Instead of appending configuration variables to the .config file
manually. This has the advantage that configuration option can easily be
adjusted and are well documented in addition to that options that have
been removed on package upgrade can be identified easier.
Many options enabled before where no longer mentioned in the defconfig
file and have thus been removed. The 'CONFIG_EAP_FAST' option has been
enabled additionally.
I also had to add readline-dev and pcsc-lite-dev to the makedepends.
readlinee-dev is needed for readline support in wpa_cli and
pcsc-lite-dev is needed for smartcard support. Both options were enabled
before.
Since this is a rather important package I would suggested that this is
tested by someone else before merging it into the master branch. I
tested it here and it works for my setup, which doesn't mean that I
accidentally broke more complicated setups by failing to copy an
existing configuration option.
---
main/wpa_supplicant/APKBUILD | 101 ++-------
main/wpa_supplicant/config | 497 +++++++++++++++++++++++++++++++++++++++++
main/wpa_supplicant/wpa_cli.sh | 2 +-
3 files changed, 512 insertions(+), 88 deletions(-)
create mode 100644 main/wpa_supplicant/config
diff --git a/main/wpa_supplicant/APKBUILD b/main/wpa_supplicant/APKBUILD
index 43d76ab..f065cb1 100644
--- a/main/wpa_supplicant/APKBUILD
+++ b/main/wpa_supplicant/APKBUILD
@@ -2,15 +2,15 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wpa_supplicant
pkgver=2.4
-pkgrel=4
+pkgrel=5
pkgdesc="A utility providing key negotiation for WPA wireless networks"
-url="http://hostap.epitest.fi/wpa_supplicant"
+url="https://w1.fi/wpa_supplicant/"
arch="all"
license="BSD"
subpackages="$pkgname-doc $pkgname-gui"
depends="dbus"
-makedepends="openssl-dev dbus-dev libnl3-dev qt-dev"
-source="http://hostap.epitest.fi/releases/$pkgname-$pkgver.tar.gz
+makedepends="openssl-dev dbus-dev libnl3-dev qt-dev readline-dev pcsc-lite-dev"
+source="http://w1.fi/releases/$pkgname-$pkgver.tar.gz
CVE-2015-1863.patch
CVE-2015-4141.patch
CVE-2015-4142.patch
@@ -23,8 +23,8 @@ source="http://hostap.epitest.fi/releases/$pkgname-$pkgver.tar.gz
wpa_supplicant.initd
wpa_supplicant.confd
- wpa_cli.sh
- "
+ config
+ wpa_cli.sh"
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
@@ -35,84 +35,8 @@ prepare() {
esac
done
- cd "$_builddir"/wpa_supplicant
- # Toolchain setup
- echo "CC = ${CC:-gcc}" > .config
-
- # Basic setup
- echo "CONFIG_CTRL_IFACE=y" >> .config
- # dbus support
- echo "CONFIG_CTRL_IFACE_DBUS=y" >> .config
- echo "CONFIG_CTRL_IFACE_DBUS_NEW=y" >> .config
- echo "CONFIG_CTRL_IFACE_DBUS_INTRO=y" >> .config
-
- echo "CONFIG_BACKEND=file" >> .config
-
- # Basic authentication methods
- # NOTE: we don't set GPSK or SAKE as they conflict
- # with the below options
- echo "CONFIG_EAP_GTC=y" >> .config
- echo "CONFIG_EAP_MD5=y" >> .config
