summaryrefslogtreecommitdiff
path: root/source/n/wpa_supplicant/patches
diff options
context:
space:
mode:
Diffstat (limited to 'source/n/wpa_supplicant/patches')
-rw-r--r--source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch127
-rw-r--r--source/n/wpa_supplicant/patches/allow-tlsv1.patch22
-rw-r--r--source/n/wpa_supplicant/patches/dbus-service-file-args.diff20
-rw-r--r--source/n/wpa_supplicant/patches/quiet-scan-results-message.diff16
-rw-r--r--source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch99
-rw-r--r--source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch78
-rw-r--r--source/n/wpa_supplicant/patches/wpa_supplicant-2.7-fix-undefined-remove-ie.patch38
-rw-r--r--source/n/wpa_supplicant/patches/wpa_supplicant-assoc-timeout.patch (renamed from source/n/wpa_supplicant/patches/assoc-timeout.diff)8
-rw-r--r--source/n/wpa_supplicant/patches/wpa_supplicant-dbus-service-file-args.patch20
-rw-r--r--source/n/wpa_supplicant/patches/wpa_supplicant-flush-debug-output.patch (renamed from source/n/wpa_supplicant/patches/flush-debug-output.diff)15
-rw-r--r--source/n/wpa_supplicant/patches/wpa_supplicant-gui-qt4.patch41
-rw-r--r--source/n/wpa_supplicant/patches/wpa_supplicant-quiet-scan-results-message.patch30
12 files changed, 162 insertions, 352 deletions
diff --git a/source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch b/source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch
deleted file mode 100644
index bee574a5..00000000
--- a/source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch
+++ /dev/null
@@ -1,127 +0,0 @@
-From 25b37c54a47e49d591f5752bbf0f510480402cae Mon Sep 17 00:00:00 2001
-From: Beniamino Galvani <bgalvani@redhat.com>
-Date: Sun, 9 Jul 2017 11:14:10 +0200
-Subject: [PATCH 1/2] OpenSSL: Fix private key password handling with OpenSSL
- >= 1.1.0f
-
-Since OpenSSL version 1.1.0f, SSL_use_PrivateKey_file() uses the
-callback from the SSL object instead of the one from the CTX, so let's
-set the callback on both SSL and CTX. Note that
-SSL_set_default_passwd_cb*() is available only in 1.1.0.
-
-Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
-(cherry picked from commit f665c93e1d28fbab3d9127a8c3985cc32940824f)
----
- src/crypto/tls_openssl.c | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
-diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
-index c4170b6..bceb8c3 100644
---- a/src/crypto/tls_openssl.c
-+++ b/src/crypto/tls_openssl.c
-@@ -2779,6 +2779,15 @@ static int tls_connection_private_key(struct tls_data *data,
- } else
- passwd = NULL;
-
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+ /*
-+ * In OpenSSL >= 1.1.0f SSL_use_PrivateKey_file() uses the callback
-+ * from the SSL object. See OpenSSL commit d61461a75253.
-+ */
-+ SSL_set_default_passwd_cb(conn->ssl, tls_passwd_cb);
-+ SSL_set_default_passwd_cb_userdata(conn->ssl, passwd);
-+#endif /* >= 1.1.0f && !LibreSSL */
-+ /* Keep these for OpenSSL < 1.1.0f */
- SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb);
- SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd);
-
-@@ -2869,6 +2878,9 @@ static int tls_connection_private_key(struct tls_data *data,
- return -1;
- }
- ERR_clear_error();
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+ SSL_set_default_passwd_cb(conn->ssl, NULL);
-+#endif /* >= 1.1.0f && !LibreSSL */
- SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
- os_free(passwd);
-
---
-2.9.3
-
-From b2887d6964a406eb5f88f4ad4e9764c468954382 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Mon, 17 Jul 2017 12:06:17 +0300
