wpa-supplicant: Replace /etc/wpa_supplicant.conf with the Debian way to handle WPA:

- All configuration is done via /etc/network/interfaces (similiar to WEP)
- /etc/init.d/wpa is no longer needed
- wpa_supplicant is launched on ifup with the settings from /e/n/interfaces

diff --git a/packages/wpa-supplicant/files/functions.sh b/packages/wpa-supplicant/files/functions.sh
new file mode 100755 (executable)
index 0000000..5132fbb
--- /dev/null
+++ b/packages/wpa-supplicant/files/functions.sh
@@ -0,0 +1,841 @@
+#!/bin/sh
+
+# Copyright (C) 2006 Debian/Ubuntu wpasupplicant Maintainers 
+# <pkg-wpa-devel@lists.alioth.debian.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# On Debian GNU/Linux systems, the text of the GPL license can be
+# found in /usr/share/common-licenses/GPL.
+
+#####################################################################
+## global variables
+# wpa_supplicant variables
+WPA_SUP_BIN="/usr/sbin/wpa_supplicant"
+WPA_SUP_PNAME="wpa_supplicant"
+WPA_SUP_PIDFILE="/var/run/wpa_supplicant.$WPA_IFACE.pid"
+
+# wpa_cli variables
+WPA_CLI_BIN="/usr/sbin/wpa_cli"
+WPA_CLI_PNAME="wpa_cli"
+WPA_CLI_PIDFILE="/var/run/wpa_action.$WPA_IFACE.pid"
+WPA_CLI_LOGFILE="/var/log/wpa_action.log"
+WPA_CLI_TIMESTAMP="/var/run/wpa_action.$WPA_IFACE.timestamp"
+
+# default ctrl_interface socket directory
+if [ -z "$WPA_CTRL_DIR" ]; then
+       WPA_CTRL_DIR="/var/run/wpa_supplicant"
+fi
+
+# verbosity variables
+if [ -n "$IF_WPA_VERBOSITY" ] || [ "$VERBOSITY" = "1" ]; then
+       TO_NULL="/dev/stdout"
+       DAEMON_VERBOSITY="--verbose"
+else
+       TO_NULL="/dev/null"
+       DAEMON_VERBOSITY="--quiet"
+fi
+
+#####################################################################
+## wpa_cli wrapper
+# Path to common ctrl_interface socket and iface supplied.
+# NB: WPA_CTRL_DIR cannot be used for interactive commands.
+#
+wpa_cli () {
+       $WPA_CLI_BIN -p $WPA_CTRL_DIR -i $WPA_IFACE "$@"
+}
+
+#####################################################################
+## verbose and stderr message wrapper
+# Ensures a standard and easily identifiable message is printed by
+# scripts using this function library.
+#
+# verbose      To stdout when IF_WPA_VERBOSITY or VERBOSITY is true
+#
+# action       Same as verbose but without newline
+#              Useful for allowing wpa_cli commands to echo result
+#              value of 'OK' or 'FAILED'
+#
+# stderr       Echo warning or error messages to stderr
+#
+# NB: when called by wpa_action, there is no redirection (verbose)
+#
+wpa_msg () {
+       
+       if [ -n "$WPA_ACTION" ]; then
+               shift
+               echo "wpa_action: $@"
+               return
+       fi
+       
+       case "$1" in 
+               "verbose")
+                       shift
+                       echo "$WPA_SUP_PNAME: $@" >$TO_NULL
+                       ;;
+               "action")
+                       shift
+                       echo -n "$WPA_SUP_PNAME: $@ -- " >$TO_NULL
+                       ;;
+               "stderr")
+                       shift
+                       echo "$WPA_SUP_PNAME: $@" >/dev/stderr
+                       ;;
+               *)
+                       ;;
+       esac
+}
+
+#####################################################################
+## validate daemon pid files
+# Test daemon process ID files via start-stop-daemon with a signal 0
+# given the exec binary and pidfile location.
+#
+# $1   daemon
+# $2   pidfile
+#
+# Returns true when pidfile exists, the process ID exists _and_ was
+# created by the exec binary.
+#
+# If the test fails, but the pidfile exists, it is stale
+#
+test_daemon_pidfile () {
+       local DAEMON PIDFILE
+       
+       if [ -n "$1" ]; then
+               DAEMON="$1"
+       fi
+       
+       if [ -f "$2" ]; then
+               PIDFILE="$2"
+       fi
+       
+       if [ -n "$DAEMON" ] && [ -f "$PIDFILE" ]; then
+               if start-stop-daemon --stop --quiet --signal 0 \
+                       --exec "$DAEMON" --pidfile "$PIDFILE"; then
+                       return 0
+               else
+                       rm -f "$PIDFILE"
+                       return 1
+               fi
+       else
+               return 1
+       fi
+}
+
+# validate wpa_supplicant pidfile
+test_wpa_supplicant () {
+       test_daemon_pidfile "$WPA_SUP_BIN" "$WPA_SUP_PIDFILE"
+}
+
+# validate wpa_cli pidfile
+test_wpa_cli () {
+       test_daemon_pidfile "$WPA_CLI_BIN" "$WPA_CLI_PIDFILE"
+}
+
+#####################################################################
+## daemonize wpa_supplicant
+# Start wpa_supplicant via start-stop-dameon with all required
+# options. Will start if environment variable WPA_SUP_CONF is present
+#
+# Required options:
+# -B   dameonize/background process
+# -D   driver backend ('wext' if none given)
+# -P   process ID file
+# -C   path to ctrl_interface socket directory
+#
+# Optional options:
+# -c   configuration file
+# -W   wait for wpa_cli to attach to ctrl_interface socket
+# -b   bridge interface name
+#
+init_wpa_supplicant () {
+       if [ -n "$WPA_SUP_CONF" ]; then
+               # wpa-action was removed, point to wpa-roam
+               if [ -n "$IF_WPA_ACTION" ]; then