- echo "CONFIG_EAP_OTP=y" >> .config
- echo "CONFIG_EAP_PAX=y" >> .config
- echo "CONFIG_EAP_PSK=y" >> .config
- echo "CONFIG_EAP_TLV=y" >> .config
- echo "CONFIG_IEEE8021X_EAPOL=y" >> .config
- echo "CONFIG_PKCS12=y" >> .config
- echo "CONFIG_PEERKEY=y" >> .config
- echo "CONFIG_EAP_LEAP=y" >> .config
- echo "CONFIG_EAP_MSCHAPV2=y" >> .config
- echo "CONFIG_EAP_PEAP=y" >> .config
- echo "CONFIG_EAP_TLS=y" >> .config
- echo "CONFIG_EAP_TTLS=y" >> .config
-
- # debug
- # echo "CONFIG_DEBUG_FILE=y" >> .config
-
- # Smart card authentication
- #echo "CONFIG_EAP_SIM=y" >> .config
- #echo "CONFIG_EAP_AKA=y" >> .config
- #echo "CONFIG_EAP_AKA_PRIME=y" >> .config
- #echo "CONFIG_PCSC=y" >> .config
-
- # readline/history support for wpa_cli
- #echo "CONFIG_READLINE=y" >> .config
-
- # SSL authentication methods
- echo "CONFIG_TLS=openssl" >> .config
- echo "CONFIG_SMARTCARD=y" >> .config
- # use gnutls
- # echo "CONFIG_TLS=gnutls" >> .config
- # echo "CONFIG_GNUTLS_EXTRA=y" >> .config
- #echo "CONFIG_TLS=internal" >> .config
-
- # Linux specific drivers
- echo "CONFIG_DRIVER_ATMEL=y" >> .config
- #echo "CONFIG_DRIVER_BROADCOM=y" >> .config
- #echo "CONFIG_DRIVER_HERMES=y" >> .config
- echo "CONFIG_DRIVER_HOSTAP=y" >> .config
- echo "CONFIG_DRIVER_IPW=y" >> .config
- echo "CONFIG_DRIVER_NDISWRAPPER=y" >> .config
- echo "CONFIG_DRIVER_NL80211=y" >> .config
- #echo "CONFIG_DRIVER_PRISM54=y" >> .config
- echo "CONFIG_DRIVER_RALINK=y" >> .config
- echo "CONFIG_DRIVER_WEXT=y" >> .config
- echo "CONFIG_DRIVER_WIRED=y" >> .config
-
- # Add include path for madwifi-driver headers
- #echo "CFLAGS += -I/usr/include/madwifi" >> .config
- #echo "CONFIG_DRIVER_MADWIFI=y" >> .config
-
- # Wi-Fi Protected Setup (WPS)
- echo "CONFIG_WPS=y" >> .config
-
- # Enable mitigation against certain attacks against TKIP
- echo "CONFIG_DELAYED_MIC_ERROR_REPORT=y" >> .config
-
- echo "CONFIG_WPS2=y" >> .config
- echo "CONFIG_AP=y" >> .config
- echo "CONFIG_P2P=y" >> .config
- echo "CONFIG_LIBNL32=y" >> .config
+ # Copy our configuration file to the build directory
+ cp "$srcdir"/config "$_builddir"/wpa_supplicant/.config || return 1
}
build() {
@@ -179,7 +103,8 @@ de0fca4d74a1883d15ef5754f13a5226 0004-EAP-pwd-server-Fix-Total-Length-parsing-f
9d854969af23b207f9f3dff38ef78770 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
a8da41f58b8b4779d666ab7bd8233c18 wpa_supplicant.initd
bc117427f2c538439f3f1481a028ee06 wpa_supplicant.confd
-cbdff360cf3f0f31d33027deb868e5f2 wpa_cli.sh"
+3ea20d678b45638c5088d1d79cb479c5 config
+707c26fbf3fa46a6410732efa7128eee wpa_cli.sh"
sha256sums="058dc832c096139a059e6df814080f50251a8d313c21b13364c54a1e70109122 wpa_supplicant-2.4.tar.gz
a3abf75801f02199ff48c316a7b6598860e6ca20ce2fe79b0bec873905e5c8a4 CVE-2015-1863.patch
eb63d845fdc38b6310c527ad1705b6fe3b74f90e263188da2aca97468cc55142 CVE-2015-4141.patch
