upg wpa_supplicant weird as hell upgrade

This commit is contained in:
joborun linux 2024-01-08 02:43:30 +02:00
parent 64da9a2665
commit bc8a5dcf97
23 changed files with 1277 additions and 99 deletions

File diff suppressed because one or more lines are too long

View file

@ -0,0 +1,37 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Mathieu Trudel-Lapierre <cyphermox@ubuntu.com>
Date: Mon, 13 Mar 2017 13:46:12 -0400
Subject: [PATCH] Add IgnoreOnIsolate=yes to keep wpa-supplicant running while
systemctl isolate
> Add IgnoreOnIsolate=yes so that when switching "runlevels" in
> oem-config will not kill off wpa and cause wireless to be
> unavailable on first boot. (LP: #1576024)
Also happens when running systemctl isolate default.target:
> NM should be detecting that wpasupplicant is not running and start
> it -- this should already have been working by way of wpasupplicant
> being dbus-activated.
[...]
> It seems to me like IgnoreOnIsolate for wpasupplicant would be the
> right thing to do, or to figure out why it isn't being properly
> started when NM tries to use it.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1576024
---
wpa_supplicant/systemd/wpa_supplicant.service.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/wpa_supplicant/systemd/wpa_supplicant.service.in b/wpa_supplicant/systemd/wpa_supplicant.service.in
index bc0688a800d3..561ae8f827ab 100644
--- a/wpa_supplicant/systemd/wpa_supplicant.service.in
+++ b/wpa_supplicant/systemd/wpa_supplicant.service.in
@@ -3,6 +3,7 @@ Description=WPA supplicant
Before=network.target
After=dbus.service
Wants=network.target
+IgnoreOnIsolate=true
[Service]
Type=dbus

View file

@ -0,0 +1,32 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: James Ralston <ralston@pobox.com>
Date: Sun, 1 May 2022 16:15:23 -0700
Subject: [PATCH] Allow legacy renegotiation to fix PEAP issues with some
servers
Upstream: http://lists.infradead.org/pipermail/hostap/2022-May/040511.html
---
src/crypto/tls_openssl.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 273e5cbc6093..ad3aa1a7a7bb 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -1056,6 +1056,16 @@ void * tls_init(const struct tls_config *conf)
SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv3);
+ /* Many enterprise PEAP server implementations (e.g. used in large
+ corporations and universities) do not support RFC5746 secure
+ renegotiation, and starting with OpenSSL 3.0,
+ SSL_OP_LEGACY_SERVER_CONNECT is no longer set as part of SSL_OP_ALL.
+ So until we implement a way to request SSL_OP_LEGACY_SERVER_CONNECT
+ only in EAP peer mode, just set SSL_OP_LEGACY_SERVER_CONNECT
+ globally. */
+
+ SSL_CTX_set_options(ssl, SSL_OP_LEGACY_SERVER_CONNECT);
+
SSL_CTX_set_mode(ssl, SSL_MODE_AUTO_RETRY);
#ifdef SSL_MODE_NO_AUTO_CHAIN

View file

@ -0,0 +1,52 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 22 May 2022 17:01:35 +0300
Subject: [PATCH] OpenSSL: Drop security level to 0 with OpenSSL 3.0 when using
TLS 1.0/1.1
Commit 9afb68b03976 ("OpenSSL: Allow systemwide secpolicy overrides for
TLS version") with commit 58bbcfa31b18 ("OpenSSL: Update security level
drop for TLS 1.0/1.1 with OpenSSL 3.0") allow this workaround to be
enabled with an explicit network configuration parameter. However, the
default settings are still allowing TLS 1.0 and 1.1 to be negotiated
just to see them fail immediately when using OpenSSL 3.0. This is not
exactly helpful especially when the OpenSSL error message for this
particular case is "internal error" which does not really say anything
about the reason for the error.
It is is a bit inconvenient to update the security policy for this
particular issue based on the negotiated TLS version since that happens
in the middle of processing for the first message from the server.
However, this can be done by using the debug callback for printing out
the received TLS messages during processing.
Drop the OpenSSL security level to 0 if that is the only option to
continue the TLS negotiation, i.e., when TLS 1.0/1.1 are still allowed
in wpa_supplicant default configuration and OpenSSL 3.0 with the
constraint on MD5-SHA1 use.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/crypto/tls_openssl.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index ad3aa1a7a7bb..dad1135c692d 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -1516,6 +1516,15 @@ static void tls_msg_cb(int write_p, int version, int content_type,
struct tls_connection *conn = arg;
const u8 *pos = buf;
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ if ((SSL_version(ssl) == TLS1_VERSION ||
+ SSL_version(ssl) == TLS1_1_VERSION) &&
+ SSL_get_security_level(ssl) > 0) {
+ wpa_printf(MSG_DEBUG,
+ "OpenSSL: Drop security level to 0 to allow TLS 1.0/1.1 use of MD5-SHA1 signature algorithm");
+ SSL_set_security_level(ssl, 0);
+ }
+#endif /* OpenSSL version >= 3.0 */
if (write_p == 2) {
wpa_printf(MSG_DEBUG,
"OpenSSL: session ver=0x%x content_type=%d",

View file

@ -0,0 +1,26 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Andrej Shadura <andrew.shadura@collabora.co.uk>
Date: Fri, 12 Feb 2021 14:28:19 +0100
Subject: [PATCH] Disable -Werror for eapol_test
This may make sense for the upstream, but we just want to build
the tool to be useful to our users; dealing with build errors due
to issues normally manifesting themselves as warnings is burdening
for Debian and its downstreams.
---
wpa_supplicant/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index cb66defac7c8..26b0c930aafb 100644
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -170,7 +170,7 @@ CFLAGS += -DCONFIG_ELOOP_KQUEUE
endif
ifdef CONFIG_EAPOL_TEST
-CFLAGS += -Werror -DEAPOL_TEST
+CFLAGS += -DEAPOL_TEST
endif
ifdef CONFIG_CODE_COVERAGE

View file

@ -0,0 +1,73 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: David Bauer <mail@david-bauer.net>
Date: Sun, 30 Jan 2022 20:22:00 +0100
Subject: [PATCH] nl80211: add extra-ies only if allowed by driver
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl
based adapters. The reason for it is hostapd tries to install additional
IEs for scanning while the driver does not support this.
The kernel indicates the maximum number of bytes for additional scan IEs
using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and
only add additional scan IEs in case the driver can accommodate these
additional IEs.
Reported-by: Étienne Morice <neon.emorice@mail.com>
Tested-by: Étienne Morice <neon.emorice@mail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
Bug: http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
Bug-ArchLinux: https://bugs.archlinux.org/task/73495
Bug-Debian: https://bugs.debian.org/1004524
Origin: http://lists.infradead.org/pipermail/hostap/2022-January/040185.html
---
src/drivers/driver.h | 3 +++
src/drivers/driver_nl80211_capa.c | 4 ++++
src/drivers/driver_nl80211_scan.c | 2 +-
3 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index d3312a34d8f8..b5b626451ffd 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2052,6 +2052,9 @@ struct wpa_driver_capa {
/** Maximum number of iterations in a single scan plan */
u32 max_sched_scan_plan_iterations;
+ /** Maximum number of extra IE bytes for scans */
+ u16 max_scan_ie_len;
+
/** Whether sched_scan (offloaded scanning) is supported */
int sched_scan_supported;
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 83868b78e6f0..b33b6badb13e 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -885,6 +885,10 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg)
nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]);
}
+ if (tb[NL80211_ATTR_MAX_SCAN_IE_LEN])
+ capa->max_scan_ie_len =
+ nla_get_u16(tb[NL80211_ATTR_MAX_SCAN_IE_LEN]);
+
if (tb[NL80211_ATTR_MAX_MATCH_SETS])
capa->max_match_sets =
nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
diff --git a/src/drivers/driver_nl80211_scan.c b/src/drivers/driver_nl80211_scan.c
index 1316084805a3..b0f095192714 100644
--- a/src/drivers/driver_nl80211_scan.c
+++ b/src/drivers/driver_nl80211_scan.c
@@ -207,7 +207,7 @@ nl80211_scan_common(struct i802_bss *bss, u8 cmd,
wpa_printf(MSG_DEBUG, "nl80211: Passive scan requested");
}
- if (params->extra_ies) {
+ if (params->extra_ies && drv->capa.max_scan_ie_len >= params->extra_ies_len) {
wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
params->extra_ies, params->extra_ies_len);
if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len,