+                       wpa_msg stderr "wpa-action support has been removed"
+                       wpa_msg stderr "refer to /usr/share/doc/wpasupplicant/README.modes.gz"
+                       return 1
+               fi
+
+               local WPA_SUP_DRIVER WPA_SUP_OPTIONS
+
+               if [ -n "$WPA_ACTION_SCRIPT" ]; then
+                       if [ -x "$WPA_ACTION_SCRIPT" ]; then
+                               WPA_SUP_OPTIONS="-W -B -P $WPA_SUP_PIDFILE -i $WPA_IFACE"
+                               wpa_msg verbose "wait for wpa_cli to attach"
+                       else
+                               wpa_msg stderr "action script \"$WPA_ACTION_SCRIPT\" not executable"
+                               return 1
+                       fi
+               else
+                       WPA_SUP_OPTIONS="-B -P $WPA_SUP_PIDFILE -i $WPA_IFACE"
+               fi
+
+               if [ -n "$IF_WPA_BRIDGE" ]; then
+                       WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -b $IF_WPA_BRIDGE"
+                       wpa_msg verbose "wpa-bridge $IF_WPA_BRIDGE"
+               fi
+
+               if [ -n "$IF_WPA_DRIVER" ]; then
+                       WPA_SUP_DRIVER="$IF_WPA_DRIVER"
+                       wpa_msg verbose "wpa-driver $WPA_SUP_DRIVER"
+               else
+                       WPA_SUP_DRIVER="wext"
+                       wpa_msg verbose "using default driver type: wpa-driver $WPA_SUP_DRIVER"
+               fi
+
+               wpa_msg verbose "$WPA_SUP_BIN $WPA_SUP_OPTIONS -D $WPA_SUP_DRIVER $WPA_SUP_CONF"
+                       
+               start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \
+                       --name $WPA_SUP_PNAME --startas $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE \
+                       -- $WPA_SUP_OPTIONS -D $WPA_SUP_DRIVER $WPA_SUP_CONF
+
+               if [ "$?" != "0" ]; then
+                       wpa_msg stderr "$WPA_SUP_BIN daemon failed to start"
+                       return 1
+               fi
+               
+               local WPA_SOCKET_WAIT MAX_WPA_SOCKET_WAIT
+               WPA_SOCKET_WAIT="0"
+               MAX_WPA_SOCKET_WAIT="5"
+               until [ -S "$WPA_CTRL_DIR/$WPA_IFACE" ]; do
+                       if [ "$WPA_SOCKET_WAIT" -ge "$MAX_WPA_SOCKET_WAIT" ]; then
+                               wpa_msg stderr "ctrl_interface socket not found at $WPA_CTRL_DIR/$WPA_IFACE"
+                               return 1
+                       else
+                               wpa_msg verbose "waiting for \"$WPA_CTRL_DIR/$WPA_IFACE\": $WPA_SOCKET_WAIT (max. $MAX_WPA_SOCKET_WAIT)"
+                       fi
+                       
+                       WPA_SOCKET_WAIT=$(($WPA_SOCKET_WAIT + 1))
+                       sleep 1
+               done
+               
+               wpa_msg verbose "ctrl_interface socket located at $WPA_CTRL_DIR/$WPA_IFACE"
+       else
+               wpa_msg stderr "init_wpa_supplicant() called without WPA_SUP_CONF"
+               return 1
+       fi
+}
+
+#####################################################################
+## stop wpa_supplicant process
+# Kill wpa_supplicant via start-stop-daemon, given the location of
+# the pidfile or ctrl_interface socket path and interface name
+#
+kill_wpa_supplicant () {
+       if test_wpa_supplicant; then
+               
+               wpa_msg verbose "terminating $WPA_SUP_PNAME daemon via pidfile $WPA_SUP_PIDFILE"
+
+               start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \
+                       --exec $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE
+       
+               if [ -f "$WPA_SUP_PIDFILE" ]; then
+                       rm -f "$WPA_SUP_PIDFILE"
+               fi
+       elif [ -S "$WPA_CTRL_DIR/$WPA_IFACE" ]; then
+
+               wpa_msg action "terminating via ctrl_interface socket $WPA_CTRL_DIR/$WPA_IFACE"
+
+               wpa_cli terminate >$TO_NULL
+               
+               if [ -S "$WPA_CTRL_DIR/$WPA_IFACE" ]; then
+                       rm -f "$WPA_CTRL_DIR/$WPA_IFACE"
+               fi
+       fi
+}
+
+#####################################################################
+## reload wpa_supplicant process
+# Sending a HUP signal causes wpa_supplicant to reparse its
+# configuration file
+#
+reload_wpa_supplicant () {
+       if test_wpa_supplicant; then
+               wpa_msg verbose "reloading wpa_supplicant configuration file via HUP signal"
+               start-stop-daemon --stop --signal HUP \
+                       --name "$WPA_SUP_PNAME" --pidfile "$WPA_SUP_PIDFILE"
+       else
+               wpa_msg verbose "cannot $WPA_ACTION, $WPA_SUP_PIDFILE does not exist"
+       fi
+}
+
+#####################################################################
+## daemonize wpa_cli and action script
+# If environment variable WPA_ACTION_SCRIPT is present, wpa_cli will
+# be spawned via start-stop-daemon
+#
+# Required options:
+# -a   action script => wpa_action
+# -P   process ID file
+# -B   background process
+#
+init_wpa_cli () {
+       if [ -n "$WPA_ACTION_SCRIPT" ]; then
+               local WPA_CLI_OPTIONS
+               WPA_CLI_OPTIONS="-B -P $WPA_CLI_PIDFILE -i $WPA_IFACE"
