From 237e32e034226d56b7f5263f9d376c7dc74ed7db Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Oct 30 2014 17:11:30 +0000
Subject: Update to 2.3


---

diff --git a/.gitignore b/.gitignore
index ac78a8e..605a7da 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,3 +14,4 @@ wpa_supplicant-0.6.8.tar.gz
 /wpa_supplicant-1.0-rc2.tar.gz
 /wpa_supplicant-1.1.tar.gz
 /wpa_supplicant-2.0.tar.gz
+/wpa_supplicant-2.3.tar.gz
diff --git a/libnl3-includes.patch b/libnl3-includes.patch
index 53a3c85..7effbc3 100644
--- a/libnl3-includes.patch
+++ b/libnl3-includes.patch
@@ -1,12 +1,13 @@
-diff -up wpa_supplicant-1.0-rc2/src/drivers/drivers.mak.foo wpa_supplicant-1.0-rc2/src/drivers/drivers.mak
---- wpa_supplicant-1.0-rc2/src/drivers/drivers.mak.foo	2012-03-02 16:11:43.176448714 -0600
-+++ wpa_supplicant-1.0-rc2/src/drivers/drivers.mak	2012-03-02 16:12:29.759866341 -0600
-@@ -48,7 +48,7 @@ NEED_RFKILL=y
+diff --git a/src/drivers/drivers.mak b/src/drivers/drivers.mak
+index cdb913e..e9fc83c 100644
+--- a/src/drivers/drivers.mak
++++ b/src/drivers/drivers.mak
+@@ -35,7 +35,7 @@ NEED_RFKILL=y
  ifdef CONFIG_LIBNL32
    DRV_LIBS += -lnl-3
    DRV_LIBS += -lnl-genl-3
 -  DRV_CFLAGS += -DCONFIG_LIBNL20 -I/usr/include/libnl3
 +  DRV_CFLAGS += -DCONFIG_LIBNL20 `pkg-config --cflags libnl-3.0`
- else
-   ifdef CONFIG_LIBNL_TINY
-     DRV_LIBS += -lnl-tiny
+ ifdef CONFIG_LIBNL3_ROUTE
+   DRV_LIBS += -lnl-route-3
+   DRV_CFLAGS += -DCONFIG_LIBNL3_ROUTE
diff --git a/sources b/sources
index 02765ba..94e6f38 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-3be2ebfdcced52e00eda0afe2889839d  wpa_supplicant-2.0.tar.gz
+f2ed8fef72cf63d8d446a2d0a6da630a  wpa_supplicant-2.3.tar.gz
diff --git a/wpa_supplicant-2.0-generate-libeap-peer.patch b/wpa_supplicant-2.0-generate-libeap-peer.patch
deleted file mode 100644
index 8f12bb1..0000000
--- a/wpa_supplicant-2.0-generate-libeap-peer.patch
+++ /dev/null
@@ -1,402 +0,0 @@
-From 3de5e59b291b6f58317bb16736f8c0271754378e Mon Sep 17 00:00:00 2001
-From: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
-Date: Sat, 2 Oct 2010 00:11:51 -0700
-Subject: [PATCH] eap_peer: create a libeap library, with header files and pkg-config [v2]
-
-This adds infrastructe in src/eap_peer to make libeap.so and install
-the needed header files and pkg-config files.
-
-Now, this is quite dirty and probably not what we want in the long
-term, but serves as an starting point:
-
- - we don't build from the wpa_supplicant directory because the
-   objects the .so have to be built with -fPIC. So if you need to
-   build both the binary and the library:
-
-   make -C wpa_supplicant
-   make -C src/eap_peer clean
-   make -C src/eap_peer
-
-   As I said, it's dirty -- we'd need either wpa_supplicant linking
-   against the library properly (but that seems not to be desirable)
-   or a multiple object build approach ala automake.
-
- - need to use 'override CFLAGS' in src/eap_peer/Makefile, otherwise
-   any CFLAGS setting will kill the build infrastructure. I miss
-   AM_CFLAGS.
-
- - adds 'eap_register_methods()' that will register every compiled in
-   method.
-
-Signed-off-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
----
- build_release              |   12 +++
- src/eap_peer/Makefile      |  191 ++++++++++++++++++++++++++++++++++++++++++--
- src/eap_peer/eap_methods.c |  114 ++++++++++++++++++++++++++
- src/eap_peer/eap_methods.h |    1 +
- src/eap_peer/libeap0.pc    |   10 +++
- 5 files changed, 320 insertions(+), 8 deletions(-)
- create mode 100644 src/eap_peer/libeap0.pc
-
-diff --git a/src/eap_peer/Makefile b/src/eap_peer/Makefile
-index 3651056..58c067a 100644
---- a/src/eap_peer/Makefile
-+++ b/src/eap_peer/Makefile
-@@ -1,11 +1,193 @@
--all:
--	@echo Nothing to be made.
-+LIBEAP_NAME = libeap
-+LIBEAP_CURRENT = 0
-+LIBEAP_REVISION = 0
-+LIBEAP_AGE = 0
-+
-+LIBEAP = $(LIBEAP_NAME).so.$(LIBEAP_CURRENT).$(LIBEAP_REVISION).$(LIBEAP_AGE)
-+LIBEAP_SO = $(LIBEAP_NAME).so.$(LIBEAP_CURRENT)
-+
-+.PHONY: all clean install uninstall
-+
-+all: $(LIBEAP)
-+
-+ifndef CC
-+CC=gcc
-+endif
-+
-+ifndef CFLAGS
-+CFLAGS = -MMD -O0 -Wall -g
-+endif
-+
-+CONFIG_TLS=openssl
-+
-+INCLUDE_INSTALL_DIR=/usr/include/eap_peer
-+
-+ifndef LIB
-+LIB = lib
-+endif
-+
-+# Got to use override all across the board, otherwise a 'make
-+# CFLAGS=XX' will kill us because the command line's CFLAGS will
-+# overwrite Make's and we'll loose all the infrastructure it sets.
