GNU bug report logs - #35563
WPA Supplicant 2.8

Previous Next

Package: guix-patches;

Reported by: Marius Bakke <mbakke <at> fastmail.com>

Date: Sat, 4 May 2019 16:27:02 UTC

Severity: normal

Done: Marius Bakke <mbakke <at> fastmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ludovic Courtès <ludo <at> gnu.org>
To: Marius Bakke <mbakke <at> fastmail.com>
Cc: 35563 <at> debbugs.gnu.org
Subject: [bug#35563] WPA Supplicant 2.8
Date: Tue, 07 May 2019 17:21:06 +0200

Hi,

Marius Bakke <mbakke <at> fastmail.com> skribis:

> Ludovic Courtès <ludo <at> gnu.org> writes:
>
>> Hello Marius,
>>
>> Marius Bakke <mbakke <at> fastmail.com> skribis:
>>
>>> Attached is a security update for WPA Supplicant.
>>>
>>> The new version toggles a lot of build-time options to more closely
>>> resemble what Debian and Arch do.  Unfortunately the new defaults
>>> appears to require OpenSSL instead of GnuTLS.
>>
>> What happens when you keep CONFIG_TLS=gnutls?
>
> The linker fails to find a lot of OpenSSL interfaces.  Short excerpt:
>
> ld: ../src/common/dpp.o: in function `dpp_set_pubkey_point':
> /tmp/guix-build-wpa-supplicant-2.8.drv-0/wpa_supplicant-2.8/wpa_supplicant/../src/common/dpp.c:538: undefined reference to `EVP_PKEY_get1_EC_KEY'
> ld: /tmp/guix-build-wpa-supplicant-2.8.drv-0/wpa_supplicant-2.8/wpa_supplicant/../src/common/dpp.c:545: undefined reference to `EC_KEY_get0_group'
> ld: /tmp/guix-build-wpa-supplicant-2.8.drv-0/wpa_supplicant-2.8/wpa_supplicant/../src/common/dpp.c:552: undefined reference to `EC_KEY_free'
>
> Omitting the OpenSSL input makes it fail earlier due to lack of headers.

OK.

>> This change is unrelated to the upgrade, right?  It would break Connman
>> (which expects to talk to wpa_supplicant over D-Bus), as well as
>> NetworkManager probably, no?  Or am I missing something?
>
> The distinguishing feature between "wpa-supplicant-minimal" and
> "wpa-supplicant" is D-Bus support.
>
> Upstream enabled D-Bus by default in version 2.8, so I toggled it back
> with the snippet above so "wpa-supplicant-minimal" stays the same.
>
> However I notice now that the new "wpa-supplicant-minimal" has D-Bus in
> its closure even though the D-Bus interface is disabled.
>
> So I'm not sure if it makes sense to have the separate -minimal variant
> anymore.  The size of both wpa-supplicant variants are 102.4MiB after
> this patch, down from 157.4 and 143.1 MiB on the Guix master branch.

Well you’re right, maybe it doesn’t make much sense to keep both
variants in that case.

So I guess you can go ahead and push so we can all test it in the coming
days!

Thanks,
Ludo’.
This bug report was last modified 6 years and 74 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.