@@ -191,7 +116,8 @@ c28ca6303a562809dfd1812f9b918808b3b0f0c52cc43070fd1777e1cfc88f18 0004-EAP-pwd-s
04ef66fbd5b2167274cd7123d7f7252963b9a9c1ec2f5edf6558a6ad92d47689 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
5d6ee43b7752d15013fb31298087e9d82caa2568064e59e6ed6230d7de403867 wpa_supplicant.initd
61ec59007f66ac5bacc0aa095d1f2ccbc977a687038e161a463d1727223d5a90 wpa_supplicant.confd
-34c06cabfb9c7cf73fda64836971898424b4fcf2569bf21af628239093e8417e wpa_cli.sh"
+4e52fd211ad3864fab1395c625969b3ddb735116b5ce754a70b6d5e9cd4da9ad config
+dec1d357d8db5067bdba39a300760b06667a6d1b59f15fdb93063d61bf11b596 wpa_cli.sh"
sha512sums="03d8199325b3910f77013ddb7edd803ab4444542230484e1cb465dc3df9372b39ee3307d823ce88730e8f5a5231ef3183954c54cf07297b70432f526e45aac2b wpa_supplicant-2.4.tar.gz
61f90d06bd42fb7ea17ba147db861303f5b1fdce2cda35492cec578214da5ea5d654a1df99dee4d4a0c07ef3e8b3bfb65ab4b98eff21c2013adf536766136ce1 CVE-2015-1863.patch
4633a96a91e151407e4c62b74b4e78d37e4fba586278c6ae4340ce149bee0c644a4d62675256839c3130374a4dc7531beaeed8282946e7dcd3faf1ed74bf99be CVE-2015-4141.patch
@@ -203,4 +129,5 @@ b752f91c3d6dcf0784d9cb20a0c7f8de6c837c38ff62cf77b136d9b818890b13f55eeed1d6097f24
07a21f0cc7d00e17bed8ef5ced36159020a410a4606aa0ca24e47223835ab0cc5fbeed3075c4f17d2ce1aee437eedf9fea8f4b95252b2fa255d54a195637cb6f 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
cfe9de2813d5ec778c7f5cb404c23aad371dee9922dea172358a8ea95ab4e5dd01a3b9fc1a452dd3c3c9a2f02e8b12ffe162b69767f95faa18480fb79499301b wpa_supplicant.initd
29103161ec2b9631fca9e8d9a97fafd60ffac3fe78cf613b834395ddcaf8be1e253c22e060d7d9f9b974b2d7ce794caa932a2125e29f6494b75bce475f7b30e1 wpa_supplicant.confd
-fa2688288c8f7882745e131f90f5ed6692c38c4fd9d0cd4082f3661bbf6fc09627c3d5005a9f4d00ac900753a8a28931079e5e17e2238bff33e1beff48774cfd wpa_cli.sh"
+6a425cfb41474fb8f4ca756abc66fc6f204a954c1eeaf80b37ea46e0d11c288fa39a2051e0d9982174b889331a2a41f05b0ed270176fb5698e81519ba99b505d config
+44d33cfe419cdb65cc14f2ac05aa9f8a1b9f2f432181e498071e41ef835662db1e4c5142adf4cfab2475e7b606696169936bd159d1d711f803322db93f242361 wpa_cli.sh"
diff --git a/main/wpa_supplicant/config b/main/wpa_supplicant/config
new file mode 100644
index 0000000..c86ba92
--- /dev/null
+++ b/main/wpa_supplicant/config
@@ -0,0 +1,497 @@
+# Example wpa_supplicant build time configuration
+#
+# This file lists the configuration options that are used when building the
+# hostapd binary. All lines starting with # are ignored. Configuration option
+# lines must be commented out complete, if they are not to be included, i.e.,
+# just setting VARIABLE=n is not disabling that variable.
+#
+# This file is included in Makefile, so variables like CFLAGS and LIBS can also
+# be modified from here. In most cases, these lines should use += in order not
+# to override previous values of the variables.