-+override CFLAGS += -I. -I.. -I../crypto -I../utils -I../common
-+
-+# at least for now, need to include config_ssid.h and config_blob.h from
-+# wpa_supplicant directory
-+override CFLAGS += -I ../../wpa_supplicant
-+
-+OBJS_both += ../utils/common.o
-+OBJS_both += ../utils/eloop.o
-+OBJS_both += ../utils/os_unix.o
-+OBJS_both += ../utils/wpa_debug.o
-+OBJS_both += ../utils/base64.o
-+OBJS_both += ../utils/wpabuf.o
-+OBJS_both += ../crypto/md5.o
-+OBJS_both += ../crypto/sha1-tlsprf.o
-+OBJS_both += ../crypto/aes-encblock.o
-+OBJS_both += ../crypto/aes-wrap.o
-+OBJS_both += ../crypto/aes-ctr.o
-+OBJS_both += ../crypto/aes-eax.o
-+OBJS_both += ../crypto/aes-omac1.o
-+OBJS_both += ../crypto/ms_funcs.o
-+OBJS_both += ../crypto/sha256.o
-+OBJS_both += ../crypto/random.o
-+
-+
-+OBJS_both += ../eap_common/eap_peap_common.o
-+OBJS_both += ../eap_common/eap_psk_common.o
-+OBJS_both += ../eap_common/eap_pax_common.o
-+OBJS_both += ../eap_common/eap_sake_common.o
-+OBJS_both += ../eap_common/eap_gpsk_common.o
-+OBJS_both += ../eap_common/chap.o
-+
-+OBJS_peer += ../eap_peer/eap_tls.o
-+OBJS_peer += ../eap_peer/eap_peap.o
-+OBJS_peer += ../eap_peer/eap_ttls.o
-+OBJS_peer += ../eap_peer/eap_md5.o
-+OBJS_peer += ../eap_peer/eap_mschapv2.o
-+OBJS_peer += ../eap_peer/mschapv2.o
-+OBJS_peer += ../eap_peer/eap_otp.o
-+OBJS_peer += ../eap_peer/eap_gtc.o
-+OBJS_peer += ../eap_peer/eap_leap.o
-+OBJS_peer += ../eap_peer/eap_psk.o
-+OBJS_peer += ../eap_peer/eap_pax.o
-+OBJS_peer += ../eap_peer/eap_sake.o
-+OBJS_peer += ../eap_peer/eap_gpsk.o
-+OBJS_peer += ../eap_peer/eap.o
-+OBJS_peer += ../eap_common/eap_common.o
-+OBJS_peer += ../eap_peer/eap_methods.o
-+OBJS_peer += ../eap_peer/eap_tls_common.o
-+
-+override CFLAGS += -DEAP_TLS
-+override CFLAGS += -DEAP_PEAP
-+override CFLAGS += -DEAP_TTLS
-+override CFLAGS += -DEAP_MD5
-+override CFLAGS += -DEAP_MSCHAPv2
-+override CFLAGS += -DEAP_GTC
-+override CFLAGS += -DEAP_OTP
-+override CFLAGS += -DEAP_LEAP
-+override CFLAGS += -DEAP_PSK
-+override CFLAGS += -DEAP_PAX
-+override CFLAGS += -DEAP_SAKE
-+override CFLAGS += -DEAP_GPSK -DEAP_GPSK_SHA256
-+override CFLAGS += -DEAP_TLS_FUNCS
-+
-+override CFLAGS += -DIEEE8021X_EAPOL
-+
-+ifeq ($(CONFIG_TLS), openssl)
-+override CFLAGS += -DEAP_TLS_OPENSSL
-+OBJS_both += ../crypto/tls_openssl.o
-+OBJS_both += ../crypto/crypto_openssl.o
-+LIBS += -lssl -lcrypto
-+override CFLAGS += -DINTERNAL_SHA256
-+else
-+OBJS_both += ../crypto/sha1.o
-+endif
-+
-+ifeq ($(CONFIG_TLS), internal)
-+OBJS_both += ../crypto/tls_internal.o
-+OBJS_both += ../tls/tlsv1_common.o ../../tls/tlsv1_record.o
-+OBJS_both += ../tls/tlsv1_cred.o
-+OBJS_both += ../tls/asn1.o ../../tls/x509v3.o
-+OBJS_both += ../crypto/crypto_internal.o ../../tls/rsa.o ../../tls/bignum.o
-+
-+OBJS_peer += ../tls/tlsv1_client.o
-+OBJS_peer += ../tls/tlsv1_client_write.o ../../tls/tlsv1_client_read.o
-+override CFLAGS += -DCONFIG_TLS_INTERNAL_CLIENT
-+
-+OBJS_server += ../tls/tlsv1_server.o
-+OBJS_server += ../tls/tlsv1_server_write.o ../../tls/tlsv1_server_read.o