-Subject: [PATCH 2/2] OpenSSL: Clear default_passwd_cb more thoroughly
-
-Previously, the pointer to strdup passwd was left in OpenSSL library
-default_passwd_cb_userdata and even the default_passwd_cb was left set
-on an error path. To avoid unexpected behavior if something were to
-manage to use there pointers, clear them explicitly once done with
-loading of the private key.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
-(cherry picked from commit 89971d8b1e328a2f79699c953625d1671fd40384)
----
- src/crypto/tls_openssl.c | 22 +++++++++++++++++-----
- 1 file changed, 17 insertions(+), 5 deletions(-)
-
-diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
-index bceb8c3..770af9e 100644
---- a/src/crypto/tls_openssl.c
-+++ b/src/crypto/tls_openssl.c
-@@ -2758,6 +2758,19 @@ static int tls_connection_engine_private_key(struct tls_connection *conn)
- }
-
-
-+static void tls_clear_default_passwd_cb(SSL_CTX *ssl_ctx, SSL *ssl)
-+{
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+ if (ssl) {
-+ SSL_set_default_passwd_cb(ssl, NULL);
-+ SSL_set_default_passwd_cb_userdata(ssl, NULL);
-+ }
-+#endif /* >= 1.1.0f && !LibreSSL */
-+ SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
-+ SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, NULL);
-+}
-+
-+
- static int tls_connection_private_key(struct tls_data *data,
- struct tls_connection *conn,
- const char *private_key,
-@@ -2874,14 +2887,12 @@ static int tls_connection_private_key(struct tls_data *data,
- if (!ok) {
- tls_show_errors(MSG_INFO, __func__,
- "Failed to load private key");
-+ tls_clear_default_passwd_cb(ssl_ctx, conn->ssl);
- os_free(passwd);
- return -1;
- }
- ERR_clear_error();
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-- SSL_set_default_passwd_cb(conn->ssl, NULL);
--#endif /* >= 1.1.0f && !LibreSSL */
-- SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
-+ tls_clear_default_passwd_cb(ssl_ctx, conn->ssl);
- os_free(passwd);
-
- if (!SSL_check_private_key(conn->ssl)) {
-@@ -2924,13 +2935,14 @@ static int tls_global_private_key(struct tls_data *data,
- tls_read_pkcs12(data, NULL, private_key, passwd)) {
- tls_show_errors(MSG_INFO, __func__,
- "Failed to load private key");
-+ tls_clear_default_passwd_cb(ssl_ctx, NULL);
- os_free(passwd);
- ERR_clear_error();
- return -1;
- }
-+ tls_clear_default_passwd_cb(ssl_ctx, NULL);
- os_free(passwd);
- ERR_clear_error();
-- SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
-
- if (!SSL_CTX_check_private_key(ssl_ctx)) {
- tls_show_errors(MSG_INFO, __func__,
---
-2.9.3
-
diff --git a/source/n/wpa_supplicant/patches/allow-tlsv1.patch b/source/n/wpa_supplicant/patches/allow-tlsv1.patch
new file mode 100644
index 00000000..eb5fb781
--- /dev/null
+++ b/source/n/wpa_supplicant/patches/allow-tlsv1.patch
@@ -0,0 +1,22 @@
+From: Andrej Shadura <andrewsh@debian.org>
+Subject: Enable TLSv1.0 by default
+
+OpenSSL 1.1.1 disables TLSv1.0 by default and sets the security level to 2.
+Some older networks may support for TLSv1.0 and less secure cyphers.
+
+--- a/src/crypto/tls_openssl.c
++++ b/src/crypto/tls_openssl.c
+@@ -988,6 +988,13 @@
+ os_free(data);
+ return NULL;
+ }
++
++#ifndef EAP_SERVER_TLS
++ /* Enable TLSv1.0 by default to allow connecting to legacy
++ * networks since Debian OpenSSL is set to minimum TLSv1.2 and SECLEVEL=2. */
++ SSL_CTX_set_min_proto_version(ssl, TLS1_VERSION);
++#endif
++
+ data->ssl = ssl;
+ if (conf)
+ data->tls_session_lifetime = conf->tls_session_lifetime;
diff --git a/source/n/wpa_supplicant/patches/dbus-service-file-args.diff b/source/n/wpa_supplicant/patches/dbus-service-file-args.diff