View file

@ -0,0 +1,57 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 4 Apr 2022 09:13:12 +0200
Subject: [PATCH] AP: guard FT-SAE code with CONFIG_IEEE80211R_AP
wpa_supplicant doesn't support FT in AP mode, but it still negotiates
FT-SAE. This can lead to an authentication failure when the AP is
started with key_mgmt="SAE FT-SAE" and the STA supports both.
Ensure that FT-SAE is not negotiated when CONFIG_IEEE80211R_AP is not
defined.
Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
---
src/ap/wpa_auth_ie.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c
index 524922e4e686..d63cbeb92599 100644
--- a/src/ap/wpa_auth_ie.c
+++ b/src/ap/wpa_auth_ie.c
@@ -228,11 +228,13 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
pos += RSN_SELECTOR_LEN;
num_suites++;
}
+#ifdef CONFIG_IEEE80211R_AP
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
+#endif /* CONFIG_IEEE80211R_AP */
#endif /* CONFIG_SAE */
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B);
@@ -670,8 +672,10 @@ wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
#ifdef CONFIG_SAE
else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
selector = RSN_AUTH_KEY_MGMT_SAE;
+#ifdef CONFIG_IEEE80211R_AP
else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE)
selector = RSN_AUTH_KEY_MGMT_FT_SAE;
+#endif /* CONFIG_IEEE80211R_AP */
#endif /* CONFIG_SAE */
else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
@@ -778,8 +782,10 @@ wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
#ifdef CONFIG_SAE
else if (key_mgmt & WPA_KEY_MGMT_SAE)
sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
+#ifdef CONFIG_IEEE80211R_AP
else if (key_mgmt & WPA_KEY_MGMT_FT_SAE)
sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE;
+#endif /* CONFIG_IEEE80211R_AP */
#endif /* CONFIG_SAE */
else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;

View file

@ -0,0 +1,42 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Wed, 30 Nov 2022 14:01:55 +0200
Subject: [PATCH] OpenSSL: Apply connection flags before reading certificates
This is needed to be able to drop the OpenSSL security level, if
necessary, for cases where old certificates (e.g., something using SHA-1
signatures) are still needed. openssl_ciphers="DEFAULT@SECLEVEL=0" can
achieve this, but only if applied before attempting to load the
certificates.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---
src/crypto/tls_openssl.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index dad1135c692d..7a929450b949 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -5203,6 +5203,10 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
__func__, ERR_error_string(err, NULL));
}
+ if (tls_set_conn_flags(conn, params->flags,
+ params->openssl_ciphers) < 0)
+ return -1;
+
if (engine_id) {
wpa_printf(MSG_DEBUG, "SSL: Initializing TLS engine %s",
engine_id);
@@ -5308,10 +5312,6 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
#endif /* OPENSSL_IS_BORINGSSL */
}
- if (tls_set_conn_flags(conn, params->flags,
- params->openssl_ciphers) < 0)
- return -1;
-
#ifdef OPENSSL_IS_BORINGSSL
if (params->flags & TLS_CONN_REQUEST_OCSP) {
SSL_enable_ocsp_stapling(conn->ssl);

View file

@ -0,0 +1,29 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: "Jan Alexander Steffens (heftig)" <heftig@archlinux.org>
Date: Wed, 14 Jun 2023 00:54:15 +0200
Subject: [PATCH] Don't upgrade SSL security level to 1 when setting ciphers
This resets it from our intended zero from tls_set_conn_flags.
---
src/crypto/tls_openssl.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 7a929450b949..3e157a2dd2f3 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -4703,10 +4703,13 @@ int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn,
* cipher suites for EAP-FAST.
*/
SSL_set_security_level(conn->ssl, 0);
- } else if (SSL_get_security_level(conn->ssl) == 0) {
+ }
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+ else if (SSL_get_security_level(conn->ssl) == 0) {
/* Force at least security level 1 */
SSL_set_security_level(conn->ssl, 1);
}
+#endif
#endif /* EAP_FAST_OR_TEAP */
#endif