-+override CFLAGS += -DCONFIG_TLS_INTERNAL_SERVER
-+
-+override CFLAGS += -DCONFIG_TLS_INTERNAL
-+override CFLAGS += -DCONFIG_CRYPTO_INTERNAL
-+override CFLAGS += -DCONFIG_INTERNAL_X509
-+override CFLAGS += -DINTERNAL_AES
-+override CFLAGS += -DINTERNAL_SHA1
-+override CFLAGS += -DINTERNAL_SHA256
-+override CFLAGS += -DINTERNAL_MD5
-+override CFLAGS += -DINTERNAL_MD4
-+override CFLAGS += -DINTERNAL_DES
-+ifdef CONFIG_INTERNAL_LIBTOMMATH
-+override CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH
-+else
-+LIBS += -ltommath
-+endif
-+endif
-+
-+ifndef LDO
-+LDO=$(CC)
-+endif
-+
-+
-+OBJS_lib=$(OBJS_both) $(OBJS_peer)
-+
-+ #$(OBJS_server)
-+
-+override CFLAGS  += -fPIC -DPIC
-+LDFLAGS += -shared
-+
-+$(LIBEAP): $(OBJS_lib)
-+	$(LDO) $(LDFLAGS) $(OBJS_lib) -Wl,-soname -Wl,$(LIBEAP_SO) -o $(LIBEAP) $(LIBS)
-+
-+
-+UTIL_HEADERS = ../utils/includes.h ../utils/common.h \
-+	../utils/wpabuf.h ../utils/build_config.h \
-+	../utils/os.h ../utils/wpa_debug.h
-+COMMON_HEADERS = ../common/defs.h 
-+EAP_COMMON_HEADERS = ../eap_common/eap_defs.h 
-+MAIN_HEADERS = eap.h eap_methods.h eap_config.h
-+CRYPTO_HEADERS =  ../crypto/tls.h  
-+
-+install: 
-+
-+	mkdir -p $(DESTDIR)/usr/$(LIB)
-+#	copy the lib file to std lib location
-+	cp $(LIBEAP) $(DESTDIR)/usr/$(LIB)
-+	ln -fs $(LIBEAP_SO) $(DESTDIR)/usr/$(LIB)/$(LIBEAP_NAME).so
-+
-+#	copy the headers reqd by apps using eap peer library in its own subfolder under /usr/include
-+	mkdir -p \
-+		$(DESTDIR)/$(INCLUDE_INSTALL_DIR)/eap_common \
-+		$(DESTDIR)/$(INCLUDE_INSTALL_DIR)/common \
-+		$(DESTDIR)/$(INCLUDE_INSTALL_DIR)/util \
-+		$(DESTDIR)/$(INCLUDE_INSTALL_DIR)/crypto
-+	install -m 0644 $(EAP_COMMON_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/eap_common
-+	install -m 0644 $(COMMON_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/common
-+	install -m 0644 $(CRYPTO_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/crypto
-+	install -m 0644 $(UTIL_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/util
-+	install -m 0644 $(MAIN_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/
-+
-+	mkdir -p $(DESTDIR)/usr/$(LIB)/pkgconfig
-+	cp libeap0.pc $(DESTDIR)/usr/$(LIB)/pkgconfig
-+
-+uninstall: 
-+
-+	rm $(DESTDIR)/usr/$(LIB)/$(LIBEAP)
-+	rm -fr $(DESTDIR)/$(INCLUDE_INSTALL_DIR)
-+	rm -f $(DESTDIR)/usr/$(LIB)/pkgconfig/libeap0.pc
- 
- clean:
--	rm -f *~ *.o *.so *.d
-+	rm -f *~ *.o *.so *.d libeap.a $(LIBEAP) $(OBJS_lib)
- 
--install:
--	if ls *.so >/dev/null 2>&1; then \
--		install -d $(DESTDIR)$(LIBDIR)/wpa_supplicant && \
--		cp *.so $(DESTDIR)$(LIBDIR)/wpa_supplicant \
--	; fi
-+-include $(OBJS:%.o=%.d)
-diff --git a/src/eap_peer/eap_methods.c b/src/eap_peer/eap_methods.c
-index 3b0af05..092f266 100644
---- a/src/eap_peer/eap_methods.c
-+++ b/src/eap_peer/eap_methods.c
-@@ -340,6 +340,120 @@ int eap_peer_method_register(struct eap_method *method)
- 
- 
- /**
-+ * eap_peer_register_methods - Register all known EAP peer methods
-+ *
-+ * This function is called at program start to register all compiled
-+ * in EAP peer methods.