deleted file mode 100644
index 7e2449f2..00000000
--- a/source/n/wpa_supplicant/patches/dbus-service-file-args.diff
+++ /dev/null
@@ -1,20 +0,0 @@
-diff -Nur wpa_supplicant-1.0-rc3.orig/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in wpa_supplicant-1.0-rc3/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in
---- wpa_supplicant-1.0-rc3.orig/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in 2012-04-16 15:15:40.000000000 -0500
-+++ wpa_supplicant-1.0-rc3/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in 2012-05-06 01:07:44.523999837 -0500
-@@ -1,5 +1,5 @@
- [D-BUS Service]
- Name=fi.epitest.hostap.WPASupplicant
--Exec=@BINDIR@/wpa_supplicant -u
-+Exec=@BINDIR@/wpa_supplicant -B -u -f /var/log/wpa_supplicant.log -P /var/run/wpa_supplicant.pid
- User=root
- SystemdService=wpa_supplicant.service
-diff -Nur wpa_supplicant-1.0-rc3.orig/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in wpa_supplicant-1.0-rc3/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in
---- wpa_supplicant-1.0-rc3.orig/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in 2012-04-16 15:15:40.000000000 -0500
-+++ wpa_supplicant-1.0-rc3/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in 2012-05-06 01:06:59.528589953 -0500
-@@ -1,5 +1,5 @@
- [D-BUS Service]
- Name=fi.w1.wpa_supplicant1
--Exec=@BINDIR@/wpa_supplicant -u
-+Exec=@BINDIR@/wpa_supplicant -B -u -f /var/log/wpa_supplicant.log -P /var/run/wpa_supplicant.pid
- User=root
- SystemdService=wpa_supplicant.service
diff --git a/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff b/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff
deleted file mode 100644
index 7f85e810..00000000
--- a/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff
+++ /dev/null
@@ -1,16 +0,0 @@
---- ./wpa_supplicant/events.c.orig 2017-01-05 11:29:16.968898845 -0600
-+++ ./wpa_supplicant/events.c 2017-01-05 11:31:13.515907254 -0600
-@@ -1555,11 +1555,11 @@
- if (wpa_s->last_scan_req == MANUAL_SCAN_REQ &&
- wpa_s->manual_scan_use_id && wpa_s->own_scan_running &&
- own_request && !(data && data->scan_info.external_scan)) {
-- wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS "id=%u",
-+ wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS "id=%u",
- wpa_s->manual_scan_id);
- wpa_s->manual_scan_use_id = 0;
- } else {
-- wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
-+ wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS);
- }
- wpas_notify_scan_results(wpa_s);
-
diff --git a/source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch b/source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch
deleted file mode 100644
index 0c03e1dc..00000000
--- a/source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-From 290834df69556b903b49f2a45671cc62b44f13bb Mon Sep 17 00:00:00 2001
-From: Beniamino Galvani <bgalvani@redhat.com>
-Date: Fri, 28 Apr 2017 17:59:30 +0200
-Subject: [PATCH] nl80211: Fix race condition in detecting MAC change
-
-Commit 3e0272ca00ce1df35b45e7d739dd7e935f13fd84 ('nl80211: Re-read MAC
-address on RTM_NEWLINK') added the detection of external changes to MAC
-address when the interface is brought up.
-
-If the interface state is changed quickly enough, wpa_supplicant may
-receive the netlink message for the !IFF_UP event when the interface
-has already been brought up and would ignore the next netlink IFF_UP
-message, missing the MAC change.
-
-Fix this by also reloading the MAC address when a !IFF_UP event is
-received with the interface up, because this implies that the
-interface went down and up again, possibly changing the address.