View file

@ -0,0 +1,68 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Ryutaroh Matsumoto <ryutaroh.matsumoto@nagoya-u.jp>
Date: Mon, 8 Jul 2019 00:25:48 +0900
Subject: [PATCH] Add reload support to the systemd unit files
When wifi password is written in /etc/wpa_supplicant/wpa_supplicant-if.conf,
wpa_supplicant@if.service is started by systemd.
When one adds a new pair of SSID and its password in the above config
file, wpa_supplicant has to reload the changed config file.
But "systemctl reload" was not accepted because "ExecReload" was missing
from wpa_supplicant@.service.
Bug-Debian: https://bugs.debian.org/931554
---
wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in | 1 +
wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in | 1 +
wpa_supplicant/systemd/wpa_supplicant.service.arg.in | 1 +
wpa_supplicant/systemd/wpa_supplicant.service.in | 1 +
4 files changed, 4 insertions(+)
diff --git a/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in b/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in
index da69a8705ce8..aa1279591735 100644
--- a/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in
+++ b/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in
@@ -10,6 +10,7 @@ Wants=network.target
[Service]
Type=simple
ExecStart=@BINDIR@/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-nl80211-%I.conf -Dnl80211 -i%I
+ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
diff --git a/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in b/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in
index ca3054bc6d55..c0855babd4d1 100644
--- a/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in
+++ b/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in
@@ -10,6 +10,7 @@ Wants=network.target
[Service]
Type=simple
ExecStart=@BINDIR@/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-wired-%I.conf -Dwired -i%I
+ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
diff --git a/wpa_supplicant/systemd/wpa_supplicant.service.arg.in b/wpa_supplicant/systemd/wpa_supplicant.service.arg.in
index 55d2b9c81712..2097be324869 100644
--- a/wpa_supplicant/systemd/wpa_supplicant.service.arg.in
+++ b/wpa_supplicant/systemd/wpa_supplicant.service.arg.in
@@ -10,6 +10,7 @@ Wants=network.target
[Service]
Type=simple
ExecStart=@BINDIR@/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-%I.conf -i%I
+ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
diff --git a/wpa_supplicant/systemd/wpa_supplicant.service.in b/wpa_supplicant/systemd/wpa_supplicant.service.in
index 561ae8f827ab..18cbc1108597 100644
--- a/wpa_supplicant/systemd/wpa_supplicant.service.in
+++ b/wpa_supplicant/systemd/wpa_supplicant.service.in
@@ -9,6 +9,7 @@ IgnoreOnIsolate=true
Type=dbus
BusName=fi.w1.wpa_supplicant1
ExecStart=@BINDIR@/wpa_supplicant -u -s -O /run/wpa_supplicant
+ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,135 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Ben Greear <greearb@candelatech.com>
Date: Thu, 27 Jul 2023 09:02:11 -0700
Subject: [PATCH] WNM: Choose the best available BSS, not just the first one
This should allow STA to make better choice about which BSS to roam to.
Use estimated throughput as comparison value. Can improve the estimated
throughput calculation to improve this selection criteria if wanted in
the future.
Signed-off-by: Ben Greear <greearb@candelatech.com>
---
wpa_supplicant/wnm_sta.c | 76 +++++++++++++++++++++++++++-------------
1 file changed, 52 insertions(+), 24 deletions(-)
diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
index 96160dccbf5b..87c1798d9b91 100644
--- a/wpa_supplicant/wnm_sta.c
+++ b/wpa_supplicant/wnm_sta.c
@@ -609,22 +609,6 @@ static void wnm_clear_acceptable(struct wpa_supplicant *wpa_s)
wpa_s->wnm_neighbor_report_elements[i].acceptable = 0;
}
-
-static struct wpa_bss * get_first_acceptable(struct wpa_supplicant *wpa_s)
-{
- unsigned int i;
- struct neighbor_report *nei;
-
- for (i = 0; i < wpa_s->wnm_num_neighbor_report; i++) {
- nei = &wpa_s->wnm_neighbor_report_elements[i];
- if (nei->acceptable)
- return wpa_bss_get_bssid(wpa_s, nei->bssid);
- }
-
- return NULL;
-}
-
-
#ifdef CONFIG_MBO
static struct wpa_bss *
get_mbo_transition_candidate(struct wpa_supplicant *wpa_s,
@@ -719,13 +703,38 @@ end:
#endif /* CONFIG_MBO */
+static struct wpa_bss * find_better_target(struct wpa_bss *a,
+ struct wpa_bss *b)
+{
+ if (!a)
+ return b;
+ if (!b)
+ return a;
+
+ if (a->est_throughput > b->est_throughput) {
+ wpa_printf(MSG_DEBUG, "WNM: A is better: " MACSTR
+ " est-tput: %d B: " MACSTR " est-tput: %d",
+ MAC2STR(a->bssid), a->est_throughput,
+ MAC2STR(b->bssid), b->est_throughput);
+ return a;
+ }
+
+ wpa_printf(MSG_DEBUG, "WNM: B is better, A: " MACSTR
+ " est-tput: %d B: " MACSTR " est-tput: %d",
+ MAC2STR(a->bssid), a->est_throughput,
+ MAC2STR(b->bssid), b->est_throughput);
+ return b;
+}
+
static struct wpa_bss *
compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs,
enum mbo_transition_reject_reason *reason)
{
u8 i;
struct wpa_bss *bss = wpa_s->current_bss;
struct wpa_bss *target;
+ struct wpa_bss *best_target = NULL;
+ struct wpa_bss *bss_in_list = NULL;
if (!bss)
return NULL;
@@ -812,25 +821,44 @@ compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs,
}
nei->acceptable = 1;
+
+ best_target = find_better_target(target, best_target);
+ if (target == bss)
+ bss_in_list = bss;
}
#ifdef CONFIG_MBO
if (wpa_s->wnm_mbo_trans_reason_present)
target = get_mbo_transition_candidate(wpa_s, reason);
else
- target = get_first_acceptable(wpa_s);
+ target = best_target;
#else /* CONFIG_MBO */
- target = get_first_acceptable(wpa_s);
+ target = best_target;
#endif /* CONFIG_MBO */
- if (target) {
- wpa_printf(MSG_DEBUG,
- "WNM: Found an acceptable preferred transition candidate BSS "
- MACSTR " (RSSI %d)",
- MAC2STR(target->bssid), target->level);
+ if (!target)
+ return NULL;
+
+ wpa_printf(MSG_DEBUG,
+ "WNM: Found an acceptable preferred transition candidate BSS "
+ MACSTR " (RSSI %d, tput: %d bss-tput: %d)",
+ MAC2STR(target->bssid), target->level,
+ target->est_throughput, bss->est_throughput);
+
+ if (!bss_in_list)
+ return target;
+
+ if ((!target->est_throughput && !bss_in_list->est_throughput) ||
+ (target->est_throughput > bss_in_list->est_throughput &&
+ target->est_throughput - bss_in_list->est_throughput >
+ bss_in_list->est_throughput >> 4)) {
+ /* It is more than 100/16 percent better, so switch. */
+ return target;
}
- return target;
+ wpa_printf(MSG_DEBUG,
+ "WNM: Stay with our current BSS, not enough change in estimated throughput to switch");
+ return bss_in_list;
}

View file

@ -0,0 +1,30 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Michael Lee <michael-cy.lee@mediatek.com>
Date: Thu, 27 Jul 2023 16:29:22 +0800
Subject: [PATCH] wpa_supplicant: Fix wpa_supplicant configuration parsing
error
In the original flow, after hostapd_config_tx_queue successfully
parses a tx_queue variable, it would not return immediately. Then it
would print out "unknow global field" later and set return val to -1.
This patch returns immediately after hostapd_config_tx_queue
successfully parses a tx_queue variable.
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
---
wpa_supplicant/config.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index bf062b0792b7..de08fff84d64 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -5397,6 +5397,7 @@ int wpa_config_process_global(struct wpa_config *config, char *pos, int line)
line);
return -1;
}
+ return ret;
}
if (os_strncmp(pos, "wmm_ac_", 7) == 0) {

View file

@ -0,0 +1,26 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <chaitanya.mgit@gmail.com>
Date: Tue, 18 Jul 2023 01:21:37 +0530
Subject: [PATCH] Abort ongoing scan
Along with canceling queued scan, abort ongoing scan if any, this
ensures Wi-Fi interface is in usable state after disconnect is issued,
else subsequent scan after disconnect might fail with EBUSY.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
---
wpa_supplicant/wpa_supplicant.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index d37a994f98a5..917aca49274f 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -8181,6 +8181,7 @@ void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
wpa_s->disconnected = 1;
wpa_supplicant_cancel_sched_scan(wpa_s);
wpa_supplicant_cancel_scan(wpa_s);
+ wpas_abort_ongoing_scan(wpa_s);
wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
radio_remove_works(wpa_s, "connect", 0);

View file

@ -0,0 +1,33 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Chaoli Zhou <quic_zchaoli@quicinc.com>
Date: Thu, 8 Sep 2022 17:43:32 +0800
Subject: [PATCH] Override ieee80211w from pmf for AP mode in wpa_supplicant
Since NetworkManager doesn't support setting ieee80211w to
wpa_supplicant and only support pmf, so override ieee80211w from pmf for
AP mode if ieee80211w not configurated. Do not change behavior for the
P2P GO cases.
Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
---
wpa_supplicant/ap.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c
index 6a0a69e68ee6..9d0f70332c9c 100644
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
@@ -701,8 +701,12 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
bss->wpa_group_rekey = 86400;
}
- if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT)
+ if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) {
bss->ieee80211w = ssid->ieee80211w;
+ } else if (wpa_s->conf->pmf != MGMT_FRAME_PROTECTION_DEFAULT) {
+ if (ssid->mode == WPAS_MODE_AP)
+ bss->ieee80211w = wpa_s->conf->pmf;
+ }
#ifdef CONFIG_OCV
bss->ocv = ssid->ocv;