-+ */
-+int eap_peer_register_methods(void)
-+{
-+	int ret = 0;
-+
-+#ifdef EAP_MD5
-+	if (ret == 0)
-+		ret = eap_peer_md5_register();
-+#endif /* EAP_MD5 */
-+
-+#ifdef EAP_TLS
-+	if (ret == 0)
-+		ret = eap_peer_tls_register();
-+#endif /* EAP_TLS */
-+
-+#ifdef EAP_MSCHAPv2
-+	if (ret == 0)
-+		ret = eap_peer_mschapv2_register();
-+#endif /* EAP_MSCHAPv2 */
-+
-+#ifdef EAP_PEAP
-+	if (ret == 0)
-+		ret = eap_peer_peap_register();
-+#endif /* EAP_PEAP */
-+
-+#ifdef EAP_TTLS
-+	if (ret == 0)
-+		ret = eap_peer_ttls_register();
-+#endif /* EAP_TTLS */
-+
-+#ifdef EAP_GTC
-+	if (ret == 0)
-+		ret = eap_peer_gtc_register();
-+#endif /* EAP_GTC */
-+
-+#ifdef EAP_OTP
-+	if (ret == 0)
-+		ret = eap_peer_otp_register();
-+#endif /* EAP_OTP */
-+
-+#ifdef EAP_SIM
-+	if (ret == 0)
-+		ret = eap_peer_sim_register();
-+#endif /* EAP_SIM */
-+
-+#ifdef EAP_LEAP
-+	if (ret == 0)
-+		ret = eap_peer_leap_register();
-+#endif /* EAP_LEAP */
-+
-+#ifdef EAP_PSK
-+	if (ret == 0)
-+		ret = eap_peer_psk_register();
-+#endif /* EAP_PSK */
-+
-+#ifdef EAP_AKA
-+	if (ret == 0)
-+		ret = eap_peer_aka_register();
-+#endif /* EAP_AKA */
-+
-+#ifdef EAP_AKA_PRIME
-+	if (ret == 0)
-+		ret = eap_peer_aka_prime_register();
-+#endif /* EAP_AKA_PRIME */
-+
-+#ifdef EAP_FAST
-+	if (ret == 0)
-+		ret = eap_peer_fast_register();
-+#endif /* EAP_FAST */
-+
-+#ifdef EAP_PAX
-+	if (ret == 0)
-+		ret = eap_peer_pax_register();
-+#endif /* EAP_PAX */
-+
-+#ifdef EAP_SAKE
-+	if (ret == 0)
-+		ret = eap_peer_sake_register();
-+#endif /* EAP_SAKE */
-+
-+#ifdef EAP_GPSK
-+	if (ret == 0)
-+		ret = eap_peer_gpsk_register();
-+#endif /* EAP_GPSK */
-+
-+#ifdef EAP_WSC
-+	if (ret == 0)
-+		ret = eap_peer_wsc_register();
-+#endif /* EAP_WSC */
-+
-+#ifdef EAP_IKEV2
-+	if (ret == 0)
-+		ret = eap_peer_ikev2_register();
-+#endif /* EAP_IKEV2 */
-+
-+#ifdef EAP_VENDOR_TEST
-+	if (ret == 0)
-+		ret = eap_peer_vendor_test_register();
-+#endif /* EAP_VENDOR_TEST */
-+
-+#ifdef EAP_TNC
-+	if (ret == 0)
-+		ret = eap_peer_tnc_register();
-+#endif /* EAP_TNC */
-+
-+	return ret;
-+}
-+
-+
-+/**
-  * eap_peer_unregister_methods - Unregister EAP peer methods
-  *
-  * This function is called at program termination to unregister all EAP peer
-diff --git a/src/eap_peer/eap_methods.h b/src/eap_peer/eap_methods.h
-index 384c61b..b83a46f 100644
---- a/src/eap_peer/eap_methods.h
-+++ b/src/eap_peer/eap_methods.h
-@@ -32,6 +32,7 @@ EapType eap_peer_get_type(const char *name, int *vendor);
- const char * eap_get_name(int vendor, EapType type);
- size_t eap_get_names(char *buf, size_t buflen);
- char ** eap_get_names_as_string_array(size_t *num);
-+int eap_peer_register_methods(void);
- void eap_peer_unregister_methods(void);
- 
- #else /* IEEE8021X_EAPOL */
-diff --git a/src/eap_peer/libeap0.pc b/src/eap_peer/libeap0.pc
-new file mode 100644
-index 0000000..2f8463a
---- /dev/null
-+++ b/src/eap_peer/libeap0.pc
-@@ -0,0 +1,10 @@
-+prefix=/usr
-+exec_prefix=/usr
-+libdir=/usr/lib
-+includedir=${prefix}/include/eap_peer
-+
-+Name: libeap0
-+Description: EAP Peer Library API
-+Version: 0.7.2
-+Libs: -L${libdir} -leap
-+Cflags: -I${includedir}
--- 
-1.6.6.1
-
diff --git a/wpa_supplicant-2.3-generate-libeap-peer.patch b/wpa_supplicant-2.3-generate-libeap-peer.patch
new file mode 100644
index 0000000..d76343b
--- /dev/null
+++ b/wpa_supplicant-2.3-generate-libeap-peer.patch
@@ -0,0 +1,402 @@
+From 818ac0e07c9eaf4bc0026bda7d42718afcf1f92d Mon Sep 17 00:00:00 2001
+From: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
+Date: Sat, 2 Oct 2010 00:11:51 -0700
+Subject: [PATCH] eap_peer: create a libeap library, with header files and
+ pkg-config [v2]
+
+This adds infrastructe in src/eap_peer to make libeap.so and install
+the needed header files and pkg-config files.
+
+Now, this is quite dirty and probably not what we want in the long
+term, but serves as an starting point:
+
+ - we don't build from the wpa_supplicant directory because the
+   objects the .so have to be built with -fPIC. So if you need to
+   build both the binary and the library:
+
+   make -C wpa_supplicant
+   make -C src/eap_peer clean
+   make -C src/eap_peer
+
+   As I said, it's dirty -- we'd need either wpa_supplicant linking
+   against the library properly (but that seems not to be desirable)
+   or a multiple object build approach ala automake.
+
+ - need to use 'override CFLAGS' in src/eap_peer/Makefile, otherwise
+   any CFLAGS setting will kill the build infrastructure. I miss
+   AM_CFLAGS.
+
+ - adds 'eap_register_methods()' that will register every compiled in
+   method.