+
+
+# Uncomment following two lines and fix the paths if you have installed OpenSSL
+# or GnuTLS in non-default location
+#CFLAGS += -I/usr/local/openssl/include
+#LIBS += -L/usr/local/openssl/lib
+
+# Some Red Hat versions seem to include kerberos header files from OpenSSL, but
+# the kerberos files are not in the default include path. Following line can be
+# used to fix build issues on such systems (krb5.h not found).
+#CFLAGS += -I/usr/include/kerberos
+
+# Driver interface for generic Linux wireless extensions
+# Note: WEXT is deprecated in the current Linux kernel version and no new
+# functionality is added to it. nl80211-based interface is the new
+# replacement for WEXT and its use allows wpa_supplicant to properly control
+# the driver to improve existing functionality like roaming and to support new
+# functionality.
+CONFIG_DRIVER_WEXT=y
+
+# Driver interface for Linux drivers using the nl80211 kernel interface
+CONFIG_DRIVER_NL80211=y
+
+# driver_nl80211.c requires libnl. If you are compiling it yourself
+# you may need to point hostapd to your version of libnl.
+#
+#CFLAGS += -I$<path to libnl include files>
+#LIBS += -L$<path to libnl library files>
+
+# Use libnl v2.0 (or 3.0) libraries.
+#CONFIG_LIBNL20=y
+
+# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
+CONFIG_LIBNL32=y
+
+
+# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
+#CONFIG_DRIVER_BSD=y
+#CFLAGS += -I/usr/local/include
+#LIBS += -L/usr/local/lib
+#LIBS_p += -L/usr/local/lib
+#LIBS_c += -L/usr/local/lib
+
+# Driver interface for Windows NDIS
+#CONFIG_DRIVER_NDIS=y
+#CFLAGS += -I/usr/include/w32api/ddk
+#LIBS += -L/usr/local/lib
+# For native build using mingw
+#CONFIG_NATIVE_WINDOWS=y
+# Additional directories for cross-compilation on Linux host for mingw target
+#CFLAGS += -I/opt/mingw/mingw32/include/ddk
+#LIBS += -L/opt/mingw/mingw32/lib
+#CC=mingw32-gcc
+# By default, driver_ndis uses WinPcap for low-level operations. This can be
+# replaced with the following option which replaces WinPcap calls with NDISUIO.
+# However, this requires that WZC is disabled (net stop wzcsvc) before starting
+# wpa_supplicant.
+# CONFIG_USE_NDISUIO=y
+
+# Driver interface for wired Ethernet drivers
+CONFIG_DRIVER_WIRED=y
+
+# Driver interface for the Broadcom RoboSwitch family
+#CONFIG_DRIVER_ROBOSWITCH=y
+
+# Driver interface for no driver (e.g., WPS ER only)
+#CONFIG_DRIVER_NONE=y
+
+# Solaris libraries
+#LIBS += -lsocket -ldlpi -lnsl
+#LIBS_c += -lsocket
+
+# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
+# included)
+CONFIG_IEEE8021X_EAPOL=y
+
+# EAP-MD5
+CONFIG_EAP_MD5=y
+
+# EAP-MSCHAPv2
+CONFIG_EAP_MSCHAPV2=y
+
+# EAP-TLS
+CONFIG_EAP_TLS=y
+
+# EAL-PEAP
+CONFIG_EAP_PEAP=y
+
+# EAP-TTLS
+CONFIG_EAP_TTLS=y
+
+# EAP-FAST
+# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed
+# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g.,
+# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions.
+CONFIG_EAP_FAST=y
+
+# EAP-GTC
+CONFIG_EAP_GTC=y
+
+# EAP-OTP
+CONFIG_EAP_OTP=y
+
+# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
+CONFIG_EAP_SIM=y
+
+# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
+CONFIG_EAP_PSK=y
+
+# EAP-pwd (secure authentication using only a password)
+#CONFIG_EAP_PWD=y
+
+# EAP-PAX
+CONFIG_EAP_PAX=y
+
+# LEAP
+CONFIG_EAP_LEAP=y
+
+# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
+CONFIG_EAP_AKA=y
+
+# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
+# This requires CONFIG_EAP_AKA to be enabled, too.