View file

@ -7,50 +7,54 @@
pkgname=wpa_supplicant
pkgver=2.10
pkgrel=08
pkgrel=09
epoch=2
pkgdesc='A utility providing key negotiation for WPA wireless networks w/o systemd'
pkgdesc='A utility providing key negotiation for WPA wireless networks'
url='https://w1.fi/wpa_supplicant/'
depends=(openssl libdbus readline libnl pcsclite)
#options=(debug) ## uncomment this line to have the debug pkg produced
backup=('etc/wpa_supplicant/wpa_supplicant.conf')
install=wpa_supplicant.install
source=(https://w1.fi/releases/${pkgname}-${pkgver}.tar.gz{,.asc}
wpa_supplicant_config
wpa_supplicant_tls.patch # More permissive TLS fallback
# wpa_supplicant_dbus_service_syslog.patch # Unit improvements from Ubuntu
# wpa_supplicant_service_ignore-on-isolate.patch # More unit improvements from Ubuntu
wpa_supplicant-legacy-server-connect.patch
lower_security_level_for_tls_1.patch
disable-eapol-werror.patch
0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
)
wpa_supplicant_config
# More permissive TLS fallback
0001-Enable-TLSv1.0-by-default.patch
# Unit improvements from Ubuntu
# 0002-Tweak-D-Bus-systemd-service-activation-configuration.patch
0003-Add-IgnoreOnIsolate-yes-to-keep-wpa-supplicant-runni.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040511.html
# https://bugs.archlinux.org/task/76474
0004-Allow-legacy-renegotiation-to-fix-PEAP-issues-with-s.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040571.html
# https://bugs.archlinux.org/task/76474
0005-OpenSSL-Drop-security-level-to-0-with-OpenSSL-3.0-wh.patch
# https://salsa.debian.org/debian/wpa/-/commit/13e1d28e4f987a220c546df94df86bb9b2371874
0006-Disable-Werror-for-eapol_test.patch
# http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
0007-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
# https://lists.infradead.org/pipermail/hostap/2022-April/040352.html
0008-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
# https://w1.fi/cgit/hostap/commit/?id=e9b4ad2364c68130c7618a88a171e29e0e15007e
0009-OpenSSL-Apply-connection-flags-before-reading-certif.patch
# https://bugs.archlinux.org/task/78770
0010-Don-t-upgrade-SSL-security-level-to-1-when-setting-c.patch
# More unit improvements from Debian
# 0011-Add-reload-support-to-the-systemd-unit-files.patch
# https://salsa.debian.org/debian/wpa/-/commit/5e9486d9de777c9145bcc8bf8048a08abf539cac
0012-WNM-Choose-the-best-available-BSS-not-just-the-first.patch
0013-wpa_supplicant-Fix-wpa_supplicant-configuration-pars.patch
# https://salsa.debian.org/debian/wpa/-/commit/f0d078409df01fa466523c2ab015274c351a83c0
0014-Abort-ongoing-scan.patch
# https://salsa.debian.org/debian/wpa/-/commit/fdcff9f7b4c699f94e38e519e34220e528bee2f9
0015-Override-ieee80211w-from-pmf-for-AP-mode-in-wpa_supp.patch)
prepare() {
cd $pkgname-$pkgver
# More permissive TLS fallback
patch -Np1 -i ../wpa_supplicant_tls.patch
# # Unit improvements from Ubuntu
# patch -Np1 -i ../wpa_supplicant_dbus_service_syslog.patch
# # More unit improvements from Ubuntu
# patch -Np1 -i ../wpa_supplicant_service_ignore-on-isolate.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2072070#c24
patch -Np1 -i ../wpa_supplicant-legacy-server-connect.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040571.html
# https://bugs.archlinux.org/task/76474
patch -Np1 -i ../lower_security_level_for_tls_1.patch
# https://salsa.debian.org/debian/wpa/-/commit/13e1d28e4f987a220c546df94df86bb9b2371874
patch -Np1 -i ../disable-eapol-werror.patch
# http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
patch -Np1 -i ../0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
# https://lists.infradead.org/pipermail/hostap/2022-April/040352.html
patch -Np1 -i ../0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
local src
for src in "${source[@]}"; do
[[ $src = *.patch ]] || continue
echo "Applying patch $src..."
patch -Np1 < "../$src"
done
cp ../wpa_supplicant_config $pkgname/.config
}
@ -72,16 +76,17 @@ package() {
install -dm755 "$pkgdir/etc/wpa_supplicant"
install -Dm644 wpa_supplicant.conf -t "$pkgdir/usr/share/doc/wpa_supplicant"
# install -Dm644 dbus/fi.w1.wpa_supplicant1.service \
# -t "$pkgdir/usr/share/dbus-1/system-services"
install -Dm644 dbus/fi.w1.wpa_supplicant1.service \
-t "$pkgdir/usr/share/dbus-1/system-services"
# install -Dm644 dbus/dbus-wpa_supplicant.conf \
# "$pkgdir/usr/share/dbus-1/system.d/wpa_supplicant.conf"
install -Dm644 dbus/dbus-wpa_supplicant.conf \
"$pkgdir/usr/share/dbus-1/system.d/wpa_supplicant.conf"
# install -d -m755 "$pkgdir/usr/share/man/man"{5,8}
install -Dm644 doc/docbook/*.5 -t "$pkgdir/usr/share/man/man5"
install -Dm644 doc/docbook/*.8 -t "$pkgdir/usr/share/man/man8"
# rm "$pkgdir"/usr/share/man/man8/wpa_{priv,gui}.8
rm "$pkgdir"/usr/share/man/man8/wpa_{priv,gui}.8
# install -Dm644 systemd/*.service -t "$pkgdir/usr/lib/systemd/system"
}
#---- arch license gpg-key & sha256sums ----
@ -90,21 +95,25 @@ arch=(x86_64)
license=(GPL)
validpgpkeys=(EC4AA0A991A5F2464582D52D2B6EF432EFC895FA) # Jouni Malinen
validpgpkeys=('EC4AA0A991A5F2464582D52D2B6EF432EFC895FA') # Jouni Malinen
sha256sums=(20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f # wpa_supplicant-2.10.tar.gz
5512ef486877b231fe4eef3240c2aec9bfb671c1fe2ceb4e5d9ac1f17caddfac # wpa_supplicant-2.10.tar.gz.asc
1e32af4a1a147ee75358fd0b5636fb41332a7b91ec7a904292178256f735e9d2 # wpa_supplicant_config
08915b040d03a3e07cdc8ea6c76b497e00059e01ce85b67413dfe41d4fc68992 # wpa_supplicant_tls.patch
8fba11e4a5056d9e710707ded93341f61fdfef6c64ced992e3936cbd2d41a011 # wpa_supplicant-legacy-server-connect.patch
c3c0fb363f734c1512d24fd749b3ff7515f961b27bfadd04c128434b5c9f4a93 # lower_security_level_for_tls_1.patch
9aca193cc26682765467cf9131240e5de71f9b49a765a934284da5e308ea904e # disable-eapol-werror.patch
7901d42eda48f82106901cbeb5e7be39025c878d5085a0a0d54ccbe36c3ecef4 # 0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
24e844b0a08fe3fede1676cedfe29643375ae56ab1a5fe4f5783765a7b759c15) # 0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
# Note to packager:
ls -l *pkg.tar.lz
echo "you must rename this package to meet SF naming before you move to the repo"
mv $(ls -l $pkgname*pkg.tar.lz) $pkgname-$epoch_$pkgver-$pkgrel-$arch.pkg.tar.lz >pkg-mv.log
1e32af4a1a147ee75358fd0b5636fb41332a7b91ec7a904292178256f735e9d2 # wpa_supplicant.config
cec1f952a47a5688fe3d23bc998f266a0a5a6214047590a19410f6521ed68811 # 0001-Enable-TLSv1.0-by-default.patch
# 0c5677bdc9d154caa7567d7ae08dc0fe415e7be09152cec5290881fd04fba599 # 0002-Tweak-D-Bus-systemd-service-activation-configuration.patch
fb82577605c960a53b9376ae3928ab0c052c6f371096e0d692fbf95ef9117475 # 0003-Add-IgnoreOnIsolate-yes-to-keep-wpa-supplicant-runni.patch
03630ca4c54a28bd1fe4f87d5afe49caaa67d6d6937534de25bbfbd306d1f4c1 # 0004-Allow-legacy-renegotiation-to-fix-PEAP-issues-with-s.patch
cf25c805c9f65f529d7bbfbeabba4317fe7ae1529aca146fc3e8f0c777118d0e # 0005-OpenSSL-Drop-security-level-to-0-with-OpenSSL-3.0-wh.patch
fa285fdbde33a345d1d5c91344c7a393d40e8cb4d16ac9c9297982fe16bfad77 # 0006-Disable-Werror-for-eapol_test.patch
b15f14529bdcc1f81c60dec5f6ecab7a99d707e4f2803cc3b2bdb12b6cb5d609 # 0007-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
19083e95a4e2d55d49c1a17ba69b0f4a672f7ec9a0a0a068c2aa59b57d781895 # 0008-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
3091f0628935452938a4a5be4eef47a2dfe69d7e81afdd4275f0a01ec7e6b9c5 # 0009-OpenSSL-Apply-connection-flags-before-reading-certif.patch
ce900a58e015fc7bbcbf13a9f5c56122d69882f66c38d35c1e44bc25c133285a # 0010-Don-t-upgrade-SSL-security-level-to-1-when-setting-c.patch
# 0a76943fdc64e80015bc21c873a350ac82d23e662541712a4f92f51f6fe10c72 # 0011-Add-reload-support-to-the-systemd-unit-files.patch
cf1f5de43f825305f1bf4a219aee1a521ec3a59e919e5e5ac3367139faac1b28 # 0012-WNM-Choose-the-best-available-BSS-not-just-the-first.patch
70cc90bdb9349b7dea06ebbd776c94c76b497d8ca26d328d8ab12d504c578787 # 0013-wpa_supplicant-Fix-wpa_supplicant-configuration-pars.patch
3a98842a405df9b3e5a10734ab106744c392fd677ac652f994610420ccf039a0 # 0014-Abort-ongoing-scan.patch
39ee3f6dbf665f167cec8d33f0ba9f97a64aaa22f87f9cc5ac3e41f7b42ca559) # 0015-Override-ieee80211w-from-pmf-for-AP-mode-in-wpa_supp.patch
## dce6ec24e682be00eb9093c9b2a2b93b92a0846a56796b7d5caa29fb3f4684ce wpa_supplicant-2_2.10-09-x86_64.pkg.tar.lz