+
+Signed-off-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
+---
+ src/eap_peer/Makefile      | 198 +++++++++++++++++++++++++++++++++++++++++++--
+ src/eap_peer/eap_methods.c | 114 ++++++++++++++++++++++++++
+ src/eap_peer/eap_methods.h |   1 +
+ src/eap_peer/libeap0.pc    |  10 +++
+ 4 files changed, 315 insertions(+), 8 deletions(-)
+ create mode 100644 src/eap_peer/libeap0.pc
+
+diff --git a/src/eap_peer/Makefile b/src/eap_peer/Makefile
+index f79519b..cedd89f 100644
+--- a/src/eap_peer/Makefile
++++ b/src/eap_peer/Makefile
+@@ -1,11 +1,193 @@
+-all:
+-	@echo Nothing to be made.
++LIBEAP_NAME = libeap
++LIBEAP_CURRENT = 0
++LIBEAP_REVISION = 0
++LIBEAP_AGE = 0
++
++LIBEAP = $(LIBEAP_NAME).so.$(LIBEAP_CURRENT).$(LIBEAP_REVISION).$(LIBEAP_AGE)
++LIBEAP_SO = $(LIBEAP_NAME).so.$(LIBEAP_CURRENT)
++
++.PHONY: all clean install uninstall
++
++all: $(LIBEAP)
++
++ifndef CC
++CC=gcc
++endif
++
++ifndef CFLAGS
++CFLAGS = -MMD -O0 -Wall -g
++endif
++
++CONFIG_TLS=openssl
++
++INCLUDE_INSTALL_DIR=/usr/include/eap_peer
++
++ifndef LIB
++LIB = lib
++endif
++
++# Got to use override all across the board, otherwise a 'make
++# CFLAGS=XX' will kill us because the command line's CFLAGS will
++# overwrite Make's and we'll loose all the infrastructure it sets.
++override CFLAGS += -I. -I.. -I../crypto -I../utils -I../common
++
++# at least for now, need to include config_ssid.h and config_blob.h from
++# wpa_supplicant directory
++override CFLAGS += -I ../../wpa_supplicant
++
++OBJS_both += ../utils/common.o
++OBJS_both += ../utils/eloop.o
++OBJS_both += ../utils/os_unix.o
++OBJS_both += ../utils/wpa_debug.o
++OBJS_both += ../utils/base64.o
++OBJS_both += ../utils/wpabuf.o
++OBJS_both += ../crypto/md5.o
++OBJS_both += ../crypto/sha1-tlsprf.o
++OBJS_both += ../crypto/aes-encblock.o
++OBJS_both += ../crypto/aes-wrap.o
++OBJS_both += ../crypto/aes-ctr.o
++OBJS_both += ../crypto/aes-eax.o
++OBJS_both += ../crypto/aes-omac1.o
++OBJS_both += ../crypto/ms_funcs.o
++OBJS_both += ../crypto/sha256.o
++OBJS_both += ../crypto/random.o
++
++
++OBJS_both += ../eap_common/eap_peap_common.o
++OBJS_both += ../eap_common/eap_psk_common.o
++OBJS_both += ../eap_common/eap_pax_common.o
++OBJS_both += ../eap_common/eap_sake_common.o
++OBJS_both += ../eap_common/eap_gpsk_common.o
++OBJS_both += ../eap_common/chap.o
++
++OBJS_peer += ../eap_peer/eap_tls.o
++OBJS_peer += ../eap_peer/eap_peap.o
++OBJS_peer += ../eap_peer/eap_ttls.o
++OBJS_peer += ../eap_peer/eap_md5.o
++OBJS_peer += ../eap_peer/eap_mschapv2.o
++OBJS_peer += ../eap_peer/mschapv2.o
++OBJS_peer += ../eap_peer/eap_otp.o
++OBJS_peer += ../eap_peer/eap_gtc.o
++OBJS_peer += ../eap_peer/eap_leap.o
++OBJS_peer += ../eap_peer/eap_psk.o
++OBJS_peer += ../eap_peer/eap_pax.o
++OBJS_peer += ../eap_peer/eap_sake.o
++OBJS_peer += ../eap_peer/eap_gpsk.o
++OBJS_peer += ../eap_peer/eap.o
++OBJS_peer += ../eap_common/eap_common.o
++OBJS_peer += ../eap_peer/eap_methods.o
++OBJS_peer += ../eap_peer/eap_tls_common.o
++
++override CFLAGS += -DEAP_TLS
++override CFLAGS += -DEAP_PEAP
++override CFLAGS += -DEAP_TTLS
++override CFLAGS += -DEAP_MD5
++override CFLAGS += -DEAP_MSCHAPv2
++override CFLAGS += -DEAP_GTC
++override CFLAGS += -DEAP_OTP
++override CFLAGS += -DEAP_LEAP
++override CFLAGS += -DEAP_PSK
++override CFLAGS += -DEAP_PAX
++override CFLAGS += -DEAP_SAKE
++override CFLAGS += -DEAP_GPSK -DEAP_GPSK_SHA256
++override CFLAGS += -DEAP_TLS_FUNCS
++
++override CFLAGS += -DIEEE8021X_EAPOL
++
++ifeq ($(CONFIG_TLS), openssl)
++override CFLAGS += -DEAP_TLS_OPENSSL
++OBJS_both += ../crypto/tls_openssl.o
++OBJS_both += ../crypto/crypto_openssl.o
++LIBS += -lssl -lcrypto
++override CFLAGS += -DINTERNAL_SHA256
++else
