1
#! /bin/sh /usr/share/dpatch/dpatch-run
2
## 20_comment_config.dpatch by <kyle@debian.org>
4
## All lines beginning with `## DP:' are a description of the patch.
8
diff -urNad wpasupplicant-0.4.7~/wpa_supplicant.conf wpasupplicant-0.4.7/wpa_supplicant.conf
9
--- wpasupplicant-0.4.7~/wpa_supplicant.conf 2005-10-26 23:15:58.000000000 -0400
10
+++ wpasupplicant-0.4.7/wpa_supplicant.conf 2006-01-28 14:08:43.526236750 -0500
12
# They are both from the opensc project (http://www.opensc.org/)
13
# By default no engines are loaded.
14
# make the opensc engine available
15
-opensc_engine_path=/usr/lib/opensc/engine_opensc.so
17
+# Debian note: Must install libengine-pkcs11-openssl otherwise
18
+# loading the following will cause wpasupplicant to fail.
20
+#opensc_engine_path=/usr/lib/opensc/engine_opensc.so
21
# make the pkcs11 engine available
22
-pkcs11_engine_path=/usr/lib/opensc/engine_pkcs11.so
23
+#pkcs11_engine_path=/usr/lib/opensc/engine_pkcs11.so
24
# configure the path to the pkcs11 module required by the pkcs11 engine
25
-pkcs11_module_path=/usr/lib/pkcs11/opensc-pkcs11.so
26
+#pkcs11_module_path=/usr/lib/pkcs11/opensc-pkcs11.so
28
# Driver interface parameters
29
# This field can be used to configure arbitrary driver interace parameters. The
30
@@ -346,272 +350,273 @@
33
# Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid ciphers
36
- psk="very secret passphrase"
41
+# psk="very secret passphrase"
45
# Same as previous, but request SSID-specific scanning (for APs that reject
50
- psk="very secret passphrase"
56
+# psk="very secret passphrase"
60
# Only WPA-PSK is used. Any valid cipher combination is accepted.
66
- group=CCMP TKIP WEP104 WEP40
67
- psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb
75
+# group=CCMP TKIP WEP104 WEP40
76
+# psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb
80
# Only WPA-EAP is used. Both CCMP and TKIP is accepted. An AP that used WEP104
81
# or WEP40 as the group cipher will not be accepted.
89
- identity="user@example.com"
90
- ca_cert="/etc/cert/ca.pem"
91
- client_cert="/etc/cert/user.pem"
92
- private_key="/etc/cert/user.prv"
93
- private_key_passwd="password"
100
+# pairwise=CCMP TKIP
103
+# identity="user@example.com"
104
+# ca_cert="/etc/cert/ca.pem"
105
+# client_cert="/etc/cert/user.pem"
106
+# private_key="/etc/cert/user.prv"
107
+# private_key_passwd="password"
111
# EAP-PEAP/MSCHAPv2 configuration for RADIUS servers that use the new peaplabel
117
- identity="user@example.com"
119
- ca_cert="/etc/cert/ca.pem"
120
- phase1="peaplabel=1"
121
- phase2="auth=MSCHAPV2"
128
+# identity="user@example.com"
130
+# ca_cert="/etc/cert/ca.pem"
131
+# phase1="peaplabel=1"
132
+# phase2="auth=MSCHAPV2"
136
# EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity for the
137
# unencrypted use. Real identity is sent only within an encrypted TLS tunnel.
142
- identity="user@example.com"
143
- anonymous_identity="anonymous@example.com"
145
- ca_cert="/etc/cert/ca.pem"
152
+# identity="user@example.com"
153
+# anonymous_identity="anonymous@example.com"
155
+# ca_cert="/etc/cert/ca.pem"
159
# EAP-TTLS/MSCHAPv2 configuration with anonymous identity for the unencrypted
160
# use. Real identity is sent only within an encrypted TLS tunnel.
165
- identity="user@example.com"
166
- anonymous_identity="anonymous@example.com"
168
- ca_cert="/etc/cert/ca.pem"
169
- phase2="auth=MSCHAPV2"
175
+# identity="user@example.com"
176
+# anonymous_identity="anonymous@example.com"
178
+# ca_cert="/etc/cert/ca.pem"
179
+# phase2="auth=MSCHAPV2"
182
# WPA-EAP, EAP-TTLS with different CA certificate used for outer and inner
188
- # Phase1 / outer authentication
189
- anonymous_identity="anonymous@example.com"
190
- ca_cert="/etc/cert/ca.pem"
191
- # Phase 2 / inner authentication
192
- phase2="autheap=TLS"
193
- ca_cert2="/etc/cert/ca2.pem"
194
- client_cert2="/etc/cer/user.pem"
195
- private_key2="/etc/cer/user.prv"
196
- private_key2_passwd="password"
203
+# # Phase1 / outer authentication
204
+# anonymous_identity="anonymous@example.com"
205
+# ca_cert="/etc/cert/ca.pem"
206
+# # Phase 2 / inner authentication
207
+# phase2="autheap=TLS"
208
+# ca_cert2="/etc/cert/ca2.pem"
209
+# client_cert2="/etc/cer/user.pem"
210
+# private_key2="/etc/cer/user.prv"
211
+# private_key2_passwd="password"