View file

@ -12,60 +12,83 @@ url='https://w1.fi/wpa_supplicant/'
arch=(x86_64)
license=(GPL)
depends=(openssl libdbus readline libnl pcsclite)
options=(debug)
install=wpa_supplicant.install
source=(
https://w1.fi/releases/${pkgname}-${pkgver}.tar.gz{,.asc}
wpa_supplicant_config
wpa_supplicant_tls.patch
wpa_supplicant_dbus_service_syslog.patch
wpa_supplicant_service_ignore-on-isolate.patch
wpa_supplicant-legacy-server-connect.patch
lower_security_level_for_tls_1.patch
disable-eapol-werror.patch
0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
# More permissive TLS fallback
0001-Enable-TLSv1.0-by-default.patch
# Unit improvements from Ubuntu
0002-Tweak-D-Bus-systemd-service-activation-configuration.patch
0003-Add-IgnoreOnIsolate-yes-to-keep-wpa-supplicant-runni.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040511.html
# https://bugs.archlinux.org/task/76474
0004-Allow-legacy-renegotiation-to-fix-PEAP-issues-with-s.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040571.html
# https://bugs.archlinux.org/task/76474
0005-OpenSSL-Drop-security-level-to-0-with-OpenSSL-3.0-wh.patch
# https://salsa.debian.org/debian/wpa/-/commit/13e1d28e4f987a220c546df94df86bb9b2371874
0006-Disable-Werror-for-eapol_test.patch
# http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
0007-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
# https://lists.infradead.org/pipermail/hostap/2022-April/040352.html
0008-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
# https://w1.fi/cgit/hostap/commit/?id=e9b4ad2364c68130c7618a88a171e29e0e15007e
0009-OpenSSL-Apply-connection-flags-before-reading-certif.patch
# https://bugs.archlinux.org/task/78770
0010-Don-t-upgrade-SSL-security-level-to-1-when-setting-c.patch
# More unit improvements from Debian
0011-Add-reload-support-to-the-systemd-unit-files.patch
# https://salsa.debian.org/debian/wpa/-/commit/5e9486d9de777c9145bcc8bf8048a08abf539cac
0012-WNM-Choose-the-best-available-BSS-not-just-the-first.patch
0013-wpa_supplicant-Fix-wpa_supplicant-configuration-pars.patch
# https://salsa.debian.org/debian/wpa/-/commit/f0d078409df01fa466523c2ab015274c351a83c0
0014-Abort-ongoing-scan.patch
# https://salsa.debian.org/debian/wpa/-/commit/fdcff9f7b4c699f94e38e519e34220e528bee2f9
0015-Override-ieee80211w-from-pmf-for-AP-mode-in-wpa_supp.patch
)
validpgpkeys=('EC4AA0A991A5F2464582D52D2B6EF432EFC895FA') # Jouni Malinen
sha256sums=('20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f'
'SKIP'
'1e32af4a1a147ee75358fd0b5636fb41332a7b91ec7a904292178256f735e9d2'
'08915b040d03a3e07cdc8ea6c76b497e00059e01ce85b67413dfe41d4fc68992'
'60f6a1cf2e124813dfce1da78ee1818e2ff5236aafa4113c7ae3b3f2a0b84006'
'd42bdbf3d4980b9f0a819612df0c39843c7e96c8afcb103aa656c824f93790b0'
'8fba11e4a5056d9e710707ded93341f61fdfef6c64ced992e3936cbd2d41a011'
'c3c0fb363f734c1512d24fd749b3ff7515f961b27bfadd04c128434b5c9f4a93'
'9aca193cc26682765467cf9131240e5de71f9b49a765a934284da5e308ea904e'
'7901d42eda48f82106901cbeb5e7be39025c878d5085a0a0d54ccbe36c3ecef4'
'24e844b0a08fe3fede1676cedfe29643375ae56ab1a5fe4f5783765a7b759c15')
'cec1f952a47a5688fe3d23bc998f266a0a5a6214047590a19410f6521ed68811'
'7aecdb7ce85a399eee75dae4595645b34260739725b5922726a51a8db76148f9'
'fb82577605c960a53b9376ae3928ab0c052c6f371096e0d692fbf95ef9117475'
'03630ca4c54a28bd1fe4f87d5afe49caaa67d6d6937534de25bbfbd306d1f4c1'
'cf25c805c9f65f529d7bbfbeabba4317fe7ae1529aca146fc3e8f0c777118d0e'
'fa285fdbde33a345d1d5c91344c7a393d40e8cb4d16ac9c9297982fe16bfad77'
'b15f14529bdcc1f81c60dec5f6ecab7a99d707e4f2803cc3b2bdb12b6cb5d609'
'19083e95a4e2d55d49c1a17ba69b0f4a672f7ec9a0a0a068c2aa59b57d781895'
'3091f0628935452938a4a5be4eef47a2dfe69d7e81afdd4275f0a01ec7e6b9c5'
'ce900a58e015fc7bbcbf13a9f5c56122d69882f66c38d35c1e44bc25c133285a'
'0a76943fdc64e80015bc21c873a350ac82d23e662541712a4f92f51f6fe10c72'
'cf1f5de43f825305f1bf4a219aee1a521ec3a59e919e5e5ac3367139faac1b28'
'70cc90bdb9349b7dea06ebbd776c94c76b497d8ca26d328d8ab12d504c578787'
'3a98842a405df9b3e5a10734ab106744c392fd677ac652f994610420ccf039a0'
'39ee3f6dbf665f167cec8d33f0ba9f97a64aaa22f87f9cc5ac3e41f7b42ca559')
prepare() {
cd $pkgname-$pkgver
# More permissive TLS fallback
patch -Np1 -i ../wpa_supplicant_tls.patch
# Unit improvements from Ubuntu
patch -Np1 -i ../wpa_supplicant_dbus_service_syslog.patch
# More unit improvements from Ubuntu
patch -Np1 -i ../wpa_supplicant_service_ignore-on-isolate.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2072070#c24
patch -Np1 -i ../wpa_supplicant-legacy-server-connect.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040571.html
# https://bugs.archlinux.org/task/76474
patch -Np1 -i ../lower_security_level_for_tls_1.patch
# https://salsa.debian.org/debian/wpa/-/commit/13e1d28e4f987a220c546df94df86bb9b2371874
patch -Np1 -i ../disable-eapol-werror.patch
# http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
patch -Np1 -i ../0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
# https://lists.infradead.org/pipermail/hostap/2022-April/040352.html
patch -Np1 -i ../0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
local src
for src in "${source[@]}"; do
[[ $src = *.patch ]] || continue
echo "Applying patch $src..."
patch -Np1 < "../$src"
done
cp ../wpa_supplicant_config $pkgname/.config
}