++OBJS_both += ../crypto/sha1.o
++endif
++
++ifeq ($(CONFIG_TLS), internal)
++OBJS_both += ../crypto/tls_internal.o
++OBJS_both += ../tls/tlsv1_common.o ../../tls/tlsv1_record.o
++OBJS_both += ../tls/tlsv1_cred.o
++OBJS_both += ../tls/asn1.o ../../tls/x509v3.o
++OBJS_both += ../crypto/crypto_internal.o ../../tls/rsa.o ../../tls/bignum.o
++
++OBJS_peer += ../tls/tlsv1_client.o
++OBJS_peer += ../tls/tlsv1_client_write.o ../../tls/tlsv1_client_read.o
++override CFLAGS += -DCONFIG_TLS_INTERNAL_CLIENT
++
++OBJS_server += ../tls/tlsv1_server.o
++OBJS_server += ../tls/tlsv1_server_write.o ../../tls/tlsv1_server_read.o
++override CFLAGS += -DCONFIG_TLS_INTERNAL_SERVER
++
++override CFLAGS += -DCONFIG_TLS_INTERNAL
++override CFLAGS += -DCONFIG_CRYPTO_INTERNAL
++override CFLAGS += -DCONFIG_INTERNAL_X509
++override CFLAGS += -DINTERNAL_AES
++override CFLAGS += -DINTERNAL_SHA1
++override CFLAGS += -DINTERNAL_SHA256
++override CFLAGS += -DINTERNAL_MD5
++override CFLAGS += -DINTERNAL_MD4
++override CFLAGS += -DINTERNAL_DES
++ifdef CONFIG_INTERNAL_LIBTOMMATH
++override CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH
++else
++LIBS += -ltommath
++endif
++endif
++
++ifndef LDO
++LDO=$(CC)
++endif
++
++
++OBJS_lib=$(OBJS_both) $(OBJS_peer)
++
++ #$(OBJS_server)
++
++override CFLAGS  += -fPIC -DPIC
++LDFLAGS += -shared
++
++$(LIBEAP): $(OBJS_lib)
++	$(LDO) $(LDFLAGS) $(OBJS_lib) -Wl,-soname -Wl,$(LIBEAP_SO) -o $(LIBEAP) $(LIBS)
++
++
++UTIL_HEADERS = ../utils/includes.h ../utils/common.h \
++	../utils/wpabuf.h ../utils/build_config.h \
++	../utils/os.h ../utils/wpa_debug.h
++COMMON_HEADERS = ../common/defs.h 
++EAP_COMMON_HEADERS = ../eap_common/eap_defs.h 
++MAIN_HEADERS = eap.h eap_methods.h eap_config.h
++CRYPTO_HEADERS =  ../crypto/tls.h  
++
++install: 
++
++	mkdir -p $(DESTDIR)/usr/$(LIB)
++#	copy the lib file to std lib location
++	cp $(LIBEAP) $(DESTDIR)/usr/$(LIB)
++	ln -fs $(LIBEAP_SO) $(DESTDIR)/usr/$(LIB)/$(LIBEAP_NAME).so
++
++#	copy the headers reqd by apps using eap peer library in its own subfolder under /usr/include
++	mkdir -p \
++		$(DESTDIR)/$(INCLUDE_INSTALL_DIR)/eap_common \
++		$(DESTDIR)/$(INCLUDE_INSTALL_DIR)/common \
++		$(DESTDIR)/$(INCLUDE_INSTALL_DIR)/util \
++		$(DESTDIR)/$(INCLUDE_INSTALL_DIR)/crypto
++	install -m 0644 $(EAP_COMMON_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/eap_common
++	install -m 0644 $(COMMON_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/common
++	install -m 0644 $(CRYPTO_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/crypto
++	install -m 0644 $(UTIL_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/util
++	install -m 0644 $(MAIN_HEADERS) $(DESTDIR)/$(INCLUDE_INSTALL_DIR)/
++
++	mkdir -p $(DESTDIR)/usr/$(LIB)/pkgconfig
++	cp libeap0.pc $(DESTDIR)/usr/$(LIB)/pkgconfig
++
++uninstall: 
++
++	rm $(DESTDIR)/usr/$(LIB)/$(LIBEAP)
++	rm -fr $(DESTDIR)/$(INCLUDE_INSTALL_DIR)
++	rm -f $(DESTDIR)/usr/$(LIB)/pkgconfig/libeap0.pc
+ 
+ clean:
+-	rm -f *~ *.o *.so *.d *.gcno *.gcda *.gcov
++	rm -f *~ *.o *.so *.d *.gcno *.gcda *.gcov libeap.a $(LIBEAP) $(OBJS_lib)
+ 
+-install:
+-	if ls *.so >/dev/null 2>&1; then \
+-		install -d $(DESTDIR)$(LIBDIR)/wpa_supplicant && \
+-		cp *.so $(DESTDIR)$(LIBDIR)/wpa_supplicant \
+-	; fi
++-include $(OBJS:%.o=%.d)
+diff --git a/src/eap_peer/eap_methods.c b/src/eap_peer/eap_methods.c
+index 83a1457..95a41e6 100644
+--- a/src/eap_peer/eap_methods.c
++++ b/src/eap_peer/eap_methods.c
+@@ -336,6 +336,120 @@ int eap_peer_method_register(struct eap_method *method)
+ 
+ 
+ /**
++ * eap_peer_register_methods - Register all known EAP peer methods
++ *
++ * This function is called at program start to register all compiled
++ * in EAP peer methods.
