLI_LOCKFILE in ifupdown.sh. * Condemn the use of wpa-action scripts: - add NEWS item describing the superior alternative: wpa-roam - remove example action scripts - remove conf_wpa_cli() from ifupdown.sh * Condense README.Debian and NEWS, so that they contain only relevant items, and do not repeat the same information. * Massive enhancement of README.modes, in an attempt to relay the information about how this package, and wpa_supplicant work in debian with the greatest of clarity. * Harden tests for daemon pidfiles. No longer be satisfied that a pidfile exists, but use start-stop-daemon to test its validity by sending a signal 0. Remove pidfiles that do not pass the test. * Fix stupid $DAEMON_VEROSITY typo that was used consistently throughout script. [ifupdown.sh] * Assoctiate "down" with the stop action of wpa_action. * Thanks Marc Haber for reading over docs and notifying of some of the follwoing issues. - Fix typo "automattically" in README.modes. - Remove bogus pre-up example from wpa_action(8) and README.modes - Explain in more detail how /etc/wpa_supplicant/ifupdown.sh works in README.modes. * Add "The Logfile" section to README.modes. * Add patch from upstream to fix writing of stakey, peerkey, and id_str network configuration variables into the configuration file when update_config=1 is set. Thanks to Felix for reporting. -- Kel Modderman Thu, 3 Aug 2006 15:58:24 +1000 wpasupplicant (0.5.4-2) unstable; urgency=low [ Kel Modderman ] * End testing period. The 0.5 branch of wpa_supplicant upstream has proven to be non disruptive to users' configurations over the past few weeks, lets now allow this to propogate to testing. (Closes: #374342) * Clean up the LSB Init header block. Provide all fields as per LSB Init Script Comment Convention specification. * Do not use /usr/bin/env to interrogate the environment for IF_WPA variables, /usr may not be mounted at time of invocation. Use `set' (shell built-in) instead. (Closes: #376243) * Exit if IFSTATE_FILE or INTERFACES_FILE do not exist. Also, look for ifstate file in /var/run/network to remain compatible with Ubuntu's ifupdown divergence. (lp#51351) * Add a similar IFSTATE_FILE test to wpa-ifupdown.init, to remain compatible with Ubuntu. (lp#51351) * Update wpa_action.8 with the behaviour of wpa_action when IFSTATE_FILE or INTERFACES_FILE cannot be found, and the pathnames searched for their existence. * Mention wpa_cli(8) in Custom Action Script section of README.Debian, as it contains information about environment variables available to the script at runtime. * Also clarify dhclient wpacli-action script usage, to avoid people mistakenly cp'ing the skeleton script. * Add some info about howto revert installation of deprecated init script to NEWS file. * Add 'wpa-verbosity' switch, so that setting 'wpa-verbosity 1' in an interfaces stanza will cause wpa_supplicant's ifupdown hook to be loud. This was overlooked when #361586 was closed some time ago. * Remove return value hack in wpa_action, use set -e to exit on error instead. (Closes: #376553) * Not only flush IFACE when iproute is installed, but also use /sbin/ip to set 'up' operstate as well. * Default to wext without exception. Remove the check for wireless extensions via /proc/net/wireless, and prevent driver type of "wired" from being selected in the case that the iface may not be "prepared" yet. (Closes: #376651) * Remove duplicating pidfile shell var's in wpa_action.sh by simply making them global. [ Reinhard Tartler ] * Note that ap_scap=2 can help speeding up associations (Closes: #368770) * wpa_action: flush the ip addr, if the package iproute is installed * wpa_action: add action 'reload' to reload the wpa_supplicant configuration * debian/control: add iproute to Recommends -- Kel Modderman Wed, 5 Jul 2006 18:42:06 +1000 wpasupplicant (0.5.4-1) unstable; urgency=low * New upstream release. * WPA_CRTL_DIR environment variable is now exported to action scripts, we will use it to print a status report after a CONNECTED event. * Make logfile contents easier to read by adding a break between each ACTION event. * Recommend dhcp3-client, it handles