-
-Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
----
- src/drivers/driver_nl80211.c | 47 +++++++++++++++++++++++++-------------------
- 1 file changed, 27 insertions(+), 20 deletions(-)
-
-diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
-index af1cb84..24fad29 100644
---- a/src/drivers/driver_nl80211.c
-+++ b/src/drivers/driver_nl80211.c
-@@ -933,6 +933,30 @@ nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
- }
-
-
-+static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv,
-+ int ifindex)
-+{
-+ struct i802_bss *bss;
-+ u8 addr[ETH_ALEN];
-+
-+ bss = get_bss_ifindex(drv, ifindex);
-+ if (bss &&
-+ linux_get_ifhwaddr(drv->global->ioctl_sock,
-+ bss->ifname, addr) < 0) {
-+ wpa_printf(MSG_DEBUG,
-+ "nl80211: %s: failed to re-read MAC address",
-+ bss->ifname);
-+ } else if (bss && os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
-+ wpa_printf(MSG_DEBUG,
-+ "nl80211: Own MAC address on ifindex %d (%s) changed from "
-+ MACSTR " to " MACSTR,
-+ ifindex, bss->ifname,
-+ MAC2STR(bss->addr), MAC2STR(addr));
-+ os_memcpy(bss->addr, addr, ETH_ALEN);
-+ }
-+}
-+
-+
- static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
- struct ifinfomsg *ifi,
- u8 *buf, size_t len)
-@@ -997,6 +1021,8 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
- namebuf[0] = '\0';
- if (if_indextoname(ifi->ifi_index, namebuf) &&
- linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) {
-+ /* Re-read MAC address as it may have changed */
-+ nl80211_refresh_mac(drv, ifi->ifi_index);
- wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
- "event since interface %s is up", namebuf);
- drv->ignore_if_down_event = 0;
-@@ -1044,27 +1070,8 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
- "event since interface %s is marked "
- "removed", drv->first_bss->ifname);
- } else {
-- struct i802_bss *bss;
-- u8 addr[ETH_ALEN];
--
- /* Re-read MAC address as it may have changed */
-- bss = get_bss_ifindex(drv, ifi->ifi_index);
-- if (bss &&
-- linux_get_ifhwaddr(drv->global->ioctl_sock,
-- bss->ifname, addr) < 0) {
-- wpa_printf(MSG_DEBUG,
-- "nl80211: %s: failed to re-read MAC address",
-- bss->ifname);
-- } else if (bss &&
-- os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
-- wpa_printf(MSG_DEBUG,
-- "nl80211: Own MAC address on ifindex %d (%s) changed from "
-- MACSTR " to " MACSTR,
-- ifi->ifi_index, bss->ifname,
-- MAC2STR(bss->addr),
-- MAC2STR(addr));
-- os_memcpy(bss->addr, addr, ETH_ALEN);
-- }
-+ nl80211_refresh_mac(drv, ifi->ifi_index);
-
- wpa_printf(MSG_DEBUG, "nl80211: Interface up");
- drv->if_disabled = 0;
---
-2.9.3
-
diff --git a/source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch b/source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch
deleted file mode 100644
index d99be04c..00000000
--- a/source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From 0ad5893a2f1f521d44712cd395e067ccf0a397c3 Mon Sep 17 00:00:00 2001
-From: Michael Braun <michael-dev@fami-braun.de>
-Date: Fri, 18 Aug 2017 01:14:28 +0200
-Subject: PAE: Validate input before pointer
-
-ieee802_1x_kay_decode_mkpdu() calls ieee802_1x_mka_i_in_peerlist()
-before body_len has been checked on all segments.
-
-ieee802_1x_kay_decode_mkpdu() and ieee802_1x_mka_i_in_peerlist() might
-continue and thus underflow left_len even if it finds left_len to small
-(or before checking).
-
-Additionally, ieee802_1x_mka_dump_peer_body() might perform out of bound
-reads in this case.
-
-Fix this by checking left_len and aborting if too small early.
-
-Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
----
