From 9bec5ec9cbcd454761c201b40ce45bccfb742f0e Mon Sep 17 00:00:00 2001
From: DistroBaker <osci-list@redhat.com>
Date: Wed, 3 Feb 2021 22:20:24 +0000
Subject: [PATCH] Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/wpa_supplicant.git#0b9539a24dea64edb576d230bf3bced98a16763f
---
 ...anging-an-interface-bridge-via-D-Bus.patch | 200 ++++++++++++++++++
 ...-OWE-capability-and-OWE-BSS-key_mgmt.patch |  62 ++++++
 wpa_supplicant-config.patch                   |  14 +-
 wpa_supplicant.spec                           |  18 +-
 4 files changed, 285 insertions(+), 9 deletions(-)
 create mode 100644 0001-D-Bus-Allow-changing-an-interface-bridge-via-D-Bus.patch
 create mode 100644 0001-dbus-Export-OWE-capability-and-OWE-BSS-key_mgmt.patch

diff --git a/0001-D-Bus-Allow-changing-an-interface-bridge-via-D-Bus.patch b/0001-D-Bus-Allow-changing-an-interface-bridge-via-D-Bus.patch
new file mode 100644
index 0000000..4da577e
--- /dev/null
+++ b/0001-D-Bus-Allow-changing-an-interface-bridge-via-D-Bus.patch
@@ -0,0 +1,200 @@
+From 1c58317f56e312576b6872440f125f794e45f991 Mon Sep 17 00:00:00 2001
+Message-Id: <1c58317f56e312576b6872440f125f794e45f991.1602774933.git.davide.caratti@gmail.com>
+From: Beniamino Galvani <bgalvani@redhat.com>
+Date: Wed, 30 Sep 2020 18:34:36 +0200
+Subject: [PATCH] D-Bus: Allow changing an interface bridge via D-Bus
+
+D-Bus clients can call CreateInterface() once and use the resulting
+Interface object to connect multiple times to different networks.
+
+However, if the network interface gets added to a bridge, clients
+currently have to remove the Interface object and create a new one.
+
+Improve this by supporting the change of the BridgeIfname property of
+an existing Interface object.
+
+Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
+---
+ src/rsn_supp/tdls.c                     |  5 +++
+ wpa_supplicant/dbus/dbus_new.c          |  2 +-
+ wpa_supplicant/dbus/dbus_new_handlers.c | 37 ++++++++++++++++
+ wpa_supplicant/dbus/dbus_new_handlers.h |  1 +
+ wpa_supplicant/wpa_supplicant.c         | 59 +++++++++++++++++++++++++
+ wpa_supplicant/wpa_supplicant_i.h       |  2 +
+ 6 files changed, 105 insertions(+), 1 deletion(-)
+
+diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c
+index 7b47e3ac5..eff8cd829 100644
+--- a/src/rsn_supp/tdls.c
++++ b/src/rsn_supp/tdls.c
+@@ -2807,6 +2807,11 @@ int wpa_tdls_init(struct wpa_sm *sm)
+ 	if (sm == NULL)
+ 		return -1;
+ 
++	if (sm->l2_tdls) {
++		l2_packet_deinit(sm->l2_tdls);
++		sm->l2_tdls = NULL;
++	}
++
+ 	sm->l2_tdls = l2_packet_init(sm->bridge_ifname ? sm->bridge_ifname :
+ 				     sm->ifname,
+ 				     sm->own_addr,
+diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c
+index 793a881ef..ab7628f87 100644
+--- a/wpa_supplicant/dbus/dbus_new.c
++++ b/wpa_supplicant/dbus/dbus_new.c
+@@ -3613,7 +3613,7 @@ static const struct wpa_dbus_property_desc wpas_dbus_interface_properties[] = {
+ 	},
+ 	{ "BridgeIfname", WPAS_DBUS_NEW_IFACE_INTERFACE, "s",
+ 	  wpas_dbus_getter_bridge_ifname,
+-	  NULL,
++	  wpas_dbus_setter_bridge_ifname,
+ 	  NULL
+ 	},
+ 	{ "ConfigFile", WPAS_DBUS_NEW_IFACE_INTERFACE, "s",
+diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
+index 34abab752..2cfc87fa8 100644
+--- a/wpa_supplicant/dbus/dbus_new_handlers.c
++++ b/wpa_supplicant/dbus/dbus_new_handlers.c
+@@ -3635,6 +3635,43 @@ dbus_bool_t wpas_dbus_getter_bridge_ifname(
+ }
+ 
+ 
++dbus_bool_t wpas_dbus_setter_bridge_ifname(
++	const struct wpa_dbus_property_desc *property_desc,