consecutive wpa_action events with more grace than dhcp-client by not starting multiple dhclient processes on the same interface. * Don't remove wpa_action logfile on 'stop'. * Enhance wpa_action(8) to better explain the concept of a LOGICAL interface. * Install wpa_passphrase to /bin. (Closes: #373948) * Manpages have been slightly enhanced, and now briefly explain wpa_cli action environment variables and wpa_supplicant -C and -g options. (Closes: #372615) * Rename wpa_cli daemon pidfile to wpa_action.IFACE.pid for wpa-roam. * Further env variable testing cleanups to ifupdown.sh. * Global rename of WPA_COMMON_CTRL_IFACE to WPA_CTRL_DIR, as this is used for the same purposes upstream. * No longer penalise users for not having ctrl_interface explicitly contained within their wpa_supplicant.conf. (Closes: #375599) * Move WPA_ACTION_SCRIPT sanity checking into init_wpa_supplicant() to avoid ifupdown.sh exiting when bringing down an interface when ifup previously failed due to a missing or non-executable action script. * Add numerous code comments to ifupdown.sh. * Move WPA_CLI_OPTIONS and WPA_SUP_OPTIONS into their respective init() functions. * wpa_action now logs 'stop' events to file, updated manpage. * Split wpa_action logging into two parts, event and environment. Only wpa_cli events will echo env var's. * wpa_action exits with retval of ifdown command on 'stop' event. * Add workaround for sendsigs (initscripts) terminating wpa_supplicant processes before networking is shutdown gracefully. An init script wpa-ifupdown is called at sequence number 15 in runlevels 0 and 6 to bring down all interfaces that were started via ifupdown.sh. -- Kel Modderman Tue, 27 Jun 2006 20:29:33 +1000 wpasupplicant (0.5.3+20060522-3) unstable; urgency=low [Reinhard Tartler] * review and make the warnings in debian/NEWS even more obvious. * advertise the manpage wpa_action(8) and the implemented roaming solution better. [Kel Modderman] * Bugfix: /etc/network/ifstate is not guarenteed to exist, we should grep /etc/network/run/ifstate in wpa_action. (Closes: #373179) * Include madwifi old development headers and provide a series of steps to enable support for users of the madwifi-old driver in debian/NEWS. * Restore init script example and information about its usage. * Use INTERFACES_FILE and IFSTATE_FILE in wpa_action.sh. Thanks for idea from Modestas Vainius. -- Kel Modderman Wed, 14 Jun 2006 01:13:08 +1000 wpasupplicant (0.5.3+20060522-2) experimental; urgency=low * Warn user and exit when wpa-roam is not started with manual inet METHOD. * Remove awk line to "guess" a network_id, instead create the new block and store output of wpa_cli in WPA_ID. (make sure that -i IFACE is used) * Rename wpa_cli_wrapper() to wpa_cli() and make it absoluetly generic, including only the IFACE and path to ctrl_iface socket. * Introduce wpa_cli_do() and rewrite conf_wpa_supplicant() to enhance readability and maintainability. * Make WPA_ID variable local to conf_wpa_supplicant() * Exit with status 1 when wpa-action fails. * Move test's into init/conf/kill function header and clean up phase specific case constructs at the tail of ifupdown.sh. * Ensure lang barrier does not interfere with wpa_cli, use LC_ALL=C. * Add patch from Dan Williams that works around a problem specific to wep keys and orinoco chipsets. * Update madwifing_includes dpatch to latest madwifi.org svn. * Add WPAGUI to debian/rules, so that only one change has to be made to use a different wpa_gui target. Remove $(WPAGUI)/Makefile in clean target. * Purge and forget about the old init example script. -- Kel Modderman Sat, 10 Jun 2006 22:25:58 +1000 wpasupplicant (0.5.3+20060522-1) experimental; urgency=low * New upstream development snapshot. * Oops: Disable CONFIG_EAP_SAKE. (Closes: #366937) * Rename debian/wpasupplicant.ifupdown to debian/ifupdown.sh. There is no need for that script to be named that way, as it may falsely seem to be handled by a debhelper target. * Don't attempt to send terminate signal via wpa_cli when start-stop-daemon can be used. * Use debhelper 5 compat level. * Use wpa_gui-qt4, and build-depend on