+
+               wpa_msg verbose "$WPA_CLI_BIN $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT"
+                       
+               start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \
+                       --name $WPA_CLI_PNAME --startas $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE \
+                       -- $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT
+
+               if [ "$?" != "0" ]; then
+                       wpa_msg stderr "$WPA_CLI_BIN daemon failed to start"
+                       return 1
+               fi
+       fi
+}
+
+#####################################################################
+## stop wpa_cli process
+# Kill wpa_cli via start-stop-daemon, given the location of the
+# pidfile
+#
+kill_wpa_cli () {
+       if test_wpa_cli; then
+               
+               wpa_msg verbose "terminating $WPA_CLI_PNAME daemon via pidfile $WPA_CLI_PIDFILE"
+               
+               start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \
+                       --exec $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE
+               
+               if [ -f "$WPA_CLI_PIDFILE" ]; then
+                       rm -f "$WPA_CLI_PIDFILE"
+               fi
+       fi
+}
+
+#####################################################################
+## higher level wpa_cli wrapper for variable and set_network commands
+# wpa_cli_do <value> <type> <variable> [set_network variable] <desc>
+#
+# $1   envorinment variable
+# $2   data type of variable {raw|ascii}
+# $3   wpa_cli variable, if $3 is set_network, shift and take 
+#      set_network subvariable
+# $4   wpa-* string as it would appear in interfaces file, enhances
+#      verbose messages
+#
+wpa_cli_do () {
+       if [ -z "$1" ]; then
+               return 0
+       fi
+       
+       local WPACLISET_VALUE WPACLISET_VARIABLE WPACLISET_DESC
+       
+       case "$2" in
+               ascii)
+                       # Double quote
+                       WPACLISET_VALUE="\"$1\""
+                       ;;
+               raw|*)
+                       # Provide raw value
+                       WPACLISET_VALUE="$1"
+                       ;;
+       esac
+       
+       case "$3" in
+               set_network)
+                       if [ -z "$WPA_ID" ]; then
+                               return 1
+                       fi
+                       shift
+                       WPACLISET_VARIABLE="set_network $WPA_ID $3"
+                       ;;
+               *)
+                       WPACLISET_VARIABLE="$3"
+                       ;;
+       esac
+       
+       case "$4" in
+               *-psk|*-passphrase|*-passwd*|*-wep-key*)
+                       WPACLISET_DESC="$4 *****"
+                       ;;
+               *)
+                       WPACLISET_DESC="$4 $WPACLISET_VALUE"
+                       ;;
+       esac
+
+       wpa_msg action "$WPACLISET_DESC"
+       
+       wpa_cli $WPACLISET_VARIABLE "$WPACLISET_VALUE" >$TO_NULL
+}
+
+#####################################################################
+## check value data type in plaintext or hex
+# returns 0 if input consists of hexadecimal digits only, 1 otherwise
+#
+ishex () {
+       if [ -z "$1" ]; then 
+               return 0
+       fi
+       
+       case "$1" in
+               *[!0-9a-fA-F]*)
+                       # plaintext
+                       return 1
+                       ;;
+               *)
+                       # hexadecimal
+                       return 0
+                       ;;
+       esac
+}
+
+#####################################################################
+## sanity check and set psk|passphrase
+# Warn about strange psk|passphrase values
+#
+# $1   psk or passphrase value
+# 
+# If psk is surrounded by quotes strip them.
+#
+# If psk contains all hexadecimal characters and string length is 64:
+#      is 256bit hexadecimal
+# else:
+#      is plaintext
+#
+# plaintext passphrases must be 8 - 63 characters in length
+# 256-bit hexadecimal key must be 64 characters in length
+#
+wpa_key_check_and_set () {
+       if [ -z "$1" ]; then
+               return 0
+       fi
+
+       local KEY KEY_TYPE
+       
+       case "$1" in
+               '"'*'"')
+                       # Strip surrounding quotation marks
+                       KEY=$(echo -n "$1" | sed 's/^"//;s/"$//')
+                       ;;
+               *)
+                       KEY="$1"
+                       ;;
+       esac
+
+       if ishex "$KEY" && [ "${#KEY}" -eq "64" ]; then
+               KEY_TYPE="raw"
+       else
+               KEY_TYPE="ascii"
+               if [ "${#KEY}" -lt "8" ] || [ "${#KEY}" -gt "63" ]; then
+                       wpa_msg stderr \
+                               "plaintext or ascii wpa-psk has ${#KEY} characters, it must have between 8 and 63"
+                       wpa_msg stderr \
+                               "if wpa-psk truly is a 256-bit hexadecimal key, it must have 64 characters"
+               fi
+       fi
+       
+       wpa_cli_do "$KEY" "$KEY_TYPE" \
+               set_network psk wpa-psk
+}
+