++	DBusMessageIter *iter, DBusError *error, void *user_data)
++{
++	struct wpa_supplicant *wpa_s = user_data;
++	const char *bridge_ifname = NULL;
++	const char *msg;
++	int r;
++
++	if (!wpas_dbus_simple_property_setter(iter, error, DBUS_TYPE_STRING,
++					      &bridge_ifname))
++		return FALSE;
++
++	r = wpa_supplicant_update_bridge_ifname(wpa_s, bridge_ifname);
++	if (r != 0) {
++		switch (r) {
++		case -EINVAL:
++			msg = "invalid interface name";
++			break;
++		case -EBUSY:
++			msg = "interface is busy";
++			break;
++		case -EIO:
++			msg = "socket error";
++			break;
++		default:
++			msg = "unknown error";
++			break;
++		}
++		dbus_set_error_const(error, DBUS_ERROR_FAILED, msg);
++		return FALSE;
++	}
++
++	return TRUE;
++}
++
++
+ /**
+  * wpas_dbus_getter_config_file - Get interface configuration file path
+  * @iter: Pointer to incoming dbus message iter
+diff --git a/wpa_supplicant/dbus/dbus_new_handlers.h b/wpa_supplicant/dbus/dbus_new_handlers.h
+index afa26efed..d528c0816 100644
+--- a/wpa_supplicant/dbus/dbus_new_handlers.h
++++ b/wpa_supplicant/dbus/dbus_new_handlers.h
+@@ -167,6 +167,7 @@ DECLARE_ACCESSOR(wpas_dbus_setter_scan_interval);
+ DECLARE_ACCESSOR(wpas_dbus_getter_ifname);
+ DECLARE_ACCESSOR(wpas_dbus_getter_driver);
+ DECLARE_ACCESSOR(wpas_dbus_getter_bridge_ifname);
++DECLARE_ACCESSOR(wpas_dbus_setter_bridge_ifname);
+ DECLARE_ACCESSOR(wpas_dbus_getter_config_file);
+ DECLARE_ACCESSOR(wpas_dbus_getter_current_bss);
+ DECLARE_ACCESSOR(wpas_dbus_getter_current_network);
+diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
+index 39e92fb68..a7e9e459e 100644
+--- a/wpa_supplicant/wpa_supplicant.c
++++ b/wpa_supplicant/wpa_supplicant.c
+@@ -4906,6 +4906,65 @@ static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
+ }
+ 
+ 
++int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
++					const char *bridge_ifname)
++{
++	if (wpa_s->wpa_state > WPA_SCANNING)
++		return -EBUSY;
++
++	if (bridge_ifname &&
++	    os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname))
++		return -EINVAL;
++
++	if (!bridge_ifname)
++		bridge_ifname = "";
++
++	if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0)
++		return 0;
++
++	if (wpa_s->l2_br) {
++		l2_packet_deinit(wpa_s->l2_br);
++		wpa_s->l2_br = NULL;
++	}
++
++	os_strlcpy(wpa_s->bridge_ifname, bridge_ifname,
++		   sizeof(wpa_s->bridge_ifname));
++
++	if (wpa_s->bridge_ifname[0]) {
++		wpa_dbg(wpa_s, MSG_DEBUG,
++			"Receiving packets from bridge interface '%s'",
++			wpa_s->bridge_ifname);
++		wpa_s->l2_br = l2_packet_init_bridge(
++			wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
++			ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
++		if (!wpa_s->l2_br) {
++			wpa_msg(wpa_s, MSG_ERROR,
++				"Failed to open l2_packet connection for the bridge interface '%s'",
++				wpa_s->bridge_ifname);
++			goto fail;
++		}
++	}
++
++#ifdef CONFIG_TDLS
++	if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
++		goto fail;
++#endif /* CONFIG_TDLS */
++
++	return 0;
++fail:
++	wpa_s->bridge_ifname[0] = 0;
++	if (wpa_s->l2_br) {
++		l2_packet_deinit(wpa_s->l2_br);
++		wpa_s->l2_br = NULL;
++	}
++#ifdef CONFIG_TDLS
++	if (!wpa_s->p2p_mgmt)
++		wpa_tdls_init(wpa_s->wpa);
++#endif /* CONFIG_TDLS */
++	return -EIO;
++}
++
++
+ /**
+  * wpa_supplicant_driver_init - Initialize driver interface parameters
+  * @wpa_s: Pointer to wpa_supplicant data
+diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
+index 31a9b7427..eac3491cc 100644
+--- a/wpa_supplicant/wpa_supplicant_i.h