libqt4-dev. * Use WPA_ID instead of NW_ID to make variable similar with what upstream uses for a similar purpose (unique identifier). * Add ifupdown environment var's to verbose output to assist in debugging. * Fix some typo's (engine_id, key_id) in ifupdown.sh. * ifupdown.sh no longer busy-loops when using an action script with wpa-action-timeout 0. Thanks to Elmar Hoffmann! * Allow wpa_cli action daemon to engage before configuring wpa_supplicant via wpa_cli set_network commands to avoid a possibly racy condition. * Move VERBOSITY variable to the beginning of ifupdown.sh, with the others. * Indent shell code in wpacli-action-* scripts. * Bumb Standards-Version to 3.7.2. * Allow for future PHASE specific stuff in start MODE of ifupdown.sh. * Move the action script sanity checks out of init_wpa_supplicant into common section of ifupdown.sh. * Create wpa_cli_wrapper to assist in major code clean up and future maintenance of ifupdown.sh. * Support madwifi-ng private ioctl's with the inclusion of the headers from madwifi.org svn trunk. (At the expense of not supporting the madwifi-old driver, which is deprecated by upstream madwifi) * Add wpa_action.sh to provide /sbin/wpa_action and facilitate roaming via ifupdown and network settings defined in /etc/network/interfaces (refer to wpa_action(8) for more details). -- Kel Modderman Sun, 28 May 2006 20:33:38 +1000 wpasupplicant (0.5.3-1) experimental; urgency=low * New upstream development release. * Orphaned daemons that are spawned during an ifup process that is manually terminated are now checked for and killed. * Don't make noise when we are not using the manual inet method and wpa-action is used. * Warn about non-executable action script. * Ensure wpa_cli actfile is destroyed. * Make start-stop-daemon verbose when VERBOSITY is set. * Renumber dpatches for sanity. * Make ifupdown script modular; split into shell functions. * Fix typo in README.Debian, referring to a non-existant location. * Disconnect and terminate existing ctrl_interface sockets. -- Kel Modderman Sat, 29 Apr 2006 14:53:51 +1000 wpasupplicant (0.5.2-3) experimental; urgency=low [ Kel Modderman ] * Remove bad information about wpa-driver-file in docs. * Actually fall back to wext as DRIVER type in example init script. * Fix typo in debian/control, remove suggests of dhcp*-client alltogether. * Remove bogus commands to set eapol_version and fast_reauth. They cannot be set via wpa_cli. * Make preauthenticate a global wpa_cli setting, rather than a per-ssid one. * Kill dhclient process after a DISCONNECT signal in dhclient action script example. * Document that the action script must must be executable. * Fix check for wireless extensions for when there is not whitespace after $IFACE:. * grep for $IFACE in /proc/net/dev to verify it is a valid network interface. * Improve documentation about wpa-driver, and further clarify that all wpa_cli commands should be supported in e/n/i by prefixing them with "wpa-". * Add a note about wpa-action-timeout. [ Reinhard Tartler ] * remove last reference to /etc/default/wpasupplicant. It is gone, don't revive zombies! * small cleanups in debian/rules * further clarifications in README.Debian -- Kel Modderman Tue, 11 Apr 2006 22:05:06 +1000 wpasupplicant (0.5.2-2) experimental; urgency=low [ Kel Modderman ] * Bump debian revision to upgrade over the previously version uploaded to experimental, which has sufficiently changed since that time to warrant rebasing the package upon the 0.4.8-1 release to unstable. * Make ifupdown script exit silently when binaries are not found or executable. * When ifupdown exits with an error status, do not hide the echo'd problem description behind the VERBOSITY environment variable. * Remove check for wpa_cli pidfile when executing an action script. This check was racy, and not always successful. Sometimes, the device was marked as up without allowing the action script a chance to finish. * Improve feedback for wpa_cli action script daemon. * Ensure WPA_CLI_ACTFILE is removed when wpa_cli is terminated. * Fix typo in ifupdown script that later propogated into some example information