++ */
++int eap_peer_register_methods(void)
++{
++	int ret = 0;
++
++#ifdef EAP_MD5
++	if (ret == 0)
++		ret = eap_peer_md5_register();
++#endif /* EAP_MD5 */
++
++#ifdef EAP_TLS
++	if (ret == 0)
++		ret = eap_peer_tls_register();
++#endif /* EAP_TLS */
++
++#ifdef EAP_MSCHAPv2
++	if (ret == 0)
++		ret = eap_peer_mschapv2_register();
++#endif /* EAP_MSCHAPv2 */
++
++#ifdef EAP_PEAP
++	if (ret == 0)
++		ret = eap_peer_peap_register();
++#endif /* EAP_PEAP */
++
++#ifdef EAP_TTLS
++	if (ret == 0)
++		ret = eap_peer_ttls_register();
++#endif /* EAP_TTLS */
++
++#ifdef EAP_GTC
++	if (ret == 0)
++		ret = eap_peer_gtc_register();
++#endif /* EAP_GTC */
++
++#ifdef EAP_OTP
++	if (ret == 0)
++		ret = eap_peer_otp_register();
++#endif /* EAP_OTP */
++
++#ifdef EAP_SIM
++	if (ret == 0)
++		ret = eap_peer_sim_register();
++#endif /* EAP_SIM */
++
++#ifdef EAP_LEAP
++	if (ret == 0)
++		ret = eap_peer_leap_register();
++#endif /* EAP_LEAP */
++
++#ifdef EAP_PSK
++	if (ret == 0)
++		ret = eap_peer_psk_register();
++#endif /* EAP_PSK */
++
++#ifdef EAP_AKA
++	if (ret == 0)
++		ret = eap_peer_aka_register();
++#endif /* EAP_AKA */
++
++#ifdef EAP_AKA_PRIME
++	if (ret == 0)
++		ret = eap_peer_aka_prime_register();
++#endif /* EAP_AKA_PRIME */
++
++#ifdef EAP_FAST
++	if (ret == 0)
++		ret = eap_peer_fast_register();
++#endif /* EAP_FAST */
++
++#ifdef EAP_PAX
++	if (ret == 0)
++		ret = eap_peer_pax_register();
++#endif /* EAP_PAX */
++
++#ifdef EAP_SAKE
++	if (ret == 0)
++		ret = eap_peer_sake_register();
++#endif /* EAP_SAKE */
++
++#ifdef EAP_GPSK
++	if (ret == 0)
++		ret = eap_peer_gpsk_register();
++#endif /* EAP_GPSK */
++
++#ifdef EAP_WSC
++	if (ret == 0)
++		ret = eap_peer_wsc_register();
++#endif /* EAP_WSC */
++
++#ifdef EAP_IKEV2
++	if (ret == 0)
++		ret = eap_peer_ikev2_register();
++#endif /* EAP_IKEV2 */
++
++#ifdef EAP_VENDOR_TEST
++	if (ret == 0)
++		ret = eap_peer_vendor_test_register();
++#endif /* EAP_VENDOR_TEST */
++
++#ifdef EAP_TNC
++	if (ret == 0)
++		ret = eap_peer_tnc_register();
++#endif /* EAP_TNC */
++
++	return ret;
++}
++
++
++/**
+  * eap_peer_unregister_methods - Unregister EAP peer methods
+  *
+  * This function is called at program termination to unregister all EAP peer
+diff --git a/src/eap_peer/eap_methods.h b/src/eap_peer/eap_methods.h
+index e35c919..da14e42 100644
+--- a/src/eap_peer/eap_methods.h
++++ b/src/eap_peer/eap_methods.h
+@@ -26,6 +26,7 @@ EapType eap_peer_get_type(const char *name, int *vendor);
+ const char * eap_get_name(int vendor, EapType type);
+ size_t eap_get_names(char *buf, size_t buflen);
+ char ** eap_get_names_as_string_array(size_t *num);
++int eap_peer_register_methods(void);
+ void eap_peer_unregister_methods(void);
+ 
+ #else /* IEEE8021X_EAPOL */
+diff --git a/src/eap_peer/libeap0.pc b/src/eap_peer/libeap0.pc
+new file mode 100644
+index 0000000..594fa2c
+--- /dev/null
++++ b/src/eap_peer/libeap0.pc
+@@ -0,0 +1,10 @@
++prefix=/usr
++exec_prefix=/usr
++libdir=/usr/lib
++includedir=${prefix}/include/eap_peer
++
++Name: libeap0
++Description: EAP Peer Library API
++Version: 0.7.2
++Libs: -L${libdir} -leap
++Cflags: -I${includedir}
+-- 
+1.9.3
+
diff --git a/wpa_supplicant-quiet-scan-results-message.patch b/wpa_supplicant-quiet-scan-results-message.patch
index 5bb36a4..6ce32ac 100644
--- a/wpa_supplicant-quiet-scan-results-message.patch
+++ b/wpa_supplicant-quiet-scan-results-message.patch
@@ -1,13 +1,18 @@
-diff -up wpa_supplicant-0.6.7/wpa_supplicant/events.c.scan-results-msg wpa_supplicant-0.6.7/wpa_supplicant/events.c
---- wpa_supplicant-0.6.7/wpa_supplicant/events.c.scan-results-msg	2009-01-30 12:08:34.000000000 -0500
-+++ wpa_supplicant-0.6.7/wpa_supplicant/events.c	2009-01-30 12:08:37.000000000 -0500
-@@ -911,7 +911,7 @@ static void wpa_supplicant_event_scan_re
+diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
+index 49d32c2..f1d1f92 100644
+--- a/wpa_supplicant/events.c
++++ b/wpa_supplicant/events.c
+@@ -1328,11 +1328,11 @@ static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s,
+ 		wpa_s->own_scan_running, wpa_s->external_scan_running);
+ 	if (wpa_s->last_scan_req == MANUAL_SCAN_REQ &&
+ 	    wpa_s->manual_scan_use_id && wpa_s->own_scan_running) {
+-		wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS "id=%u",
++		wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS "id=%u",
+ 			     wpa_s->manual_scan_id);
+ 		wpa_s->manual_scan_use_id = 0;
+ 	} else {
+-		wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
++		wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS);
  	}
- 
- 	wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available");
--	wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
-+	wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS);
  	wpas_notify_scan_results(wpa_s);
  
- 	wpas_notify_scan_done(wpa_s, 1);
-
diff --git a/wpa_supplicant.init.d b/wpa_supplicant.init.d
deleted file mode 100644
index 0e8d9e0..0000000
--- a/wpa_supplicant.init.d
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/bin/bash
-#
-# wpa_supplicant 
-#
-# chkconfig:   - 23 88
-# description: wpa_supplicant is a WPA Supplicant for Linux, BSD and \
-#     Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant \
-#     is the IEEE 802.1X/WPA component that is used in the client stations. \
-#     It implements key negotiation with a WPA Authenticator and it controls \
-#     the roaming and IEEE 802.11 authentication/association of the wlan driver.