+#####################################################################
+## formulate a usable configuration from interfaces(5) wpa- lines
+# A series of wpa_cli commands corresponding to environment variables
+# created as a result of wpa- lines in an interfaces stanza.
+#
+# NB: no-act when roaming daemon is used (to avoid prematurely
+# attaching to ctrl_interface socket)
+#
+conf_wpa_supplicant () {
+       if [ -n "$WPA_ACTION_SCRIPT" ]; then
+               return 0
+       fi
+
+       if [ "$IF_WPA_DRIVER" = "wired" ]; then
+               IF_WPA_AP_SCAN="0"
+               wpa_msg verbose "forcing ap_scan=0 (required for wired IEEE8021X auth)"
+       fi
+
+       if [ -n "$IF_WPA_ESSID" ]; then
+               # #403316, be similar to wireless tools
+               IF_WPA_SSID="$IF_WPA_ESSID"
+       fi
+       
+       wpa_cli_do "$IF_WPA_AP_SCAN" raw \
+               ap_scan wpa-ap-scan
+       
+       wpa_cli_do "$IF_WPA_PREAUTHENTICATE" raw \
+               preauthenticate wpa-preauthenticate
+               
+       if [ -n "$IF_WPA_SSID" ] || [ "$IF_WPA_DRIVER" = "wired" ]; then
+               
+               case "$IF_WPA_SSID" in
+                       '"'*'"')
+                               IF_WPA_SSID=$(echo -n "$IF_WPA_SSID" | sed 's/^"//;s/"$//')
+                               ;;
+                       *)
+                               ;;
+               esac
+               
+               WPA_ID=$(wpa_cli add_network)
+
+               wpa_msg verbose "configuring network block -- $WPA_ID"
+               
+               wpa_cli_do "$IF_WPA_SSID" ascii \
+                       set_network ssid wpa-ssid
+               
+               wpa_cli_do "$IF_WPA_PRIORITY" raw \
+                       set_network priority wpa-priority
+               
+               wpa_cli_do "$IF_WPA_BSSID" raw \
+                       set_network bssid wpa-bssid
+               
+               if [ -s "$IF_WPA_PSK_FILE" ]; then
+                       IF_WPA_PSK=$(cat "$IF_WPA_PSK_FILE")
+               fi
+               
+               # remain compat with wpa-passphrase-file
+               if [ -s "$IF_WPA_PASSPHRASE_FILE" ]; then
+                       IF_WPA_PSK=$(cat "$IF_WPA_PASSPHRASE_FILE")
+               fi
+               
+               # remain compat with wpa-passphrase
+               if [ -n "$IF_WPA_PASSPHRASE" ]; then
+                       IF_WPA_PSK="$IF_WPA_PASSPHRASE"
+               fi
+       
+               if [ -n "$IF_WPA_PSK" ]; then
+                       wpa_key_check_and_set "$IF_WPA_PSK"
+               fi
+               
+               wpa_cli_do "$IF_WPA_PAIRWISE" raw \
+                       set_network pairwise wpa-pairwise
+               
+               wpa_cli_do "$IF_WPA_GROUP" raw \
+                       set_network group wpa-group
+
+               wpa_cli_do "$IF_WPA_MODE" raw \
+                       set_network mode wpa-mode
+
+               wpa_cli_do "$IF_WPA_FREQUENCY" raw \
+                       set_network frequency wpa-frequency
+               
+               wpa_cli_do "$IF_WPA_KEY_MGMT" raw \
+                       set_network key_mgmt wpa-key-mgmt
+               
+               wpa_cli_do "$IF_WPA_PROTO" raw \
+                       set_network proto wpa-proto
+               
+               wpa_cli_do "$IF_WPA_AUTH_ALG" raw \
+                       set_network auth_alg wpa-auth-alg
+               
+               wpa_cli_do "$IF_WPA_SCAN_SSID" raw \
+                       set_network scan_ssid wpa-scan-ssid
+               
+               wpa_cli_do "$IF_WPA_IDENTITY" ascii \
+                       set_network identity wpa-identity
+               
+               wpa_cli_do "$IF_WPA_ANONYMOUS_IDENTITY" ascii \
+                       set_network anonymous_identity wpa-anonymous-identity
+               
+               wpa_cli_do "$IF_WPA_EAP" raw \
+                       set_network eap wpa-eap
+               
+               wpa_cli_do "$IF_WPA_EAPPSK" raw \
+                       set_network eappsk wpa-eappsk
+
+               wpa_cli_do "$IF_WPA_NAI" ascii \
+                       set_network nai wpa-nai
+
+               wpa_cli_do "$IF_WPA_PASSWORD" ascii \
+                       set_network password wpa-password
+
+               wpa_cli_do "$IF_WPA_CA_CERT" ascii \
+                       set_network ca_cert wpa-ca-cert
+
+               wpa_cli_do "$IF_WPA_CA_PATH" ascii \
+                       set_network ca_path wpa-ca-path
+
+               wpa_cli_do "$IF_WPA_CLIENT_CERT" ascii \
+                       set_network client_cert wpa-client-cert
+
+               wpa_cli_do "$IF_WPA_PRIVATE_KEY" ascii \
+                       set_network private_key wpa-private-key
+
+               wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD" ascii \
+                       set_network private_key_passwd wpa-private-key-passwd
+               
+               wpa_cli_do "$IF_WPA_DH_FILE" ascii \
+                       set_network dh_file wpa-dh-file
+
+               wpa_cli_do "$IF_WPA_SUBJECT_MATCH" ascii \
+                       set_network subject_match wpa-subject-match
+
+               wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH" ascii \