in README.debian (wpa-apscan should have been wpa-ap-scan). Provide backwards compatibility for this change for those who already followed the example. * Check for existing pidfiles before executing daemons via ifupdown. [ Reinhard Tartler ] * enable driver test * add eap_testing.txt to documentation * enhance Readme.txt -- Kel Modderman Tue, 4 Apr 2006 06:40:35 +1000 wpasupplicant (0.4.8-1) unstable; urgency=low [ Reinhard Tartler ] * Finally bringing in the new Upstream version with the ap scan patch for wpa-cli, required by network-manager (Closes: #356072) * Dropping Mode 3 (start by init script) (Closes: #356842, #357760) * add hint for associating to hidden ssids (Closes: #358137) * add a note for faciliating debugging connection problems * add this note to README.modes as well. * remove or backup obsolete conffiles /etc/network/if-p{re-up,ost-down}.d/wpasupplicant * install the wpasupplicant.conf(5) manpage (Closes: #358138) * don't start wpa_supplicant for loopback interface (Closes: #359814) * add explanation about action scripts, mentioning that we expect now the action script to create a file indicating that the interface is ready for use. * add warning in NEWS.Debian that upgrading to this package requires manual intervention by the local admin. * move old 'default configuration' to /usr/share/doc/wpasupplicant/examples as example for connecting to open APs. * remove version restriction from preinst. This means that obsoleted conffiles are always removed! * moved the ifupdown script to /etc/wpa_supplicant/ifupdown.sh * added note about binaries beeing moved to /sbin [ Scott James Remnant ] * Undo 0.4.8-0ubuntu2's replacement of the preinst/postinst/postrm triad, which replaced the upgrade-failure proof and policy compliant code with "something else". * Restore change to ifupdown script that makes "wpa-conf" unnecessary. * Move /etc/wpa_supplicant.conf to /etc/wpa_supplicant/wpa_supplicant.conf if the user has modified it, otherwise remove it and install the new file. * Remove 0_ from if-*.d symlink names as we don't force an order or even serialisation. [ Kel Modderman ] * Remove check for /proc/net/packet. (Closes: M#37121) * Add timeout loop when launching a wpa_cli action script in conjunction with the manual inet METHOD, to allow other ifupdown hooks to post-configure the interface just as they would have if using a standard method such as dhcp or static. Introduce WPA_CLI_ACTFILE to allow a wpa_cli action script to signal connected state to ifupdown. * Add skeleton wpa_cli action script to examples. * Simplify wpasupplicant.examples. * Don't install wpa_supplcant.defconf as the default wpa_supplicant conffile, our users don't want that file interrogated by anyone, even dpkg. -- Reinhard Tartler Fri, 31 Mar 2006 10:58:16 +0200 wpasupplicant (0.4.8-0ubuntu3) dapper; urgency=low * Add 40_ctrl_iface_hide_keys.dpatch to hide passwords and PINs from our logfiles, preventing an information disclosure vulnerability. -- Adam Conrad Wed, 29 Mar 2006 23:49:26 +1100 wpasupplicant (0.4.8-0ubuntu2) dapper; urgency=low [ Kel Modderman ] - done in debian experimental for version 0.5.2-1 * New upstream release. * Add myself to Uploaders. * Convert to cdbs. - rewrite debian/rules to take advantage of cdbs - update control file build-deps * Update README.modes. - clarify that wext is used by default, when no driver is specified - fix exmaple of wpa-psk using a plaintext string - fix typo's * Fold pre-up scripts into one, and symlink from /etc/network/if-{pre-up,down}.d/wpasupplicant * Use VERBOSITY of ifupdown to assist debugging of wpa stanza's in /etc/network/interfaces. * Add support for wpa_cli action scripts. * Use start-stop-daemon to initiate wpa_supplicant and wpa_cli background processes. * Daemons now create pidfiles. * Quote tested var's in wpasupplicant.init. * Quote all var's in wpsupplicant.default for uniformity. * Move wpa_* to /sbin. * Conffile for wpa_supplicant now installed to /etc/wpa_supplicant/wpa_supplicant.conf. That directory will hold any other files that we may require to use wpa_supplicant. * Don't start wpasupplicant pre-up