-# processname: wpa_supplicant
-# config:      /etc/wpa_supplicant/wpa_supplicant.conf
-#
-### BEGIN INIT INFO
-# Provides: wpa_supplicant
-# Required-Start: $local_fs messagebus
-# Required-Stop: $local_fs messagebus
-# Default-Start:
-# Default-Stop: 0 1 6
-# Short-Description: start and stop wpa_supplicant
-# Description: wpa_supplicant is a tool for connecting to wireless networks
-### END INIT INFO
-
-# Source function library.
-. /etc/rc.d/init.d/functions
-
-# Source networking configuration.
-. /etc/sysconfig/network
-
-exec="/usr/sbin/wpa_supplicant"
-prog=$(basename $exec)
-conf="/etc/wpa_supplicant/wpa_supplicant.conf"
-lockfile=/var/lock/subsys/$prog
-
-[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
-
-start() {
- 	echo -n $"Starting $prog: $conf, $INTERFACES, $DRIVERS"
-	daemon $prog -c $conf $INTERFACES $DRIVERS -B $OTHER_ARGS
-	retval=$?
-	echo
-	[ $retval -eq 0 ] && touch $lockfile
-	return $retval
-}
-
-stop() {
-	echo -n $"Stopping $prog: "
-	killproc $prog
-	retval=$?
-	echo
-	[ $retval -eq 0 ] && rm -f $lockfile
-	return $retval
-}
-
-restart() {
-	stop
-	start
-}
-
-reload() {
-	restart
-}
-
-force_reload() {
-	restart
-}
-
-fdr_status() {
-	status $prog
-}
-
-
-case "$1" in
-	start|stop|restart|reload)
-  		$1
-		;;
-	force-reload)
-		force_reload
-		;;
-	status)
-		fdr_status
-		;;
-	condrestart|try-restart)
-		[ -f $lockfile ] && restart
-		;;
-	*)
-		echo $"Usage: $0 {start|stop|status|restart|try-restart|reload|force-reload}"
-		exit 1
-esac
-
diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec
index fb8370c..1d6d02e 100644
--- a/wpa_supplicant.spec
+++ b/wpa_supplicant.spec
@@ -6,8 +6,8 @@
 Summary: WPA/WPA2/IEEE 802.1X Supplicant
 Name: wpa_supplicant
 Epoch: 1
-Version: 2.0
-Release: 12%{?dist}
+Version: 2.3
+Release: 1%{?dist}
 License: BSD
 Group: System Environment/Base
 Source0: http://w1.fi/releases/%{name}-%{version}%{rcver}%{snapshot}.tar.gz
@@ -53,7 +53,7 @@ Patch12: 0002-wpa_cli-Use-os_exec-for-action-script-execution.patch
 %if %{build_libeap}
 # Dirty hack for WiMAX
 # http://linuxwimax.org/Download?action=AttachFile&do=get&target=wpa-1.5-README.txt
-Patch100: wpa_supplicant-2.0-generate-libeap-peer.patch
+Patch100: wpa_supplicant-2.3-generate-libeap-peer.patch
 %endif
 
 URL: http://w1.fi/wpa_supplicant/
@@ -119,10 +119,6 @@ Don't use this unless you know what you're doing.
 %patch6 -p1 -b .qt4
 %patch7 -p1 -b .libnl3
 %patch8 -p1 -b .rh837402-less-aggressive-roaming
-%patch9 -p1 -b .man-page
-%patch10 -p1 -b .pmksa-clear-fix
-%patch11 -p1 -b .CVE-2014-3686-1
-%patch12 -p1 -b .CVE-2014-3686-2
 
 %build
 pushd wpa_supplicant
@@ -141,7 +137,7 @@ pushd wpa_supplicant
 popd
 
 pushd wpa_supplicant/doc/docbook
-  make
+  make man
 popd
 
 %install
@@ -270,6 +266,9 @@ fi
 %endif
 
 %changelog
+* Thu Oct 30 2014 Lubomir Rintel <lkundrak@v3.sk> - 1:2.3-1
+- Update to 2.3
+
 * Wed Oct 22 2014 Dan Williams <dcbw@redhat.com> - 1:2.0-12
 - Use os_exec() for action script execution (CVE-2014-3686)