+                       set_network altsubject_match wpa-altsubject-match
+
+               wpa_cli_do "$IF_WPA_CA_CERT2" ascii \
+                       set_network ca_cert2 wpa-ca-cert2
+
+               wpa_cli_do "$IF_WPA_CA_PATH2" ascii \
+                       set_network ca_path2 wpa-ca-path2
+
+               wpa_cli_do "$IF_WPA_CLIENT_CERT2" ascii \
+                       set_network client_cert2 wpa-client-cert2
+
+               wpa_cli_do "$IF_WPA_PRIVATE_KEY2" ascii \
+                       set_network private_key2 wpa-private-key2
+
+               wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD2" ascii \
+                       set_network private_key_passwd2 wpa-private-key-passwd2
+               
+               wpa_cli_do "$IF_WPA_DH_FILE2" ascii \
+                       set_network dh_file2 wpa-dh-file2
+
+               wpa_cli_do "$IF_WPA_SUBJECT_MATCH2" ascii \
+                       set_network subject_match2 wpa-subject-match2
+
+               wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH2" ascii \
+                       set_network altsubject_match2 wpa-altsubject-match2
+               
+               wpa_cli_do "$IF_WPA_EAP_METHODS" raw \
+                       set_network eap_methods wpa-eap-methods
+
+               wpa_cli_do "$IF_WPA_PHASE1" ascii \
+                       set_network phase1 wpa-phase1
+
+               wpa_cli_do "$IF_WPA_PHASE2" ascii \
+                       set_network phase2 wpa-phase2
+
+               wpa_cli_do "$IF_WPA_PCSC" raw \
+                       set_network pcsc wpa-pcsc
+
+               wpa_cli_do "$IF_WPA_PIN" ascii \
+                       set_network pin wpa-pin
+
+               wpa_cli_do "$IF_WPA_ENGINE" raw \
+                       set_network engine wpa-engine
+
+               wpa_cli_do "$IF_WPA_ENGINE_ID" ascii \
+                       set_network engine_id wpa-engine-id
+
+               wpa_cli_do "$IF_WPA_KEY_ID" ascii \
+                       set_network key_id wpa-key-id
+
+               wpa_cli_do "$IF_WPA_EAPOL_FLAGS" raw \
+                       set_network eapol_flags wpa-eapol-flags
+               
+               wpa_cli_do "$IF_WPA_WEP_KEY0" raw \
+                       set_network wep_key0 wpa-wep-key0
+               
+               wpa_cli_do "$IF_WPA_WEP_KEY1" raw \
+                       set_network wep_key1 wpa-wep-key1
+               
+               wpa_cli_do "$IF_WPA_WEP_KEY2" raw \
+                       set_network wep_key2 wpa-wep-key2
+               
+               wpa_cli_do "$IF_WPA_WEP_KEY3" raw \
+                       set_network wep_key3 wpa-wep-key3
+               
+               wpa_cli_do "$IF_WPA_WEP_TX_KEYIDX" raw \
+                       set_network wep_tx_keyidx wpa-wep-tx-keyidx
+               
+               wpa_cli_do "$IF_WPA_PROACTIVE_KEY_CACHING" raw \
+                       set_network proactive_key_caching wpa-proactive-key-caching
+                       
+               wpa_cli_do "$IF_WPA_PAC_FILE" ascii \
+                       set_network pac_file wpa-pac-file
+               
+               wpa_cli_do "$IF_WPA_MODE" raw \
+                       set_network mode wpa-mode
+               
+               wpa_cli_do "$IF_WPA_PEERKEY" raw \
+                       set_network peerkey wpa-peerkey
+                       
+               wpa_cli_do "$IF_FRAGMENT_SIZE" raw \
+                       set_network fragment_size wpa-fragment-size
+
+               wpa_cli_do "$IF_WPA_ID_STR" ascii \
+                       set_network id_str wpa-id-str
+               
+               wpa_cli_do "$WPA_ID" raw \
+                       enable_network "enabling network block"
+       fi
+}
+
+#####################################################################
+## wpa_action basic logging
+# Log actions to file, test to see if it is writeable first
+#
+wpa_log_init () {
+       if touch "$WPA_CLI_LOGFILE" 2>/dev/null; then
+               exec >> "$WPA_CLI_LOGFILE" 2>&1
+       fi
+}
+
+# log timestamp and wpa_action arguments
+wpa_log_action () {
+       echo "########## $(date +"%H:%M:%S  %Y-%m-%d") ##########"
+       echo "IFACE=$WPA_IFACE ACTION=$WPA_ACTION"
+}
+
+# log wpa_cli environment variables
+wpa_log_environment () {
+       echo "WPA_ID=$WPA_ID WPA_ID_STR=$WPA_ID_STR"
+       echo "WPA_CTRL_DIR=$WPA_CTRL_DIR"
+}
+
+#####################################################################
+## hysteresis checking
+# Networking tools such as dhcp clients used with ifupdown can
+# synthesize artificial ACTION events, particuarly just after a 
+# DISCONNECTED/CONNECTED events are experienced in quick succession.
+# This can lead to infinite event loops, and in extreme cases has the
+# potential to cause system instability.
+#
+wpa_hysteresis_event () {
+       echo "$(date +%s)" > "$WPA_CLI_TIMESTAMP"
+}
+
+wpa_hysteresis_check () {
+       if [ -f "$WPA_CLI_TIMESTAMP" ]; then
+               local TIME TIMESTAMP TIMEWAIT
+               TIME=$(date +%s)
+               # current time minus 4 second event buffer
+               TIMEWAIT=$(($TIME-4))
+               # get time of last event