+CONFIG_EAP_AKA_PRIME=y
+
+# Enable USIM simulator (Milenage) for EAP-AKA
+#CONFIG_USIM_SIMULATOR=y
+
+# EAP-SAKE
+#CONFIG_EAP_SAKE=y
+
+# EAP-GPSK
+#CONFIG_EAP_GPSK=y
+# Include support for optional SHA256 cipher suite in EAP-GPSK
+#CONFIG_EAP_GPSK_SHA256=y
+
+# EAP-TNC and related Trusted Network Connect support (experimental)
+#CONFIG_EAP_TNC=y
+
+# Wi-Fi Protected Setup (WPS)
+CONFIG_WPS=y
+# Enable WPS external registrar functionality
+#CONFIG_WPS_ER=y
+# Disable credentials for an open network by default when acting as a WPS
+# registrar.
+#CONFIG_WPS_REG_DISABLE_OPEN=y
+# Enable WPS support with NFC config method
+#CONFIG_WPS_NFC=y
+
+# EAP-IKEv2
+#CONFIG_EAP_IKEV2=y
+
+# EAP-EKE
+#CONFIG_EAP_EKE=y
+
+# PKCS#12 (PFX) support (used to read private key and certificate file from
+# a file that usually has extension .p12 or .pfx)
+CONFIG_PKCS12=y
+
+# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
+# engine.
+CONFIG_SMARTCARD=y
+
+# PC/SC interface for smartcards (USIM, GSM SIM)
+# Enable this if EAP-SIM or EAP-AKA is included
+CONFIG_PCSC=y
+
+# Support HT overrides (disable HT/HT40, mask MCS rates, etc.)
+#CONFIG_HT_OVERRIDES=y
+
+# Support VHT overrides (disable VHT, mask MCS rates, etc.)
+#CONFIG_VHT_OVERRIDES=y
+
+# Development testing
+#CONFIG_EAPOL_TEST=y
+
+# Select control interface backend for external programs, e.g, wpa_cli:
+# unix = UNIX domain sockets (default for Linux/*BSD)
+# udp = UDP sockets using localhost (127.0.0.1)
+# udp6 = UDP IPv6 sockets using localhost (::1)
+# named_pipe = Windows Named Pipe (default for Windows)
+# udp-remote = UDP sockets with remote access (only for tests systems/purpose)
+# udp6-remote = UDP IPv6 sockets with remote access (only for tests purpose)
+# y = use default (backwards compatibility)
+# If this option is commented out, control interface is not included in the
+# build.
+CONFIG_CTRL_IFACE=y
+
+# Include support for GNU Readline and History Libraries in wpa_cli.
+# When building a wpa_cli binary for distribution, please note that these
+# libraries are licensed under GPL and as such, BSD license may not apply for
+# the resulting binary.
+CONFIG_READLINE=y
+
+# Include internal line edit mode in wpa_cli. This can be used as a replacement
+# for GNU Readline to provide limited command line editing and history support.
+#CONFIG_WPA_CLI_EDIT=y
+
+# Remove debugging code that is printing out debug message to stdout.
+# This can be used to reduce the size of the wpa_supplicant considerably
+# if debugging code is not needed. The size reduction can be around 35%
+# (e.g., 90 kB).
+#CONFIG_NO_STDOUT_DEBUG=y
+
+# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
+# 35-50 kB in code size.
+#CONFIG_NO_WPA=y
+
+# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
+# This option can be used to reduce code size by removing support for
+# converting ASCII passphrases into PSK. If this functionality is removed, the
+# PSK can only be configured as the 64-octet hexstring (e.g., from
+# wpa_passphrase). This saves about 0.5 kB in code size.
+#CONFIG_NO_WPA_PASSPHRASE=y
+
+# Disable scan result processing (ap_mode=1) to save code size by about 1 kB.