if the current kernel lacks support for "Packet Socket" (CONFIG_PACKET=y). * Fix blunders in the init script. - typo, $PIFFILE should have been $PIDFILE - init script exited when a configuration file WAS found * Force init daemon's pidfile to be the same as wpasupplicant.ifupdown uses, to avoid duplicate wpa_supplicant processes binding to the same interface. * Remove the margin for error from the init daemon, by forcing the default variables to be set. Helpful and informative comments were placed in the default file. The init script will exit if these variables are not set correctly. (Closes: #357957) * Add comment to defconf about ctrl_interface and wpa_cli. * Add comments to previously uncommented dpatch's. * Include proof-of-concept dhlcient wpa-action script. Suggest dhcp(3)-client. * Thanks to Henrik Brix Andersen from gentoo for the ideas and inspriration for some of the above changes. [ Reinhard Tartler ] * compile wpa_gui with qt3 rather than qt4. (in order to faciliate backporting to sarge) * revert to debhelper 4 * take the complete packaging from our experimental branch. The last upload did not document all changes properly (see the list above), and had still a lot of issues. * fixing typo in the preinst -- Reinhard Tartler Mon, 27 Mar 2006 15:28:22 +0200 wpasupplicant (0.5.1-1) experimental; urgency=low [ Reinhard Tartler ] * New Upstream Release. This is the current development branch of wpasupplicant. * revised the init script for supporting roaming mode * introduce README.modes explaining the differnet modes of operation * install manpage wpa_supplicant.conf(5) (Closes: #358138) * make wpasupplicant create a PID file (Closes: #355052) * Revise wpasupplicant.postinst (Closes: #322176) [ Kel Modderman ] * New experimental ifupdown scripts. (Closes: #322176, #356205, #356144) * Drop wpasupplicant.{postrm,postinst,override,docs}. * Use dh_installchangelogs to handle upstream changelog. * Enforce permissions on installed files. * Clean up handling of madwifi includes - dpatch contains description of origin - dpatch does not modify upstream, use CFLAGS to include madwifi headers * Add wpa_background manpage provided by upstream. -- Kel Modderman Tue, 14 Mar 2006 23:00:47 +1000 wpasupplicant (0.4.8-0ubuntu1) dapper; urgency=low * New upstream release: - Various bug fixes - Support for EAP-FAST key derivation using other ciphers than RC4-128-SHA for authentication and AES128-SHA for provisioning. - UVF exception granted by Kamion. * Packaging and configuration is based on Debian Experimental however, making this package something of a bastard love child of what's in Debian. * Deliberately dropped support for wpasupplicant being run at startup to make it easier for Ubuntu to support. It's now run on a per-interface basis when the interface is brought up. Consult /usr/share/doc/wpasupplicant/README.Debian for documentation if upgrading from universe. * Unlike Debian the wpa-conf /etc/network/interfaces is only needed for explicitly giving a configuration file; simply include any setting for wpa to be used. * Binaries moved to /sbin for seb128. -- Scott James Remnant Thu, 23 Mar 2006 23:29:57 +0000 wpasupplicant (0.4.7-4) unstable; urgency=low [Daniel T Chen] * Convert rcS.d script to use /etc/network/if-p{ost-down,re-up}.d instead. Remove the rcS.d script installed in 0.4.7-0ubuntu{1,2}. If you manually modified /etc/network/interfaces to use the pre-up and post-down directives with wpasupplicant, please remove them. Thanks to Scott James Remnant for the guidance. (Closes: #304032) [Kel Modderman - submitted via bug #353530] (Closes: #353530) * Use upstream manpages. * added watch file * cleanups in debian/rules * Install wpagui manpage to man8 * Use qmake-qt4 directly, to avoid ftbfs on systems with other qt versions installed. [Reinhard Tartler] * Merged with ubuntu package * added myself to Uploaders * use debhelper 5 * remove debian/wpasupplicant.conffiles, debhelper handles this on its own * renamed ChangeLog.gz to changelog.gz, (Policy 12.7) * installed lintian override for possible multiple calling of update-rc.d. This is necessary to