+               TIMESTAMP=$(cat $WPA_CLI_TIMESTAMP)
+               # compare values, allowing new action to be processed 
+               # only if last action was more than 4 seconds ago
+               if [ "$TIMEWAIT" -le "$TIMESTAMP" ]; then
+                       echo "Ignoring $WPA_ACTION event, too soon after previous event"
+                       return 1
+               fi
+       fi
+
+       return 0
+}
+
+#####################################################################
+## identify ifupdown files
+# Identify ifupdown core files, so that state of the interface can be
+# checked. This is the weakest part of the wpa_action roaming scheme,
+# it would be _much_ better if stateless ifupdown capabilities were
+# a reality.
+#
+ifupdown_check () {
+       if [ -e /etc/network/interfaces ]; then
+               INTERFACES_FILE="/etc/network/interfaces"
+       else
+               echo "Cannot locate ifupdown's \"interfaces\" file, $WPA_IFACE will not be configured"
+               return 1
+       fi
+
+       if [ -e /etc/network/run/ifstate ]; then
+               # debian's ifupdown
+               IFSTATE_FILE="/etc/network/run/ifstate"
+       elif [ -e /var/run/network/ifstate ]; then
+               # ubuntu's
+               IFSTATE_FILE="/var/run/network/ifstate"
+       else
+               echo "Cannot locate ifupdown's \"ifstate\" file, $WPA_IFACE will not be configured"
+               return 1
+       fi
+
+       return 0
+}
+
+#####################################################################
+## apply mapping logic and ifup logical interface
+# Apply mapping logic via id_str or external mapping script, check
+# state of IFACE with respect to ifupdown and ifup logical interaface
+#
+ifup () {
+       local WPA_LOGICAL_IFACE
+       
+       if [ -z "$IF_WPA_MAPPING_SCRIPT_PRIORITY" ] && [ -n "$WPA_ID_STR" ]; then
+               WPA_LOGICAL_IFACE="$WPA_ID_STR"
+               echo "Mapping logical interface via id_str: $WPA_LOGICAL_IFACE"
+       fi
+       
+       if [ -z "$WPA_LOGICAL_IFACE" ] && [ -n "$IF_WPA_MAPPING_SCRIPT" ]; then
+               echo "Mapping logical interface via wpa-mapping-script: $IF_WPA_MAPPING_SCRIPT"
+               
+               local WPA_MAP_STDIN
+               
+               WPA_MAP_STDIN=$(set | sed --quiet 's/^\(IF_WPA_MAP[0-9]*\)=.*/echo \$\1/p')
+               
+               if [ -n "$WPA_MAP_STDIN" ]; then
+                       WPA_LOGICAL_IFACE=$(eval "$WPA_MAP_STDIN" | "$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE")
+               else            
+                       WPA_LOGICAL_IFACE=$("$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE")
+               fi
+               
+               if [ -n "$WPA_LOGICAL_IFACE" ]; then
+                       echo "Mapping script result: $WPA_LOGICAL_IFACE"
+               else
+                       echo "Mapping script failed."
+               fi
+       fi
+
+       if [ -z "$WPA_LOGICAL_IFACE" ]; then
+               if [ -n "$IF_WPA_ROAM_DEFAULT_IFACE" ]; then
+                       WPA_LOGICAL_IFACE="$IF_WPA_ROAM_DEFAULT_IFACE"
+                       echo "Using wpa-roam-default-iface: $WPA_LOGICAL_IFACE"
+               else
+                       WPA_LOGICAL_IFACE="default"
+                       echo "Using fallback logical interface: $WPA_LOGICAL_IFACE"
+               fi
+       fi
+
+       if [ -n "$WPA_LOGICAL_IFACE" ]; then
+               if egrep -q "^iface[[:space:]]+$WPA_LOGICAL_IFACE[[:space:]]+inet" "$INTERFACES_FILE"; then
+                       
+                       echo "ifup $WPA_IFACE=$WPA_LOGICAL_IFACE"
+                       
+                       if grep --quiet "^$WPA_IFACE=$WPA_IFACE" "$IFSTATE_FILE"; then
+                               # Force settings over the unconfigured "master" IFACE
+                               /sbin/ifup --force "$WPA_IFACE=$WPA_LOGICAL_IFACE"
+                       else
+                               /sbin/ifup "$WPA_IFACE=$WPA_LOGICAL_IFACE"
+                       fi
+               else
+                       echo "No network defined for \"$WPA_LOGICAL_IFACE\" in \"$INTERFACES_FILE\""
+               fi
+       else
+               echo "No suitable logical interface mapping for ifupdown to configure"
+       fi
+}
+
+#####################################################################
+## ifdown IFACE
+# Check IFACE state and ifdown as requested.
+#
+ifdown () {
+       if grep --quiet "^$WPA_IFACE" "$IFSTATE_FILE"; then
+               echo "ifdown $WPA_IFACE"
+               /sbin/ifdown "$WPA_IFACE"
+       else
+               echo "Ignoring request to take \"$WPA_IFACE\" down, it is not up"
+       fi
+}
+
+#####################################################################
+## keep IFACE scanning
+# After ifdown, the IFACE may be left "down", and inhibits 
+# wpa_supplicant's ability to continue roaming.
+#
+# NB: use iproute if present, flushing the IFACE first
+#
+if_post_down_up () {
+       if [ -x /sbin/ip ]; then
+               /sbin/ip addr flush dev "$WPA_IFACE" 2>/dev/null
+               /sbin/ip link set "$WPA_IFACE" up
+       else
+               /sbin/ifconfig "$WPA_IFACE" up
+       fi
+}