- src/pae/ieee802_1x_kay.c | 23 ++++++++++++-----------
- 1 file changed, 12 insertions(+), 11 deletions(-)
-
-diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
-index c4bfcbc..cad0292 100644
---- a/src/pae/ieee802_1x_kay.c
-+++ b/src/pae/ieee802_1x_kay.c
-@@ -964,21 +964,19 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
- body_len = get_mka_param_body_len(hdr);
- body_type = get_mka_param_body_type(hdr);
-
-- if (body_type != MKA_LIVE_PEER_LIST &&
-- body_type != MKA_POTENTIAL_PEER_LIST)
-- continue;
--
-- ieee802_1x_mka_dump_peer_body(
-- (struct ieee802_1x_mka_peer_body *)pos);
--
-- if (left_len < (MKA_HDR_LEN + body_len + DEFAULT_ICV_LEN)) {
-+ if (left_len < (MKA_HDR_LEN + MKA_ALIGN_LENGTH(body_len) + DEFAULT_ICV_LEN)) {
- wpa_printf(MSG_ERROR,
- "KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV",
- left_len, MKA_HDR_LEN,
-- body_len, DEFAULT_ICV_LEN);
-- continue;
-+ MKA_ALIGN_LENGTH(body_len),
-+ DEFAULT_ICV_LEN);
-+ return FALSE;
- }
-
-+ if (body_type != MKA_LIVE_PEER_LIST &&
-+ body_type != MKA_POTENTIAL_PEER_LIST)
-+ continue;
-+
- if ((body_len % 16) != 0) {
- wpa_printf(MSG_ERROR,
- "KaY: MKA Peer Packet Body Length (%zu bytes) should be a multiple of 16 octets",
-@@ -986,6 +984,9 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
- continue;
- }
-
-+ ieee802_1x_mka_dump_peer_body(
-+ (struct ieee802_1x_mka_peer_body *)pos);
-+
- for (i = 0; i < body_len;
- i += sizeof(struct ieee802_1x_mka_peer_id)) {
- const struct ieee802_1x_mka_peer_id *peer_mi;
-@@ -3018,7 +3019,7 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay,
- "KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV",
- left_len, MKA_HDR_LEN,
- body_len, DEFAULT_ICV_LEN);
-- continue;
-+ return -1;
- }
-
- if (handled[body_type])
---
-cgit v0.12
-
diff --git a/source/n/wpa_supplicant/patches/wpa_supplicant-2.7-fix-undefined-remove-ie.patch b/source/n/wpa_supplicant/patches/wpa_supplicant-2.7-fix-undefined-remove-ie.patch
new file mode 100644
index 00000000..97a8cc7f
--- /dev/null
+++ b/source/n/wpa_supplicant/patches/wpa_supplicant-2.7-fix-undefined-remove-ie.patch
@@ -0,0 +1,38 @@
+From f2973fa39d6109f0f34969e91551a98dc340d537 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Mon, 3 Dec 2018 12:00:26 +0200
+Subject: FT: Fix CONFIG_IEEE80211X=y build without CONFIG_FILS=y
+
+remove_ie() was defined within an ifdef CONFIG_FILS block while it is
+now needed even without CONFIG_FILS=y. Remove the CONFIG_FILS condition
+there.
+
+Fixes 8c41734e5de1 ("FT: Fix Reassociation Request IEs during FT protocol")
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ wpa_supplicant/sme.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
+index 39c8069..f77f751 100644
+--- a/wpa_supplicant/sme.c
++++ b/wpa_supplicant/sme.c
+@@ -1386,7 +1386,6 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data)
+ }
+
+
+-#ifdef CONFIG_FILS
+ #ifdef CONFIG_IEEE80211R
+ static void remove_ie(u8 *buf, size_t *len, u8 eid)
+ {
+@@ -1401,7 +1400,6 @@ static void remove_ie(u8 *buf, size_t *len, u8 eid)
+ }
+ }
+ #endif /* CONFIG_IEEE80211R */
+-#endif /* CONFIG_FILS */
+
+
+ void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode,
+--
+cgit v0.12
+
diff --git a/source/n/wpa_supplicant/patches/assoc-timeout.diff b/source/n/wpa_supplicant/patches/wpa_supplicant-assoc-timeout.patch
index 8be4d2cd..c3b3568c 100644
--- a/source/n/wpa_supplicant/patches/assoc-timeout.diff
+++ b/source/n/wpa_supplicant/patches/wpa_supplicant-assoc-timeout.patch
@@ -1,7 +1,7 @@
-diff -Nur wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c
---- wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c 2013-01-12 09:42:53.000000000 -0600