support different upgrade paths. * revised postinst, so that updating initskript links happens in when configuring the package only * introduce debian/NEWS, documenting importants bits of debian/changelogs, and a bit about future development of wpasupplicant * verified working WPA EAP-TLS on ipw2200. (Closes: #317548) * /etc/init.d/wpasupplicant is now a initscript which is not started on startup by default. (see changes by Daniel T Chen). lintian is not happy about this, so another lintian override was added -- Reinhard Tartler Fri, 24 Feb 2006 18:27:52 +0100 wpasupplicant (0.4.7-3) unstable; urgency=low * Another brown paper bag release. * Fix mistype of $CONFIG_FILE variable name in default script. Also make this the same variable checked for existence in the init script, as that was another bug I missed. (closes: #350900) -- Kyle McMartin Wed, 01 Feb 2006 09:21:41 -0500 wpasupplicant (0.4.7-2) unstable; urgency=low * Brown paper bag release. * Add description for wpagui binary package... -- Kyle McMartin Sat, 28 Jan 2006 16:51:56 -0500 wpasupplicant (0.4.7-1) unstable; urgency=low * New upstream version. (closes: #347347) * New binary package, wpa_gui; build-deps on Qt4. (closes: #332654) * Move wpasupplicant to run in rcS, before networking. This will likely upset a few people, but as wpasupplicant can wait for the interface to exist before doing anything, it shouldn't cause any real problems. (closes: #310136) * Document in default config file that EAP-FAST will not work without a patch to OpenSSL. (closes: #322174) * Comment out most of the default config file, some people kept the whole file verbatim, causing OpenSSL to try and load some uncommon libraries people likely didn't have installed, resulting in wpasupplicant segfaulting (closes: #330138, #336423) * Also for #336423, Suggest: libengine-pkcs11-openssl, and document why. * Make more noise when the daemon fails to run. (closes: #346265) * Don't advertise that -i may not be required in default/wpasupplicant, this option was removed as it did not scale to handle multiple interfaces. (closes: #322175) * Document typical location of config file in manpage. Note, wpasupplicant no longer implicitly finds a config file. (closes: #315963) * Add simple WPA-PSK example to default config file. (closes: #331533) * Split up $OPTIONS in default/wpasupplicant. (closes: #331533) -- Kyle McMartin Sat, 28 Jan 2006 02:30:27 -0500 wpasupplicant (0.4.6-0.2) unstable; urgency=low * New upstream version (closes: #335487). * This version is designed for Wireless Extensions 19 and so will work with Linux kernel 2.6.14. Closes: #338131. * Note that WPA support was added in Wireless Extensions 18 and should therefore exist in new (2.6.14-compliant) drivers, including ipw2200 v1.0.8. In order to take advantage of this new support you need to invoke wpasupplicant with the wext driver ("-D wext" in /etc/default/wpasupplicant for instance, instead of "-D ipw" say). Probably closes also #304087 and #317548, but I'm not going to confirm that just for an NMU. * Added comments to README.Debian amounting to the above. * Borrowed some of Norbert Preining's improvements: - add debhelper token to postrm script - fix address of FSF in copyright file - bump standards version to 3.6.2 (Kyle, when you get back to this package, find Norbert's other changes upgrading to debhelper 4 in bug #338131). * Set NMU version to 0.2 for Norbert's convenience. * Marked /etc/init.d/wpasupplicant as a conffile (should really use debhelper4 to take care of this, but I'm not going to make the other changes needed for this). -- Drew Parsons Thu, 10 Nov 2005 20:34:35 +1100 wpasupplicant (0.4.4-1) unstable; urgency=low * New upstream version. * Ship a default /etc/wpa_supplicant.conf which associates with any open access point. (closes: #287220, #322171, #315964) * /etc/default/wpasupplicant is no longer mode 755 (closes: #315031) * Add a postrm script, oops, overlooked this initially... (closes: #327522) * Fix hyphen/minus in man pages. (closes: #296310) * patches/ - 01_config + update + Enable wired driver. (closes: #325296) + Add EAP_FAST to config, but