++++ b/wpa_supplicant/wpa_supplicant_i.h
+@@ -1351,6 +1351,8 @@ int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s);
+ const char * wpa_supplicant_state_txt(enum wpa_states state);
+ int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s);
+ int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s);
++int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
++					const char *bridge_ifname);
+ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
+ 			      struct wpa_bss *bss, struct wpa_ssid *ssid,
+ 			      u8 *wpa_ie, size_t *wpa_ie_len);
+-- 
+2.26.2
+
diff --git a/0001-dbus-Export-OWE-capability-and-OWE-BSS-key_mgmt.patch b/0001-dbus-Export-OWE-capability-and-OWE-BSS-key_mgmt.patch
new file mode 100644
index 0000000..30a07e4
--- /dev/null
+++ b/0001-dbus-Export-OWE-capability-and-OWE-BSS-key_mgmt.patch
@@ -0,0 +1,62 @@
+From 7800725afb27397f7d6033d4969e2aeb61af4737 Mon Sep 17 00:00:00 2001
+Message-Id: <7800725afb27397f7d6033d4969e2aeb61af4737.1602780273.git.davide.caratti@gmail.com>
+From: Beniamino Galvani <bgalvani@redhat.com>
+Date: Sun, 13 Oct 2019 15:18:54 +0200
+Subject: [PATCH] dbus: Export OWE capability and OWE BSS key_mgmt
+
+Export a new 'owe' capability to indicate that wpa_supplicant was
+built with OWE support and accepts 'key_mgmt=OWE'. Also, support 'owe'
+in the array of BSS' available key managements.
+
+Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
+---
+ wpa_supplicant/dbus/dbus_new_handlers.c | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
+index d2c84e5c5..1206c3cde 100644
+--- a/wpa_supplicant/dbus/dbus_new_handlers.c
++++ b/wpa_supplicant/dbus/dbus_new_handlers.c
+@@ -984,8 +984,7 @@ dbus_bool_t wpas_dbus_getter_global_capabilities(
+ 	const struct wpa_dbus_property_desc *property_desc,
+ 	DBusMessageIter *iter, DBusError *error, void *user_data)
+ {
+-	const char *capabilities[10] = { NULL, NULL, NULL, NULL, NULL, NULL,
+-					NULL, NULL, NULL, NULL };
++	const char *capabilities[11];
+ 	size_t num_items = 0;
+ #ifdef CONFIG_FILS
+ 	struct wpa_global *global = user_data;
+@@ -1028,6 +1027,9 @@ dbus_bool_t wpas_dbus_getter_global_capabilities(
+ #ifdef CONFIG_SHA384
+ 	capabilities[num_items++] = "sha384";
+ #endif /* CONFIG_SHA384 */
++#ifdef CONFIG_OWE
++	capabilities[num_items++] = "owe";
++#endif /* CONFIG_OWE */
+ 
+ 	return wpas_dbus_simple_array_property_getter(iter,
+ 						      DBUS_TYPE_STRING,
+@@ -4491,7 +4493,7 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(
+ 	DBusMessageIter iter_dict, variant_iter;
+ 	const char *group;
+ 	const char *pairwise[5]; /* max 5 pairwise ciphers is supported */
+-	const char *key_mgmt[15]; /* max 15 key managements may be supported */
++	const char *key_mgmt[16]; /* max 16 key managements may be supported */
+ 	int n;
+ 
+ 	if (!dbus_message_iter_open_container(iter, DBUS_TYPE_VARIANT,
+@@ -4544,6 +4546,10 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(
+ 	if (ie_data->key_mgmt & WPA_KEY_MGMT_FT_SAE)
+ 		key_mgmt[n++] = "ft-sae";
+ #endif /* CONFIG_SAE */
++#ifdef CONFIG_OWE
++	if (ie_data->key_mgmt & WPA_KEY_MGMT_OWE)
++		key_mgmt[n++] = "owe";
++#endif /* CONFIG_OWE */
+ 	if (ie_data->key_mgmt & WPA_KEY_MGMT_NONE)
+ 		key_mgmt[n++] = "wpa-none";
+ 
+-- 
+2.26.2
+
diff --git a/wpa_supplicant-config.patch b/wpa_supplicant-config.patch
index 632d032..6eddd30 100644
--- a/wpa_supplicant-config.patch
+++ b/wpa_supplicant-config.patch
@@ -4,11 +4,9 @@ Date: Fri, 6 Sep 2019 09:46:00 +0200
 Subject: [PATCH] defconfig: Fedora configuration
 