diff --git a/packages/wpa-supplicant/files/ifupdown.sh b/packages/wpa-supplicant/files/ifupdown.sh
new file mode 100755 (executable)
index 0000000..71486f7
--- /dev/null
+++ b/packages/wpa-supplicant/files/ifupdown.sh
@@ -0,0 +1,132 @@
+#!/bin/sh
+
+# Copyright (C) 2006 Debian/Ubuntu wpasupplicant Maintainers 
+# <pkg-wpa-devel@lists.alioth.debian.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# On Debian GNU/Linux systems, the text of the GPL license can be
+# found in /usr/share/common-licenses/GPL.
+
+if [ -n "$IF_WPA_MAINT_DEBUG" ]; then
+       set -x
+fi
+
+# quit if we're called for the loopback
+if [ "$IFACE" = lo ]; then
+       exit 0
+fi
+
+# allow wpa_supplicant interface to be specified via wpa-iface
+# useful for starting wpa_supplicant on one interface of a bridge
+if [ -n "$IF_WPA_IFACE" ]; then
+       WPA_IFACE="$IF_WPA_IFACE"
+else
+       WPA_IFACE="$IFACE"
+fi
+
+# source functions
+if [ -f /etc/wpa_supplicant/functions.sh ]; then
+       . /etc/wpa_supplicant/functions.sh
+else
+       exit 0
+fi
+
+# quit if executables are not installed
+if [ ! -x "$WPA_SUP_BIN" ] || [ ! -x "$WPA_CLI_BIN" ]; then
+       exit 0
+fi
+
+# quit if wpa_action is active
+if test_wpa_cli; then
+       exit 0
+fi
+
+#echo "Initial WPA Checks Pass"
+
+# preliminary sanity checks for roaming daemon
+if [ -n "$IF_WPA_ROAM" ]; then
+       if [ "$METHOD" != "manual" ]; then
+               wpa_msg stderr "wpa-roam can only be used with the \"manual\" inet METHOD"
+               exit 1
+       fi
+       if [ -n "$IF_WPA_MAPPING_SCRIPT" ]; then
+               if ! type "$IF_WPA_MAPPING_SCRIPT" >/dev/null; then
+                       wpa_msg stderr "wpa-mapping-script \"$IF_WPA_MAPPING_SCRIPT\" is not valid"
+                       exit 1
+               fi
+       fi
+       if [ -n "$IF_WPA_MAPPING_SCRIPT_PRIORITY" ] && [ -z "$IF_WPA_MAPPING_SCRIPT" ]; then
+               wpa_msg stderr "\"wpa-mapping-script-priority 1\" is invalid without a wpa-mapping-script"
+               exit 1
+       fi
+       IF_WPA_CONF="$IF_WPA_ROAM"
+       WPA_ACTION_SCRIPT="/sbin/wpa_action"
+fi
+
+# master function; determines if ifupdown.sh should do something or not
+if [ -n "$IF_WPA_CONF" ]; then
+       if [ ! -s "$IF_WPA_CONF" ]; then
+               wpa_msg stderr "cannot read contents of $IF_WPA_CONF"
+               exit 1
+       fi      
+       WPA_SUP_CONF_CTRL_DIR=$(sed --quiet \
+               's/[[:space:]]*#.*//g;s/[[:space:]]\+.*$//g;s/^\(ctrl_interface\|DIR\)=\(.*\)/\2/p' "$IF_WPA_CONF")
+       if [ -n "$WPA_SUP_CONF_CTRL_DIR" ]; then
+               WPA_CTRL_DIR="$WPA_SUP_CONF_CTRL_DIR"
+       fi
+       WPA_SUP_CONF="-c $IF_WPA_CONF -C $WPA_CTRL_DIR"
+elif set | grep -q "^IF_WPA"; then
+       WPA_SUP_CONF="-C $WPA_CTRL_DIR"
+else
+       exit 0
+fi
+
+case "$MODE" in 
+       start)
+               PHASE="pre-up"
+               echo "WPA: Configuring Interface"
+               case "$PHASE" in
+                       pre-up)
+                               kill_wpa_supplicant
+                               init_wpa_supplicant     || echo "FAILED"
+                               conf_wpa_supplicant     || { kill_wpa_supplicant; exit 1; }
+                               ;;
+                       post-up)
+                               init_wpa_cli            || { kill_wpa_supplicant; exit 1; }
+                               ;;
+               esac
+               ;;
+
+       stop)
+               PHASE="post-down"
+               echo "WPA: Terminating"
+               case "$PHASE" in
+                       pre-down)
+                               kill_wpa_cli
+                               ;;
+                       post-down)
+                               kill_wpa_supplicant
+                               ;;
+                       *)
+                               wpa_msg stderr "unknown phase: \"$PHASE\""
+                               exit 1
+                               ;;
+               esac
+               ;;
+       
+       *)
+               wpa_msg stderr "unknown mode: \"$MODE\""
+               exit 1
+               ;;
+esac
+
+exit 0