View file

@ -0,0 +1,100 @@
# Maintainer:
# Contributor: Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
# Contributor: Thomas Bächler <thomas@archlinux.org>
# Contributor: loqs
pkgname=wpa_supplicant
pkgver=2.10
pkgrel=8
epoch=2
pkgdesc='A utility providing key negotiation for WPA wireless networks'
url='https://w1.fi/wpa_supplicant/'
arch=(x86_64)
license=(GPL)
depends=(openssl libdbus readline libnl pcsclite)
install=wpa_supplicant.install
source=(
https://w1.fi/releases/${pkgname}-${pkgver}.tar.gz{,.asc}
wpa_supplicant_config
wpa_supplicant_tls.patch
wpa_supplicant_dbus_service_syslog.patch
wpa_supplicant_service_ignore-on-isolate.patch
wpa_supplicant-legacy-server-connect.patch
lower_security_level_for_tls_1.patch
disable-eapol-werror.patch
0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
)
validpgpkeys=('EC4AA0A991A5F2464582D52D2B6EF432EFC895FA') # Jouni Malinen
sha256sums=('20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f'
'SKIP'
'1e32af4a1a147ee75358fd0b5636fb41332a7b91ec7a904292178256f735e9d2'
'08915b040d03a3e07cdc8ea6c76b497e00059e01ce85b67413dfe41d4fc68992'
'60f6a1cf2e124813dfce1da78ee1818e2ff5236aafa4113c7ae3b3f2a0b84006'
'd42bdbf3d4980b9f0a819612df0c39843c7e96c8afcb103aa656c824f93790b0'
'8fba11e4a5056d9e710707ded93341f61fdfef6c64ced992e3936cbd2d41a011'
'c3c0fb363f734c1512d24fd749b3ff7515f961b27bfadd04c128434b5c9f4a93'
'9aca193cc26682765467cf9131240e5de71f9b49a765a934284da5e308ea904e'
'7901d42eda48f82106901cbeb5e7be39025c878d5085a0a0d54ccbe36c3ecef4'
'24e844b0a08fe3fede1676cedfe29643375ae56ab1a5fe4f5783765a7b759c15')
prepare() {
cd $pkgname-$pkgver
# More permissive TLS fallback
patch -Np1 -i ../wpa_supplicant_tls.patch
# Unit improvements from Ubuntu
patch -Np1 -i ../wpa_supplicant_dbus_service_syslog.patch
# More unit improvements from Ubuntu
patch -Np1 -i ../wpa_supplicant_service_ignore-on-isolate.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2072070#c24
patch -Np1 -i ../wpa_supplicant-legacy-server-connect.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040571.html
# https://bugs.archlinux.org/task/76474
patch -Np1 -i ../lower_security_level_for_tls_1.patch
# https://salsa.debian.org/debian/wpa/-/commit/13e1d28e4f987a220c546df94df86bb9b2371874
patch -Np1 -i ../disable-eapol-werror.patch
# http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
patch -Np1 -i ../0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
# https://lists.infradead.org/pipermail/hostap/2022-April/040352.html
patch -Np1 -i ../0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
cp ../wpa_supplicant_config $pkgname/.config
}
build() {
cd $pkgname-$pkgver/$pkgname
make LIBDIR=/usr/lib BINDIR=/usr/bin
make LIBDIR=/usr/lib BINDIR=/usr/bin eapol_test
}
package() {
cd $pkgname-$pkgver/$pkgname
make LIBDIR=/usr/lib BINDIR=/usr/bin DESTDIR="$pkgdir" install
install -Dm755 eapol_test "$pkgdir/usr/bin/eapol_test"
install -dm755 "$pkgdir/etc/wpa_supplicant"
install -Dm644 wpa_supplicant.conf -t "$pkgdir/usr/share/doc/wpa_supplicant"
install -Dm644 dbus/fi.w1.wpa_supplicant1.service \
-t "$pkgdir/usr/share/dbus-1/system-services"
install -Dm644 dbus/dbus-wpa_supplicant.conf \
"$pkgdir/usr/share/dbus-1/system.d/wpa_supplicant.conf"
install -Dm644 doc/docbook/*.5 -t "$pkgdir/usr/share/man/man5"
install -Dm644 doc/docbook/*.8 -t "$pkgdir/usr/share/man/man8"
rm "$pkgdir"/usr/share/man/man8/wpa_{priv,gui}.8
install -Dm644 systemd/*.service -t "$pkgdir/usr/lib/systemd/system"
}

View file

@ -0,0 +1,101 @@
# Maintainer:
# Contributor: Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
# Contributor: Thomas Bächler <thomas@archlinux.org>
# Contributor: loqs
pkgname=wpa_supplicant
pkgver=2.10
pkgrel=8
epoch=2
pkgdesc='A utility providing key negotiation for WPA wireless networks'
url='https://w1.fi/wpa_supplicant/'
arch=(x86_64)
license=(GPL)
depends=(openssl libdbus readline libnl pcsclite)
options=(debug)
install=wpa_supplicant.install
source=(
https://w1.fi/releases/${pkgname}-${pkgver}.tar.gz{,.asc}
wpa_supplicant_config
wpa_supplicant_tls.patch
wpa_supplicant_dbus_service_syslog.patch
wpa_supplicant_service_ignore-on-isolate.patch
wpa_supplicant-legacy-server-connect.patch
lower_security_level_for_tls_1.patch
disable-eapol-werror.patch
0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
)
validpgpkeys=('EC4AA0A991A5F2464582D52D2B6EF432EFC895FA') # Jouni Malinen
sha256sums=('20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f'
'SKIP'
'1e32af4a1a147ee75358fd0b5636fb41332a7b91ec7a904292178256f735e9d2'
'08915b040d03a3e07cdc8ea6c76b497e00059e01ce85b67413dfe41d4fc68992'
'60f6a1cf2e124813dfce1da78ee1818e2ff5236aafa4113c7ae3b3f2a0b84006'
'd42bdbf3d4980b9f0a819612df0c39843c7e96c8afcb103aa656c824f93790b0'
'8fba11e4a5056d9e710707ded93341f61fdfef6c64ced992e3936cbd2d41a011'
'c3c0fb363f734c1512d24fd749b3ff7515f961b27bfadd04c128434b5c9f4a93'
'9aca193cc26682765467cf9131240e5de71f9b49a765a934284da5e308ea904e'
'7901d42eda48f82106901cbeb5e7be39025c878d5085a0a0d54ccbe36c3ecef4'
'24e844b0a08fe3fede1676cedfe29643375ae56ab1a5fe4f5783765a7b759c15')
prepare() {
cd $pkgname-$pkgver
# More permissive TLS fallback
patch -Np1 -i ../wpa_supplicant_tls.patch
# Unit improvements from Ubuntu
patch -Np1 -i ../wpa_supplicant_dbus_service_syslog.patch
# More unit improvements from Ubuntu
patch -Np1 -i ../wpa_supplicant_service_ignore-on-isolate.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2072070#c24
patch -Np1 -i ../wpa_supplicant-legacy-server-connect.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040571.html
# https://bugs.archlinux.org/task/76474
patch -Np1 -i ../lower_security_level_for_tls_1.patch
# https://salsa.debian.org/debian/wpa/-/commit/13e1d28e4f987a220c546df94df86bb9b2371874
patch -Np1 -i ../disable-eapol-werror.patch
# http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
patch -Np1 -i ../0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
# https://lists.infradead.org/pipermail/hostap/2022-April/040352.html
patch -Np1 -i ../0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
cp ../wpa_supplicant_config $pkgname/.config
}
build() {
cd $pkgname-$pkgver/$pkgname
make LIBDIR=/usr/lib BINDIR=/usr/bin
make LIBDIR=/usr/lib BINDIR=/usr/bin eapol_test
}
package() {
cd $pkgname-$pkgver/$pkgname
make LIBDIR=/usr/lib BINDIR=/usr/bin DESTDIR="$pkgdir" install
install -Dm755 eapol_test "$pkgdir/usr/bin/eapol_test"
install -dm755 "$pkgdir/etc/wpa_supplicant"
install -Dm644 wpa_supplicant.conf -t "$pkgdir/usr/share/doc/wpa_supplicant"
install -Dm644 dbus/fi.w1.wpa_supplicant1.service \
-t "$pkgdir/usr/share/dbus-1/system-services"
install -Dm644 dbus/dbus-wpa_supplicant.conf \
"$pkgdir/usr/share/dbus-1/system.d/wpa_supplicant.conf"
install -Dm644 doc/docbook/*.5 -t "$pkgdir/usr/share/man/man5"
install -Dm644 doc/docbook/*.8 -t "$pkgdir/usr/share/man/man8"
rm "$pkgdir"/usr/share/man/man8/wpa_{priv,gui}.8
install -Dm644 systemd/*.service -t "$pkgdir/usr/lib/systemd/system"
}