 ---
- wpa_supplicant/defconfig | 13 +++++++------
- 1 file changed, 7 insertions(+), 6 deletions(-)
+ wpa_supplicant/defconfig | 16 +++++++++-------
+ 1 file changed, 9 insertions(+), 7 deletions(-)
 
-diff --git a/wpa_supplicant/defconfig b/wpa_supplicant/defconfig
-index cdfb197..83c992a 100644
 --- a/wpa_supplicant/defconfig
 +++ b/wpa_supplicant/defconfig
 @@ -77,7 +77,7 @@ CONFIG_DRIVER_WIRED=y
@@ -73,7 +71,7 @@ index cdfb197..83c992a 100644
  
  # Background scanning modules
  # These can be used to request wpa_supplicant to perform background scanning
-@@ -607,7 +608,7 @@ CONFIG_BGSCAN_SIMPLE=y
+@@ -607,9 +608,10 @@ CONFIG_BGSCAN_SIMPLE=y
  
  # Opportunistic Wireless Encryption (OWE)
  # Experimental implementation of draft-harkins-owe-07.txt
@@ -82,6 +80,6 @@ index cdfb197..83c992a 100644
  
  # Device Provisioning Protocol (DPP)
  # This requires CONFIG_IEEE80211W=y to be enabled, too. (see
--- 
-2.21.0
-
+ # wpa_supplicant/README-DPP for details)
+ CONFIG_DPP=y
++CONFIG_SUITEB192=y
diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec
index 0a5f6ac..c8c0c66 100644
--- a/wpa_supplicant.spec
+++ b/wpa_supplicant.spec
@@ -9,7 +9,7 @@ Summary: WPA/WPA2/IEEE 802.1X Supplicant
 Name: wpa_supplicant
 Epoch: 1
 Version: 2.9
-Release: 7%{?dist}
+Release: 10%{?dist}
 License: BSD
 Source0: http://w1.fi/releases/%{name}-%{version}.tar.gz
 Source1: wpa_supplicant.conf
@@ -37,6 +37,12 @@ Patch6: 0001-P2P-Always-use-global-p2p_long_listen.patch
 Patch7: 0001-D-Bus-Fix-P2P-NULL-dereference-after-interface-remov.patch
 Patch8: 0001-p2p-Limit-P2P_DEVICE-name-to-appropriate-ifname-size.patch
 
+#fix for bz1915236
+Patch9: 0001-D-Bus-Allow-changing-an-interface-bridge-via-D-Bus.patch
+
+#expose OWE capability in D-Bus
+Patch10: 0001-dbus-Export-OWE-capability-and-OWE-BSS-key_mgmt.patch
+
 URL: http://w1.fi/wpa_supplicant/
 
 %if %with gui
@@ -196,6 +202,16 @@ chmod -R 0644 wpa_supplicant/examples/*.py
 
 
 %changelog
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.9-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Fri Jan 22 2021 Davide Caratti <dcaratti@redhat.com> - 1:2.9-9
+- Expose OWE capability on D-Bus
+- Allow changing interface bridge using D-Bus
+
+* Thu Dec 17 2020 Antonio Cardace <acardace@redhat.com> - 1:2.9-8
+- Enable WPA-EAP-SUITE-B-192 cipher suite
+
 * Thu Dec 17 2020 Davide Caratti <dcaratti@redhat.com> - 1:2.9-7
 - fix build on ELN target (rh #1902609)