diff --git a/packages/wpa-supplicant/wpa-supplicant-0.5.inc b/packages/wpa-supplicant/wpa-supplicant-0.5.inc
index 28f355c..b5e53e3 100644 (file)
--- a/packages/wpa-supplicant/wpa-supplicant-0.5.inc
+++ b/packages/wpa-supplicant/wpa-supplicant-0.5.inc
@@ -12,24 +12,18 @@ DEFAULT_PREFERENCE = "-2"
 
 SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \
        file://defconfig-gnutls \
-       file://init.sh \
        file://gnutlsfix.patch;patch=1 \
-       file://defaults-sane \
-       file://wpa-supplicant.sh \
-       file://wpa_supplicant.conf \
-       file://wpa_supplicant.conf-sane"
+       file://ifupdown.sh \
+       file://functions.sh"
 
 S = "${WORKDIR}/wpa_supplicant-${PV}"
 
-PACKAGES_prepend = "wpa-supplicant-passphrase wpa-supplicant-cli "
+PACKAGES_prepend = "wpa-supplicant-passphrase "
 FILES_wpa-supplicant-passphrase = "/usr/sbin/wpa_passphrase"
-FILES_wpa-supplicant-cli = "/usr/sbin/wpa_cli"
 
-RRECOMMENDS_${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli"
+RREPLACES = "wpa-supplicant-cli"
 
-INITSCRIPT_NAME = "wpa"
-INITSCRIPT_PARAMS = "defaults 10"
-inherit update-rc.d
+RRECOMMENDS_${PN} = "wpa-supplicant-passphrase"
 
 export HAS_PCI = "${@base_contains('COMBINED_FEATURES', 'pci', 1, 0,d)}"
 
@@ -55,20 +49,16 @@ do_install () {
        install -d ${D}${localstatedir}/run/wpa_supplicant
 
        install -d ${D}${docdir}/wpa_supplicant
-       install -m 644 README ${WORKDIR}/wpa_supplicant.conf ${D}${docdir}/wpa_supplicant
-
-       install -d ${D}${sysconfdir}/init.d
-       install -m 700 ${WORKDIR}/init.sh ${D}${sysconfdir}/init.d/wpa
-
-       install -d ${D}${sysconfdir}/default
-       install -m 600 ${WORKDIR}/defaults-sane ${D}${sysconfdir}/default/wpa
-       install -m 600 ${WORKDIR}/wpa_supplicant.conf-sane ${D}${sysconfdir}/wpa_supplicant.conf
+       install -m 644 README ${D}${docdir}/wpa_supplicant
 
        install -d ${D}${sysconfdir}/network/if-pre-up.d/
        install -d ${D}${sysconfdir}/network/if-post-down.d/
        install -d ${D}${sysconfdir}/network/if-down.d/
-       install -m 644 ${WORKDIR}/wpa_supplicant.conf ${D}${sysconfdir}
-       install -m 755 ${WORKDIR}/wpa-supplicant.sh ${D}${sysconfdir}/network/if-pre-up.d/wpa-supplicant
-       cd ${D}${sysconfdir}/network/ && \
-       ln -sf ../if-pre-up.d/wpa-supplicant if-post-down.d/wpa-supplicant
+
+       install -d ${D}${sysconfdir}/wpa_supplicant
+       install -m 755 ${WORKDIR}/ifupdown.sh ${D}${sysconfdir}/wpa_supplicant/
+       install -m 755 ${WORKDIR}/functions.sh ${D}${sysconfdir}/wpa_supplicant
+       
+       ln -s /etc/wpa_supplicant/ifupdown.sh ${D}${sysconfdir}/network/if-pre-up.d/wpasupplicant
+       ln -s /etc/wpa_supplicant/ifupdown.sh ${D}${sysconfdir}/network/if-post-down.d/wpasupplicant
 }

diff --git a/packages/wpa-supplicant/wpa-supplicant_0.5.5.bb b/packages/wpa-supplicant/wpa-supplicant_0.5.5.bb
index 67a5b99..ce744b3 100644 (file)
--- a/packages/wpa-supplicant/wpa-supplicant_0.5.5.bb
+++ b/packages/wpa-supplicant/wpa-supplicant_0.5.5.bb
@@ -1,3 +1,3 @@
 require wpa-supplicant-0.5.inc
 
-PR = "r1"
+PR = "r3"

diff --git a/packages/wpa-supplicant/wpa-supplicant_0.5.7.bb b/packages/wpa-supplicant/wpa-supplicant_0.5.7.bb
index 6594bbf..2aa871b 100644 (file)
--- a/packages/wpa-supplicant/wpa-supplicant_0.5.7.bb
+++ b/packages/wpa-supplicant/wpa-supplicant_0.5.7.bb
@@ -1 +1,3 @@
 require wpa-supplicant-0.5.inc
+
+PR = "r1"
\ No newline at end of file