110
wpa_supplicant/PKGBUILD-old Normal file
View file

@ -0,0 +1,110 @@
#!/usr/bin/bash
# JOBoRun : Jwm OpenBox Obarun RUNit
# Maintainer : Joe Bo Run <joborun@disroot.org>
# PkgSource : url="https://gittea.disroot.org/joborun-pkg/jobcore/$pkgname"
# Website : https://pozol.eu
#-----------------------------------------| DESCRIPTION |---------------------------------------
pkgname=wpa_supplicant
pkgver=2.10
pkgrel=08
epoch=2
pkgdesc='A utility providing key negotiation for WPA wireless networks w/o systemd'
url='https://w1.fi/wpa_supplicant/'
depends=(openssl libdbus readline libnl pcsclite)
#options=(debug) ## uncomment this line to have the debug pkg produced
backup=('etc/wpa_supplicant/wpa_supplicant.conf')
source=(https://w1.fi/releases/${pkgname}-${pkgver}.tar.gz{,.asc}
wpa_supplicant_config
wpa_supplicant_tls.patch # More permissive TLS fallback
# wpa_supplicant_dbus_service_syslog.patch # Unit improvements from Ubuntu
# wpa_supplicant_service_ignore-on-isolate.patch # More unit improvements from Ubuntu
wpa_supplicant-legacy-server-connect.patch
lower_security_level_for_tls_1.patch
disable-eapol-werror.patch
0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
)
prepare() {
cd $pkgname-$pkgver
# More permissive TLS fallback
patch -Np1 -i ../wpa_supplicant_tls.patch
# # Unit improvements from Ubuntu
# patch -Np1 -i ../wpa_supplicant_dbus_service_syslog.patch
# # More unit improvements from Ubuntu
# patch -Np1 -i ../wpa_supplicant_service_ignore-on-isolate.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2072070#c24
patch -Np1 -i ../wpa_supplicant-legacy-server-connect.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040571.html
# https://bugs.archlinux.org/task/76474
patch -Np1 -i ../lower_security_level_for_tls_1.patch
# https://salsa.debian.org/debian/wpa/-/commit/13e1d28e4f987a220c546df94df86bb9b2371874
patch -Np1 -i ../disable-eapol-werror.patch
# http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
patch -Np1 -i ../0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
# https://lists.infradead.org/pipermail/hostap/2022-April/040352.html
patch -Np1 -i ../0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
cp ../wpa_supplicant_config $pkgname/.config
}
build() {
cd $pkgname-$pkgver/$pkgname
make LIBDIR=/usr/lib BINDIR=/usr/bin
make LIBDIR=/usr/lib BINDIR=/usr/bin eapol_test
}
package() {
cd $pkgname-$pkgver/$pkgname
make LIBDIR=/usr/lib BINDIR=/usr/bin DESTDIR="$pkgdir" install
install -Dm755 eapol_test "$pkgdir/usr/bin/eapol_test"
install -dm755 "$pkgdir/etc/wpa_supplicant"
install -Dm644 wpa_supplicant.conf -t "$pkgdir/usr/share/doc/wpa_supplicant"
# install -Dm644 dbus/fi.w1.wpa_supplicant1.service \
# -t "$pkgdir/usr/share/dbus-1/system-services"
# install -Dm644 dbus/dbus-wpa_supplicant.conf \
# "$pkgdir/usr/share/dbus-1/system.d/wpa_supplicant.conf"
# install -d -m755 "$pkgdir/usr/share/man/man"{5,8}
install -Dm644 doc/docbook/*.5 -t "$pkgdir/usr/share/man/man5"
install -Dm644 doc/docbook/*.8 -t "$pkgdir/usr/share/man/man8"
# rm "$pkgdir"/usr/share/man/man8/wpa_{priv,gui}.8
}
#---- arch license gpg-key & sha256sums ----
arch=(x86_64)
license=(GPL)
validpgpkeys=(EC4AA0A991A5F2464582D52D2B6EF432EFC895FA) # Jouni Malinen
sha256sums=(20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f # wpa_supplicant-2.10.tar.gz
5512ef486877b231fe4eef3240c2aec9bfb671c1fe2ceb4e5d9ac1f17caddfac # wpa_supplicant-2.10.tar.gz.asc
1e32af4a1a147ee75358fd0b5636fb41332a7b91ec7a904292178256f735e9d2 # wpa_supplicant_config
08915b040d03a3e07cdc8ea6c76b497e00059e01ce85b67413dfe41d4fc68992 # wpa_supplicant_tls.patch
8fba11e4a5056d9e710707ded93341f61fdfef6c64ced992e3936cbd2d41a011 # wpa_supplicant-legacy-server-connect.patch
c3c0fb363f734c1512d24fd749b3ff7515f961b27bfadd04c128434b5c9f4a93 # lower_security_level_for_tls_1.patch
9aca193cc26682765467cf9131240e5de71f9b49a765a934284da5e308ea904e # disable-eapol-werror.patch
7901d42eda48f82106901cbeb5e7be39025c878d5085a0a0d54ccbe36c3ecef4 # 0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
24e844b0a08fe3fede1676cedfe29643375ae56ab1a5fe4f5783765a7b759c15) # 0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
# Note to packager:
ls -l *pkg.tar.lz
echo "you must rename this package to meet SF naming before you move to the repo"
mv $(ls -l $pkgname*pkg.tar.lz) $pkgname-$epoch_$pkgver-$pkgrel-$arch.pkg.tar.lz >pkg-mv.log