-+++ wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c 2013-05-11 14:09:34.586718122 -0500
-@@ -1666,10 +1666,10 @@
+diff -up wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c.assoc-timeout wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c
+--- wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c.assoc-timeout 2010-09-07 10:43:39.000000000 -0500
++++ wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c 2010-12-07 18:57:45.163457000 -0600
+@@ -1262,10 +1262,10 @@ void wpa_supplicant_associate(struct wpa
if (assoc_failed) {
/* give IBSS a bit more time */
diff --git a/source/n/wpa_supplicant/patches/wpa_supplicant-dbus-service-file-args.patch b/source/n/wpa_supplicant/patches/wpa_supplicant-dbus-service-file-args.patch
new file mode 100644
index 00000000..b7478dad
--- /dev/null
+++ b/source/n/wpa_supplicant/patches/wpa_supplicant-dbus-service-file-args.patch
@@ -0,0 +1,20 @@
+diff -up wpa_supplicant-0.7.3/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in.fedora wpa_supplicant-0.7.3/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in
+--- wpa_supplicant-0.7.3/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in.fedora 2008-03-02 20:58:35.000000000 -0500
++++ wpa_supplicant-0.7.3/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in 2008-03-02 20:58:41.000000000 -0500
+@@ -1,5 +1,5 @@
+ [D-BUS Service]
+ Name=fi.w1.wpa_supplicant1
+-Exec=@BINDIR@/wpa_supplicant -u
++Exec=@BINDIR@/wpa_supplicant -B -u -f /var/log/wpa_supplicant.log -c /etc/wpa_supplicant/wpa_supplicant.conf -P /var/run/wpa_supplicant.pid
+ User=root
+ SystemdService=wpa_supplicant.service
+diff -up wpa_supplicant-0.7.3/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in.fedora wpa_supplicant-0.7.3/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in
+--- wpa_supplicant-0.7.3/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in.fedora 2008-03-02 20:58:35.000000000 -0500
++++ wpa_supplicant-0.7.3/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in 2008-03-02 20:58:41.000000000 -0500
+@@ -1,5 +1,5 @@
+ [D-BUS Service]
+ Name=fi.epitest.hostap.WPASupplicant
+-Exec=@BINDIR@/wpa_supplicant -u
++Exec=@BINDIR@/wpa_supplicant -B -u -f /var/log/wpa_supplicant.log -c /etc/wpa_supplicant/wpa_supplicant.conf -P /var/run/wpa_supplicant.pid
+ User=root
+ SystemdService=wpa_supplicant.service
diff --git a/source/n/wpa_supplicant/patches/flush-debug-output.diff b/source/n/wpa_supplicant/patches/wpa_supplicant-flush-debug-output.patch
index 7d6af7b3..a6868518 100644
--- a/source/n/wpa_supplicant/patches/flush-debug-output.diff
+++ b/source/n/wpa_supplicant/patches/wpa_supplicant-flush-debug-output.patch
@@ -1,7 +1,6 @@
-diff -Nur wpa_supplicant-2.0.orig/src/utils/wpa_debug.c wpa_supplicant-2.0/src/utils/wpa_debug.c
---- wpa_supplicant-2.0.orig/src/utils/wpa_debug.c 2013-01-12 09:42:53.000000000 -0600
-+++ wpa_supplicant-2.0/src/utils/wpa_debug.c 2013-05-11 14:10:37.886101742 -0500
-@@ -75,6 +75,7 @@
+--- wpa_supplicant-0.6.3/src/utils/wpa_debug.c.flush-debug 2007-07-30 23:15:34.000000000 -0400
++++ wpa_supplicant-0.6.3/src/utils/wpa_debug.c 2007-07-30 23:17:06.000000000 -0400
+@@ -157,6 +157,7 @@ void wpa_debug_print_timestamp(void)
if (out_file) {
fprintf(out_file, "%ld.%06u: ", (long) tv.sec,
(unsigned int) tv.usec);
@@ -9,7 +8,7 @@ diff -Nur wpa_supplicant-2.0.orig/src/utils/wpa_debug.c wpa_supplicant-2.0/src/u
} else
#endif /* CONFIG_DEBUG_FILE */
printf("%ld.%06u: ", (long) tv.sec, (unsigned int) tv.usec);
-@@ -221,6 +222,7 @@
+@@ -185,6 +186,7 @@ void wpa_printf(int level, char *fmt, ..