comment it out. EAP_FAST requires a patch to openssl before it is compileable. - 10_madwifi_includes + update from madwifi CVS. (closes: #326226) -- Kyle McMartin Sat, 24 Sep 2005 12:35:02 -0400 wpasupplicant (0.4.2-1) unstable; urgency=low * New upstream release. * Add debhelper flag to postinst. -- Kyle McMartin Sat, 18 Jun 2005 19:04:02 -0400 wpasupplicant (0.4.1-0) unstable; urgency=low * New upstream release. * This release was not uploaded. -- Kyle McMartin Sun, 29 May 2005 17:40:11 -0400 wpasupplicant (0.4.0-1) unstable; urgency=low * New upstream release. * patches/ - 12_ipw_open_aps + remove patch: It seems to cause problems with associating with open access points. - 11_madwifi_open_aps + remove patch, fixed upstream driver_madwifi: fixed association in plaintext mode -- Kyle McMartin Sat, 30 Apr 2005 11:28:01 -0400 wpasupplicant (0.3.8-1) unstable; urgency=low * New upstream release. * This release fixes a crash due to a buffer overflow, caused by a missing validation step on EAPOL-Key frames. Receiving malformed frames trigger the crash. More information available in the notes: http://lists.shmoo.com/pipermail/hostap/2005-February/009465.html * Fix some badness with the init script. Missed the -B option to daemonize wpa_supplicant... pidfile is not currently being used as it requires modifying wpa_supplicant. * patches/ - 12_ipw_open_aps (closes: #295143) + merge patch against driver_ipw to fix association with open access points. -- Kyle McMartin Tue, 15 Feb 2005 00:51:28 -0500 wpasupplicant (0.3.7-1) unstable; urgency=low * New upstream stable release. * Add preliminary init script for wpasupplicant. Currently it will start after pcmcia, for obvious reasons. (closes: #287219) * patches/ - 11_madwifi_open_aps (closes: #294909) + merge patch against driver_madwifi to fix association with open access points. -- Kyle McMartin Sat, 12 Feb 2005 22:56:11 -0500 wpasupplicant (0.3.2-2) unstable; urgency=low * patches/ - 06_default_ifname + support a default interface specified in wpa_supplicant.conf -- Kyle McMartin Sun, 23 Jan 2005 03:26:01 -0500 wpasupplicant (0.3.2-1) unstable; urgency=low * New upstream release. * From upstream changelog, and verified: (closes: #286443) + fixed private key loading for cases where passphrase is not set -- Kyle McMartin Mon, 20 Dec 2004 10:22:11 -0500 wpasupplicant (0.3.1-2) unstable; urgency=low * Add CONFIG_CTRL_IFACE=y option to maintain old configuration file compatibility. -- Kyle McMartin Sat, 18 Dec 2004 14:03:19 -0500 wpasupplicant (0.3.1-1) unstable; urgency=low * The "Kyle is a lazy, lazy, lazy hacker" release. * Removed patch for ipw2100, as it's been integrated upstream. (closes: #281979) * Remove default wpa_supplicant.conf from /etc, since we aren't installing a configuration file that will work by default. Instead, it has been moved to /usr/share/doc/wpasupplicant/examples. * Enable a few more options. Unfortunately support for Broadcom's wl.o must be disabled, since it requires a header file with an "All Rights Reserved" copyright. LinuxAnt DriverLoader is similarly disabled, though NDISWrapper is supported. -- Kyle McMartin Thu, 16 Dec 2004 12:39:01 -0500 wpasupplicant (0.2.5-2) unstable; urgency=low * Merged patch from Lorenzo Martignoni, to enable support for WPA on the Intel IPW2100 wireless chipset (aka: Centrino). -- Kyle McMartin Sat, 23 Oct 2004 15:21:11 -0400 wpasupplicant (0.2.5-1) unstable; urgency=low * New upstream version. (closes: #276368) -- Kyle McMartin Tue, 12 Oct 2004 09:10:19 -0400 wpasupplicant (0.2.4-2) unstable; urgency=low * patches/ - 01_config + enable TLS support (and various other non-default configurations) - 05_default_conf + patch to use "/etc/wpa_supplicant.conf" by default, instead of prompting for the configuration on the command line. * Add Build-Depends on libssl-dev, used by various EAPs. -- Kyle McMartin Sun, 12 Sep 2004 11:16:19 -0400 wpasupplicant (0.2.4-1) unstable; urgency=low * Initial release. * patches/ - 01_config + default configuration - 10_madwifi + support for wireless cards using the madwifi driver -- Kyle McMartin Sun, 5 Sep 2004 13:19:27 -0400