On Wed, Feb 6, 2013 at 5:02 PM, Stuart Henderson <s...@spacehopper.org> wrote: > On 2013/02/06 13:55, Gregor Best wrote: >> On Wed, Feb 06, 2013 at 09:41:09AM -0300, Gleydson Soares wrote: >> > Your diff is broken. >> > Please. regen against current. >> > [...] >> >> My apologies. A regenerated patch is attached. >> >> -- >> Gregor Best > >> diff -ur wpa_supplicant.old/Makefile wpa_supplicant/Makefile >> --- wpa_supplicant.old/Makefile Wed Feb 6 13:53:25 2013 >> +++ wpa_supplicant/Makefile Wed Feb 6 13:50:08 2013 >> @@ -3,7 +3,7 @@ >> COMMENT= IEEE 802.1X supplicant >> >> DISTNAME= wpa_supplicant-2.0 >> -REVISION= 1 >> +REVISION= 2 >> CATEGORIES= security net >> >> HOMEPAGE= http://hostap.epitest.fi/wpa_supplicant/ >> diff -ur wpa_supplicant.old/files/config wpa_supplicant/files/config >> --- wpa_supplicant.old/files/config Wed Feb 6 13:53:34 2013 >> +++ wpa_supplicant/files/config Wed Feb 6 13:50:27 2013 >> @@ -10,6 +10,7 @@ >> CONFIG_DRIVER_OPENBSD=y >> CONFIG_IEEE8021X_EAPOL=y >> CONFIG_PEERKEY=y >> +CONFIG_PKCS12=y >> >> CONFIG_EAP_MD5=y >> CONFIG_EAP_MSCHAPV2=y > > I've merged this with mine which adds an rc script and README. > > Also removed my patch to wpa_priv, it looks like driver_common > should probably be added to OBJS_d instead, however when using > privsep code (on my wired interface, I don't have wpa-enterprise > setup yet) I'm not seeing it transmit anything, so I would be > interested to know if privsep is working for people using > wpa_supplicant 2.0 on other OS (do other OS even use privsep mode?).
I like it. Ok for me. Ciao, David > Index: Makefile > =================================================================== > RCS file: /cvs/ports/security/wpa_supplicant/Makefile,v > retrieving revision 1.9 > diff -u -p -r1.9 Makefile > --- Makefile 4 Feb 2013 10:04:44 -0000 1.9 > +++ Makefile 6 Feb 2013 15:43:51 -0000 > @@ -3,7 +3,7 @@ > COMMENT= IEEE 802.1X supplicant > > DISTNAME= wpa_supplicant-2.0 > -REVISION= 1 > +REVISION= 2 > CATEGORIES= security net > > HOMEPAGE= http://hostap.epitest.fi/wpa_supplicant/ > Index: files/config > =================================================================== > RCS file: /cvs/ports/security/wpa_supplicant/files/config,v > retrieving revision 1.2 > diff -u -p -r1.2 config > --- files/config 28 Jan 2013 11:03:16 -0000 1.2 > +++ files/config 6 Feb 2013 15:43:51 -0000 > @@ -10,6 +10,7 @@ CONFIG_DRIVER_WIRED=y > CONFIG_DRIVER_OPENBSD=y > CONFIG_IEEE8021X_EAPOL=y > CONFIG_PEERKEY=y > +CONFIG_PKCS12=y > > CONFIG_EAP_MD5=y > CONFIG_EAP_MSCHAPV2=y > @@ -31,6 +32,5 @@ CONFIG_EAP_SIM=y > CONFIG_PCSC=y > CONFIG_SMARTCARD=y > > -# privilege separation, see README. > -# WIP: not yet tested. > +# privilege separation, see README. not working yet. > # CONFIG_PRIVSEP=y > Index: patches/patch-wpa_supplicant_wpa_priv_c > =================================================================== > RCS file: patches/patch-wpa_supplicant_wpa_priv_c > diff -N patches/patch-wpa_supplicant_wpa_priv_c > --- patches/patch-wpa_supplicant_wpa_priv_c 28 Jan 2013 11:03:16 -0000 > 1.1 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,34 +0,0 @@ > -$OpenBSD: patch-wpa_supplicant_wpa_priv_c,v 1.1 2013/01/28 11:03:16 sthen > Exp $ > ---- wpa_supplicant/wpa_priv.c.orig Sat Jan 26 10:49:28 2013 > -+++ wpa_supplicant/wpa_priv.c Sat Jan 26 10:50:56 2013 > -@@ -92,6 +92,7 @@ static void wpa_priv_cmd_unregister(struct wpa_priv_in > - } > - > - > -+#if 0 > - static void wpa_priv_cmd_scan(struct wpa_priv_interface *iface, > - char *buf, size_t len) > - { > -@@ -170,6 +171,7 @@ static void wpa_priv_cmd_get_scan_results(struct wpa_p > - sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, > - sizeof(*from)); > - } > -+#endif > - > - > - static void wpa_priv_cmd_associate(struct wpa_priv_interface *iface, > -@@ -487,12 +489,14 @@ static void wpa_priv_receive(int sock, void *eloop_ctx > - case PRIVSEP_CMD_UNREGISTER: > - wpa_priv_cmd_unregister(iface, &from); > - break; > -+#if 0 > - case PRIVSEP_CMD_SCAN: > - wpa_priv_cmd_scan(iface, cmd_buf, cmd_len); > - break; > - case PRIVSEP_CMD_GET_SCAN_RESULTS: > - wpa_priv_cmd_get_scan_results(iface, &from); > - break; > -+#endif > - case PRIVSEP_CMD_ASSOCIATE: > - wpa_priv_cmd_associate(iface, cmd_buf, cmd_len); > - break; > Index: pkg/PLIST > =================================================================== > RCS file: /cvs/ports/security/wpa_supplicant/pkg/PLIST,v > retrieving revision 1.3 > diff -u -p -r1.3 PLIST > --- pkg/PLIST 28 Jan 2013 11:03:16 -0000 1.3 > +++ pkg/PLIST 6 Feb 2013 15:43:51 -0000 > @@ -1,16 +1,18 @@ > @comment $OpenBSD: PLIST,v 1.3 2013/01/28 11:03:16 sthen Exp $ > -@comment @man man/man8/wpa_priv.8 > @comment @bin sbin/wpa_priv > @man man/man5/wpa_supplicant.conf.5 > @man man/man8/wpa_background.8 > @man man/man8/wpa_cli.8 > @comment @man man/man8/wpa_gui.8 > @man man/man8/wpa_passphrase.8 > +@comment @man man/man8/wpa_priv.8 > @man man/man8/wpa_supplicant.8 > @bin sbin/wpa_cli > @bin sbin/wpa_passphrase > @bin sbin/wpa_supplicant > +share/doc/pkg-readmes/${FULLPKGNAME} > share/examples/wpa_supplicant/ > share/examples/wpa_supplicant/wpa_supplicant.conf > @sample ${SYSCONFDIR}/wpa_supplicant.conf > share/examples/wpa_supplicant/wpa_supplicant.conf.dist > +@rcscript ${RCDIR}/wpa_supplicant > Index: pkg/README > =================================================================== > RCS file: pkg/README > diff -N pkg/README > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ pkg/README 6 Feb 2013 15:43:51 -0000 > @@ -0,0 +1,35 @@ > +$OpenBSD: README.template,v 1.4 2011/06/02 13:44:40 ajacoutot Exp $ > + > ++----------------------------------------------------------------------- > +| Running ${FULLPKGNAME} on OpenBSD > ++----------------------------------------------------------------------- > + > +Configuring wireless interfaces > +=============================== > +Configure your interface in the normal way using ifconfig(8) commands > +or via /etc/hostname.<iface>. You must explicitly set 802.1x mode; it is > +also recommended that the BSSID is configured explicitly, e.g.: > + > +# ifconfig rsu0 nwid humppa bssid 11:22:33:44:55:66 wpa wpaakms 802.1x up > + > +Access-point scanning is not currently supported by the OpenBSD code in > +wpa_supplicant, so ap_scan=0 should be set in > ${SYSCONFDIR}/wpa_supplicant.conf. > + > +Starting wpa_supplicant at boot time > +==================================== > +An rc.d(8) script is provided to start wpa_supplicant, so you can add the > +usual line to /etc/rc.conf.local: > + > +pkg_scripts="${pkg_scripts} wpa_supplicant" > + > +The interface name must be given on the command line - this is preset to > +"athn0" in the rc.d script. To use an alternative interface, do _not_ > +modify the /etc/rc.d/wpa_supplicant script, but instead change this in > +/etc/rc.conf.local by adding a line using the format of one of the > +following examples: > + > +# 802.11 wireless > +wpa_supplicant_flags="-c ${SYSCONFDIR}/wpa_supplicant.conf -D openbsd -i > ral0" > + > +# wired > +wpa_supplicant_flags="-c ${SYSCONFDIR}/wpa_supplicant.conf -D wired -i em0" > Index: pkg/wpa_supplicant.rc > =================================================================== > RCS file: pkg/wpa_supplicant.rc > diff -N pkg/wpa_supplicant.rc > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ pkg/wpa_supplicant.rc 6 Feb 2013 15:43:51 -0000 > @@ -0,0 +1,10 @@ > +#!/bin/sh > +# > +# $OpenBSD$ > + > +daemon="${TRUEPREFIX}/sbin/wpa_supplicant -B" > +daemon_flags="-c ${SYSCONFDIR}/wpa_supplicant.conf -D openbsd -i athn0" > + > +. /etc/rc.d/rc.subr > + > +rc_cmd $1 >