if (out_file) {
vfprintf(out_file, fmt, ap);
fprintf(out_file, "\n");
@@ -17,7 +16,7 @@ diff -Nur wpa_supplicant-2.0.orig/src/utils/wpa_debug.c wpa_supplicant-2.0/src/u
} else {
#endif /* CONFIG_DEBUG_FILE */
vprintf(fmt, ap);
-@@ -357,6 +359,7 @@
+@@ -217,6 +219,7 @@ static void _wpa_hexdump(int level, cons
fprintf(out_file, " [REMOVED]");
}
fprintf(out_file, "\n");
@@ -25,7 +24,7 @@ diff -Nur wpa_supplicant-2.0.orig/src/utils/wpa_debug.c wpa_supplicant-2.0/src/u
} else {
#endif /* CONFIG_DEBUG_FILE */
printf("%s - hexdump(len=%lu):", title, (unsigned long) len);
-@@ -425,12 +428,14 @@
+@@ -262,12 +265,14 @@ static void _wpa_hexdump_ascii(int level
fprintf(out_file,
"%s - hexdump_ascii(len=%lu): [REMOVED]\n",
title, (unsigned long) len);
@@ -40,7 +39,7 @@ diff -Nur wpa_supplicant-2.0.orig/src/utils/wpa_debug.c wpa_supplicant-2.0/src/u
return;
}
fprintf(out_file, "%s - hexdump_ascii(len=%lu):\n",
-@@ -455,6 +460,7 @@
+@@ -292,6 +297,7 @@ static void _wpa_hexdump_ascii(int level
pos += llen;
len -= llen;
}
diff --git a/source/n/wpa_supplicant/patches/wpa_supplicant-gui-qt4.patch b/source/n/wpa_supplicant/patches/wpa_supplicant-gui-qt4.patch
new file mode 100644
index 00000000..c54cd9a2
--- /dev/null
+++ b/source/n/wpa_supplicant/patches/wpa_supplicant-gui-qt4.patch
@@ -0,0 +1,41 @@
+From 9404f356e394604d1d3d6dbffc52abd54260e4d4 Mon Sep 17 00:00:00 2001
+From: Lubomir Rintel <lkundrak@v3.sk>
+Date: Tue, 27 Oct 2015 08:56:35 +0100
+Subject: [PATCH] wpa_supplicant: allow overriding the names of the Qt4 tools
+
+This is useful for distributions that ship different versions of Qt in
+different locations.
+---
+ wpa_supplicant/Makefile | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
+index ad9ead9..b19676d 100644
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -11,6 +11,9 @@ export INCDIR ?= /usr/local/include/
+ export BINDIR ?= /usr/local/sbin/
+ PKG_CONFIG ?= pkg-config
+
++QMAKE ?= qmake
++LRELEASE ?= lrelease
++
+ CFLAGS += $(EXTRA_CFLAGS)
+ CFLAGS += -I$(abspath ../src)
+ CFLAGS += -I$(abspath ../src/utils)
+@@ -1787,10 +1790,10 @@ wpa_gui:
+ @echo "wpa_gui has been removed - see wpa_gui-qt4 for replacement"
+
+ wpa_gui-qt4/Makefile:
+- qmake -o wpa_gui-qt4/Makefile wpa_gui-qt4/wpa_gui.pro
++ $(QMAKE) -o wpa_gui-qt4/Makefile wpa_gui-qt4/wpa_gui.pro
+
+ wpa_gui-qt4/lang/wpa_gui_de.qm: wpa_gui-qt4/lang/wpa_gui_de.ts
+- lrelease wpa_gui-qt4/wpa_gui.pro
++ $(LRELEASE) wpa_gui-qt4/wpa_gui.pro
+
+ wpa_gui-qt4: wpa_gui-qt4/Makefile wpa_gui-qt4/lang/wpa_gui_de.qm
+ $(MAKE) -C wpa_gui-qt4
+--
+2.6.2
+
diff --git a/source/n/wpa_supplicant/patches/wpa_supplicant-quiet-scan-results-message.patch b/source/n/wpa_supplicant/patches/wpa_supplicant-quiet-scan-results-message.patch
new file mode 100644
index 00000000..c646a304
--- /dev/null
+++ b/source/n/wpa_supplicant/patches/wpa_supplicant-quiet-scan-results-message.patch
@@ -0,0 +1,30 @@
+From 763a4ef660e2bd81f6cdc71a2f29a0a3e71b2ebc Mon Sep 17 00:00:00 2001
+From: Dan Williams <dcbw@redhat.com>
+Date: Tue, 22 Nov 2016 15:48:17 +0100
+Subject: [PATCH 1/2] quiet an annoying and frequent syslog message
+
+---
+ wpa_supplicant/events.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
+index abe3b47..72a0412 100644
+--- a/wpa_supplicant/events.c
++++ b/wpa_supplicant/events.c
+@@ -1555,11 +1555,11 @@ static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s,
+ if (wpa_s->last_scan_req == MANUAL_SCAN_REQ &&
+ wpa_s->manual_scan_use_id && wpa_s->own_scan_running &&
+ own_request && !(data && data->scan_info.external_scan)) {
+- wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS "id=%u",
++ wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS "id=%u",
+ wpa_s->manual_scan_id);
+ wpa_s->manual_scan_use_id = 0;
+ } else {
+- wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
++ wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS);
+ }
+ wpas_notify_scan_results(wpa_s);
+
+--
+2.9.3
+