+# This can be used if ap_scan=1 mode is never enabled.
+#CONFIG_NO_SCAN_PROCESSING=y
+
+# Select configuration backend:
+# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
+# path is given on command line, not here; this option is just used to
+# select the backend that allows configuration files to be used)
+# winreg = Windows registry (see win_example.reg for an example)
+CONFIG_BACKEND=file
+
+# Remove configuration write functionality (i.e., to allow the configuration
+# file to be updated based on runtime configuration changes). The runtime
+# configuration can still be changed, the changes are just not going to be
+# persistent over restarts. This option can be used to reduce code size by
+# about 3.5 kB.
+#CONFIG_NO_CONFIG_WRITE=y
+
+# Remove support for configuration blobs to reduce code size by about 1.5 kB.
+#CONFIG_NO_CONFIG_BLOBS=y
+
+# Select program entry point implementation:
+# main = UNIX/POSIX like main() function (default)
+# main_winsvc = Windows service (read parameters from registry)
+# main_none = Very basic example (development use only)
+#CONFIG_MAIN=main
+
+# Select wrapper for operating system and C library specific functions
+# unix = UNIX/POSIX like systems (default)
+# win32 = Windows systems
+# none = Empty template
+#CONFIG_OS=unix
+
+# Select event loop implementation
+# eloop = select() loop (default)
+# eloop_win = Windows events and WaitForMultipleObject() loop
+#CONFIG_ELOOP=eloop
+
+# Should we use poll instead of select? Select is used by default.
+#CONFIG_ELOOP_POLL=y
+
+# Should we use epoll instead of select? Select is used by default.
+#CONFIG_ELOOP_EPOLL=y
+
+# Select layer 2 packet implementation
+# linux = Linux packet socket (default)
+# pcap = libpcap/libdnet/WinPcap
+# freebsd = FreeBSD libpcap
+# winpcap = WinPcap with receive thread
+# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
+# none = Empty template
+#CONFIG_L2_PACKET=linux
+
+# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS)
+CONFIG_PEERKEY=y
+
+# IEEE 802.11w (management frame protection), also known as PMF
+# Driver support is also needed for IEEE 802.11w.
+#CONFIG_IEEE80211W=y
+
+# Select TLS implementation
+# openssl = OpenSSL (default)
+# gnutls = GnuTLS
+# internal = Internal TLSv1 implementation (experimental)
+# none = Empty template
+CONFIG_TLS=openssl
+
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
+# can be enabled to get a stronger construction of messages when block ciphers
+# are used. It should be noted that some existing TLS v1.0 -based
+# implementation may not be compatible with TLS v1.1 message (ClientHello is
+# sent prior to negotiating which version will be used)
+#CONFIG_TLSV11=y
+
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2)
+# can be enabled to enable use of stronger crypto algorithms. It should be
+# noted that some existing TLS v1.0 -based implementation may not be compatible
+# with TLS v1.2 message (ClientHello is sent prior to negotiating which version
+# will be used)
+#CONFIG_TLSV12=y
+
+# If CONFIG_TLS=internal is used, additional library and include paths are
+# needed for LibTomMath. Alternatively, an integrated, minimal version of
+# LibTomMath can be used. See beginning of libtommath.c for details on benefits
+# and drawbacks of this option.
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#ifndef CONFIG_INTERNAL_LIBTOMMATH
+#LTM_PATH=/usr/src/libtommath-0.39
+#CFLAGS += -I$(LTM_PATH)
+#LIBS += -L$(LTM_PATH)
+#LIBS_p += -L$(LTM_PATH)
+#endif
+# At the cost of about 4 kB of additional binary size, the internal LibTomMath
+# can be configured to include faster routines for exptmod, sqr, and div to
+# speed up DH and RSA calculation considerably
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
+# This is only for Windows builds and requires WMI-related header files and
+# WbemUuid.Lib from Platform SDK even when building with MinGW.