View file

@ -1,5 +1,4 @@
pcsclite
dbus

122
wpa_supplicant/diff.arch Normal file
View file

@ -0,0 +1,122 @@
--- PKGBUILD-arch 2022-12-17 10:11:19.377531206 +0200
+++ PKGBUILD-arch.new 2024-01-08 01:38:42.411395128 +0200
@@ -12,60 +12,83 @@
arch=(x86_64)
license=(GPL)
depends=(openssl libdbus readline libnl pcsclite)
-options=(debug)
install=wpa_supplicant.install
source=(
https://w1.fi/releases/${pkgname}-${pkgver}.tar.gz{,.asc}
wpa_supplicant_config
- wpa_supplicant_tls.patch
- wpa_supplicant_dbus_service_syslog.patch
- wpa_supplicant_service_ignore-on-isolate.patch
- wpa_supplicant-legacy-server-connect.patch
- lower_security_level_for_tls_1.patch
- disable-eapol-werror.patch
- 0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
- 0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
-)
-validpgpkeys=('EC4AA0A991A5F2464582D52D2B6EF432EFC895FA') # Jouni Malinen
-sha256sums=('20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f'
- 'SKIP'
- '1e32af4a1a147ee75358fd0b5636fb41332a7b91ec7a904292178256f735e9d2'
- '08915b040d03a3e07cdc8ea6c76b497e00059e01ce85b67413dfe41d4fc68992'
- '60f6a1cf2e124813dfce1da78ee1818e2ff5236aafa4113c7ae3b3f2a0b84006'
- 'd42bdbf3d4980b9f0a819612df0c39843c7e96c8afcb103aa656c824f93790b0'
- '8fba11e4a5056d9e710707ded93341f61fdfef6c64ced992e3936cbd2d41a011'
- 'c3c0fb363f734c1512d24fd749b3ff7515f961b27bfadd04c128434b5c9f4a93'
- '9aca193cc26682765467cf9131240e5de71f9b49a765a934284da5e308ea904e'
- '7901d42eda48f82106901cbeb5e7be39025c878d5085a0a0d54ccbe36c3ecef4'
- '24e844b0a08fe3fede1676cedfe29643375ae56ab1a5fe4f5783765a7b759c15')
-
-prepare() {
- cd $pkgname-$pkgver
# More permissive TLS fallback
- patch -Np1 -i ../wpa_supplicant_tls.patch
+ 0001-Enable-TLSv1.0-by-default.patch
# Unit improvements from Ubuntu
- patch -Np1 -i ../wpa_supplicant_dbus_service_syslog.patch
-
- # More unit improvements from Ubuntu
- patch -Np1 -i ../wpa_supplicant_service_ignore-on-isolate.patch
+ 0002-Tweak-D-Bus-systemd-service-activation-configuration.patch
+ 0003-Add-IgnoreOnIsolate-yes-to-keep-wpa-supplicant-runni.patch
- # https://bugzilla.redhat.com/show_bug.cgi?id=2072070#c24
- patch -Np1 -i ../wpa_supplicant-legacy-server-connect.patch
+ # http://lists.infradead.org/pipermail/hostap/2022-May/040511.html
+ # https://bugs.archlinux.org/task/76474
+ 0004-Allow-legacy-renegotiation-to-fix-PEAP-issues-with-s.patch
# http://lists.infradead.org/pipermail/hostap/2022-May/040571.html
# https://bugs.archlinux.org/task/76474
- patch -Np1 -i ../lower_security_level_for_tls_1.patch
+ 0005-OpenSSL-Drop-security-level-to-0-with-OpenSSL-3.0-wh.patch
# https://salsa.debian.org/debian/wpa/-/commit/13e1d28e4f987a220c546df94df86bb9b2371874
- patch -Np1 -i ../disable-eapol-werror.patch
+ 0006-Disable-Werror-for-eapol_test.patch
# http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
- patch -Np1 -i ../0001-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
+ 0007-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
# https://lists.infradead.org/pipermail/hostap/2022-April/040352.html
- patch -Np1 -i ../0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
+ 0008-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
+
+ # https://w1.fi/cgit/hostap/commit/?id=e9b4ad2364c68130c7618a88a171e29e0e15007e
+ 0009-OpenSSL-Apply-connection-flags-before-reading-certif.patch
+
+ # https://bugs.archlinux.org/task/78770
+ 0010-Don-t-upgrade-SSL-security-level-to-1-when-setting-c.patch
+
+ # More unit improvements from Debian
+ 0011-Add-reload-support-to-the-systemd-unit-files.patch
+
+ # https://salsa.debian.org/debian/wpa/-/commit/5e9486d9de777c9145bcc8bf8048a08abf539cac
+ 0012-WNM-Choose-the-best-available-BSS-not-just-the-first.patch
+ 0013-wpa_supplicant-Fix-wpa_supplicant-configuration-pars.patch
+
+ # https://salsa.debian.org/debian/wpa/-/commit/f0d078409df01fa466523c2ab015274c351a83c0
+ 0014-Abort-ongoing-scan.patch
+
+ # https://salsa.debian.org/debian/wpa/-/commit/fdcff9f7b4c699f94e38e519e34220e528bee2f9
+ 0015-Override-ieee80211w-from-pmf-for-AP-mode-in-wpa_supp.patch
+)
+validpgpkeys=('EC4AA0A991A5F2464582D52D2B6EF432EFC895FA') # Jouni Malinen
+sha256sums=('20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f'
+ 'SKIP'
+ '1e32af4a1a147ee75358fd0b5636fb41332a7b91ec7a904292178256f735e9d2'
+ 'cec1f952a47a5688fe3d23bc998f266a0a5a6214047590a19410f6521ed68811'
+ '7aecdb7ce85a399eee75dae4595645b34260739725b5922726a51a8db76148f9'
+ 'fb82577605c960a53b9376ae3928ab0c052c6f371096e0d692fbf95ef9117475'
+ '03630ca4c54a28bd1fe4f87d5afe49caaa67d6d6937534de25bbfbd306d1f4c1'
+ 'cf25c805c9f65f529d7bbfbeabba4317fe7ae1529aca146fc3e8f0c777118d0e'
+ 'fa285fdbde33a345d1d5c91344c7a393d40e8cb4d16ac9c9297982fe16bfad77'
+ 'b15f14529bdcc1f81c60dec5f6ecab7a99d707e4f2803cc3b2bdb12b6cb5d609'
+ '19083e95a4e2d55d49c1a17ba69b0f4a672f7ec9a0a0a068c2aa59b57d781895'
+ '3091f0628935452938a4a5be4eef47a2dfe69d7e81afdd4275f0a01ec7e6b9c5'
+ 'ce900a58e015fc7bbcbf13a9f5c56122d69882f66c38d35c1e44bc25c133285a'
+ '0a76943fdc64e80015bc21c873a350ac82d23e662541712a4f92f51f6fe10c72'
+ 'cf1f5de43f825305f1bf4a219aee1a521ec3a59e919e5e5ac3367139faac1b28'
+ '70cc90bdb9349b7dea06ebbd776c94c76b497d8ca26d328d8ab12d504c578787'
+ '3a98842a405df9b3e5a10734ab106744c392fd677ac652f994610420ccf039a0'
+ '39ee3f6dbf665f167cec8d33f0ba9f97a64aaa22f87f9cc5ac3e41f7b42ca559')
+
+prepare() {
+ cd $pkgname-$pkgver
+
+ local src
+ for src in "${source[@]}"; do
+ [[ $src = *.patch ]] || continue
+ echo "Applying patch $src..."
+ patch -Np1 < "../$src"
+ done
cp ../wpa_supplicant_config $pkgname/.config
}

View file

@ -0,0 +1 @@
This is very strange, 2 different PKGBUILDs from arch, one from 12/22 one from now, 2024-01-08 same version same release number VERY different patches and conf files?

View file