+#CONFIG_NDIS_EVENTS_INTEGRATED=y
+#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
+
+# Add support for old DBus control interface
+# (fi.epitest.hostap.WPASupplicant)
+CONFIG_CTRL_IFACE_DBUS=y
+
+# Add support for new DBus control interface
+# (fi.w1.hostap.wpa_supplicant1)
+CONFIG_CTRL_IFACE_DBUS_NEW=y
+
+# Add introspection support for new DBus control interface
+CONFIG_CTRL_IFACE_DBUS_INTRO=y
+
+# Add support for loading EAP methods dynamically as shared libraries.
+# When this option is enabled, each EAP method can be either included
+# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
+# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
+# be loaded in the beginning of the wpa_supplicant configuration file
+# (see load_dynamic_eap parameter in the example file) before being used in
+# the network blocks.
+#
+# Note that some shared parts of EAP methods are included in the main program
+# and in order to be able to use dynamic EAP methods using these parts, the
+# main program must have been build with the EAP method enabled (=y or =dyn).
+# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
+# unless at least one of them was included in the main build to force inclusion
+# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
+# in the main build to be able to load these methods dynamically.
+#
+# Please also note that using dynamic libraries will increase the total binary
+# size. Thus, it may not be the best option for targets that have limited
+# amount of memory/flash.
+#CONFIG_DYNAMIC_EAP_METHODS=y
+
+# IEEE Std 802.11r-2008 (Fast BSS Transition)
+#CONFIG_IEEE80211R=y
+
+# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
+#CONFIG_DEBUG_FILE=y
+
+# Send debug messages to syslog instead of stdout
+#CONFIG_DEBUG_SYSLOG=y
+# Set syslog facility for debug messages
+#CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON
+
+# Add support for sending all debug messages (regardless of debug verbosity)
+# to the Linux kernel tracing facility. This helps debug the entire stack by
+# making it easy to record everything happening from the driver up into the
+# same file, e.g., using trace-cmd.
+#CONFIG_DEBUG_LINUX_TRACING=y
+
+# Add support for writing debug log to Android logcat instead of standard
+# output
+#CONFIG_ANDROID_LOG=y
+
+# Enable privilege separation (see README 'Privilege separation' for details)
+#CONFIG_PRIVSEP=y
+
+# Enable mitigation against certain attacks against TKIP by delaying Michael
+# MIC error reports by a random amount of time between 0 and 60 seconds
+CONFIG_DELAYED_MIC_ERROR_REPORT=y
+
+# Enable tracing code for developer debugging
+# This tracks use of memory allocations and other registrations and reports
+# incorrect use with a backtrace of call (or allocation) location.
+#CONFIG_WPA_TRACE=y
+# For BSD, uncomment these.
+#LIBS += -lexecinfo
+#LIBS_p += -lexecinfo
+#LIBS_c += -lexecinfo
+
+# Use libbfd to get more details for developer debugging
+# This enables use of libbfd to get more detailed symbols for the backtraces
+# generated by CONFIG_WPA_TRACE=y.
+#CONFIG_WPA_TRACE_BFD=y
+# For BSD, uncomment these.
+#LIBS += -lbfd -liberty -lz
+#LIBS_p += -lbfd -liberty -lz
+#LIBS_c += -lbfd -liberty -lz
+
+# wpa_supplicant depends on strong random number generation being available
+# from the operating system. os_get_random() function is used to fetch random
+# data when needed, e.g., for key generation. On Linux and BSD systems, this
+# works by reading /dev/urandom. It should be noted that the OS entropy pool
+# needs to be properly initialized before wpa_supplicant is started. This is
+# important especially on embedded devices that do not have a hardware random
+# number generator and may by default start up with minimal entropy available
+# for random number generation.
+#
+# As a safety net, wpa_supplicant is by default trying to internally collect
+# additional entropy for generating random data to mix in with the data fetched
+# from the OS. This by itself is not considered to be very strong, but it may
+# help in cases where the system pool is not initialized properly. However, it
+# is very strongly recommended that the system pool is initialized with enough
+# entropy either by using hardware assisted random number generator or by
+# storing state over device reboots.
+#
+# wpa_supplicant can be configured to maintain its own entropy store over
+# restarts to enhance random number generation. This is not perfect, but it is
+# much more secure than using the same sequence of random numbers after every
+# reboot. This can be enabled with -e<entropy file> command line option. The
+# specified file needs to be readable and writable by wpa_supplicant.
+#
+# If the os_get_random() is known to provide strong random data (e.g., on
+# Linux/BSD, the board in question is known to have reliable source of random
+# data from /dev/urandom), the internal wpa_supplicant random pool can be
+# disabled. This will save some in binary size and CPU use. However, this
+# should only be considered for builds that are known to be used on devices
+# that meet the requirements described above.
+#CONFIG_NO_RANDOM_POOL=y
+
+# IEEE 802.11n (High Throughput) support (mainly for AP mode)
+#CONFIG_IEEE80211N=y
+
+# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode)
+# (depends on CONFIG_IEEE80211N)
+#CONFIG_IEEE80211AC=y
+
+# Wireless Network Management (IEEE Std 802.11v-2011)
+# Note: This is experimental and not complete implementation.
+#CONFIG_WNM=y
+
+# Interworking (IEEE 802.11u)
+# This can be used to enable functionality to improve interworking with
+# external networks (GAS/ANQP to learn more about the networks and network
+# selection based on available credentials).
+#CONFIG_INTERWORKING=y
+
+# Hotspot 2.0
+#CONFIG_HS20=y
+
+# Disable roaming in wpa_supplicant
+#CONFIG_NO_ROAMING=y
+
+# AP mode operations with wpa_supplicant
+# This can be used for controlling AP mode operations with wpa_supplicant. It
+# should be noted that this is mainly aimed at simple cases like
+# WPA2-Personal while more complex configurations like WPA2-Enterprise with an
+# external RADIUS server can be supported with hostapd.
+CONFIG_AP=y
+
+# P2P (Wi-Fi Direct)
+# This can be used to enable P2P support in wpa_supplicant. See README-P2P for
+# more information on P2P operations.
+CONFIG_P2P=y
+
+# Enable TDLS support
+#CONFIG_TDLS=y
+
+# Wi-Fi Direct
+# This can be used to enable Wi-Fi Direct extensions for P2P using an external
+# program to control the additional information exchanges in the messages.
+#CONFIG_WIFI_DISPLAY=y
+
+# Autoscan
+# This can be used to enable automatic scan support in wpa_supplicant.
+# See wpa_supplicant.conf for more information on autoscan usage.
+#
+# Enabling directly a module will enable autoscan support.
+# For exponential module:
+#CONFIG_AUTOSCAN_EXPONENTIAL=y
+# For periodic module:
+#CONFIG_AUTOSCAN_PERIODIC=y
+
+# Password (and passphrase, etc.) backend for external storage
+# These optional mechanisms can be used to add support for storing passwords
+# and other secrets in external (to wpa_supplicant) location. This allows, for
+# example, operating system specific key storage to be used
+#
+# External password backend for testing purposes (developer use)
+#CONFIG_EXT_PASSWORD_TEST=y
diff --git a/main/wpa_supplicant/wpa_cli.sh b/main/wpa_supplicant/wpa_cli.sh
index 3c7325c..0a5a6cc 100644
--- a/main/wpa_supplicant/wpa_cli.sh
+++ b/main/wpa_supplicant/wpa_cli.sh
@@ -9,7 +9,7 @@ if [ -z "${1}" -o -z "${2}" ]; then
logger -t wpa_cli "this script should be called from wpa_cli(8)"
exit 1
elif ! [ -x "${IFUP}" -a -x "${IFDOWN}" ]; then
- logger -t wpa_cli "/sbin/ifup or /sbin/ifdown doesn't exist"
+ logger -t wpa_cli "${IFUP} or ${IFDOWN} doesn't exist"
exit 1
fi
--
2.6.1
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---