215
# Both WPA-PSK and WPA-EAP is accepted. Only CCMP is accepted as pairwise and
219
- bssid=00:11:22:33:44:55
221
- key_mgmt=WPA-PSK WPA-EAP
224
- psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb
228
+# bssid=00:11:22:33:44:55
230
+# key_mgmt=WPA-PSK WPA-EAP
233
+# psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb
236
# Special characters in SSID, so use hex string. Default to WPA-PSK, WPA-EAP
237
# and all valid ciphers.
240
- psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
244
+# psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
248
# EAP-SIM with a GSM SIM or USIM
250
- ssid="eap-sim-test"
257
+# ssid="eap-sim-test"
267
- ssid="eap-psk-test"
270
- identity="eap_psk_user"
271
- eappsk=06b4be19da289f475aa46a33cb793029
272
- nai="eap_psk_user@example.com"
275
+# ssid="eap-psk-test"
278
+# identity="eap_psk_user"
279
+# eappsk=06b4be19da289f475aa46a33cb793029
280
+# nai="eap_psk_user@example.com"
284
# IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using
285
# EAP-TLS for authentication and key generation; require both unicast and
286
# broadcast WEP keys.
291
- identity="user@example.com"
292
- ca_cert="/etc/cert/ca.pem"
293
- client_cert="/etc/cert/user.pem"
294
- private_key="/etc/cert/user.prv"
295
- private_key_passwd="password"
300
+# key_mgmt=IEEE8021X
302
+# identity="user@example.com"
303
+# ca_cert="/etc/cert/ca.pem"
304
+# client_cert="/etc/cert/user.pem"
305
+# private_key="/etc/cert/user.prv"
306
+# private_key_passwd="password"
311
# LEAP with dynamic WEP keys
313
- ssid="leap-example"
320
+# ssid="leap-example"
321
+# key_mgmt=IEEE8021X
327
# EAP-FAST with WPA (WPA or WPA2)
329
- ssid="eap-fast-test"
332
- anonymous_identity="FAST-000102030405"
333
- identity="username"
334
- password="password"
335
- phase1="fast_provisioning=1"
336
- pac_file="/etc/wpa_supplicant.eap-fast-pac"
338
+# Debian note, EAP-FAST requires recompile of OpenSSL
340
+# ssid="eap-fast-test"
343
+# anonymous_identity="FAST-000102030405"
344
+# identity="username"
345
+# password="password"
346
+# phase1="fast_provisioning=1"
347
+# pac_file="/etc/wpa_supplicant.eap-fast-pac"
351
- ssid="eap-fast-test"
354
- anonymous_identity="FAST-000102030405"
355
- identity="username"
356
- password="password"
357
- phase1="fast_provisioning=1"
358
- pac_file="blob://eap-fast-pac"
361
+# ssid="eap-fast-test"
364
+# anonymous_identity="FAST-000102030405"
365
+# identity="username"
366
+# password="password"
367
+# phase1="fast_provisioning=1"
368
+# pac_file="blob://eap-fast-pac"
371
# Plaintext connection (no WPA, no IEEE 802.1X)
373
- ssid="plaintext-test"
377
+# ssid="plaintext-test"
382
# Shared WEP key connection (no WPA, no IEEE 802.1X)
384
- ssid="static-wep-test"
387
- wep_key1=0102030405
388
- wep_key2="1234567890123"
393
+# ssid="static-wep-test"
396
+# wep_key1=0102030405
397
+# wep_key2="1234567890123"
403
# Shared WEP key connection (no WPA, no IEEE 802.1X) using Shared Key
404
# IEEE 802.11 authentication
406
- ssid="static-wep-test2"
409
- wep_key1=0102030405
410
- wep_key2="1234567890123"
416
+# ssid="static-wep-test2"
419
+# wep_key1=0102030405
420
+# wep_key2="1234567890123"
427
# IBSS/ad-hoc network with WPA-None/TKIP.
435
- psk="secret passphrase"
444
+# psk="secret passphrase"
448
# Catch all example that allows more or less all configuration modes
452
- key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE
454
- group=CCMP TKIP WEP104 WEP40
455
- psk="very secret passphrase"
457
- identity="user@example.com"
459
- ca_cert="/etc/cert/ca.pem"
460
- client_cert="/etc/cert/user.pem"
461
- private_key="/etc/cert/user.prv"
462
- private_key_passwd="password"
463
- phase1="peaplabel=0"
468
+# key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE
469
+# pairwise=CCMP TKIP
470
+# group=CCMP TKIP WEP104 WEP40
471
+# psk="very secret passphrase"
473
+# identity="user@example.com"
475
+# ca_cert="/etc/cert/ca.pem"
476
+# client_cert="/etc/cert/user.pem"
477
+# private_key="/etc/cert/user.prv"
478
+# private_key_passwd="password"
479
+# phase1="peaplabel=0"
482
# Example of EAP-TLS with smartcard (openssl engine)
490
- identity="user@example.com"
491
- ca_cert="/etc/cert/ca.pem"
492
- client_cert="/etc/cert/user.pem"
498
+# pairwise=CCMP TKIP
500
+# identity="user@example.com"
501
+# ca_cert="/etc/cert/ca.pem"
502
+# client_cert="/etc/cert/user.pem"
507
# The engine configured here must be available. Look at
508
# OpenSSL engine support in the global section.
509
@@ -623,27 +628,27 @@
512
# use the pkcs11 engine
515
+# engine_id="pkcs11"
518
# Optional PIN configuration; this can be left out and PIN will be
519
# asked through the control interface
525
# Example configuration showing how to use an inlined blob as a CA certificate
526
# data instead of using external file
531
- identity="user@example.com"
532
- anonymous_identity="anonymous@example.com"
534
- ca_cert="blob://exampleblob"
541
+# identity="user@example.com"
542
+# anonymous_identity="anonymous@example.com"
544
+# ca_cert="blob://exampleblob"
548
-blob-base64-exampleblob={
549
-SGVsbG8gV29ybGQhCg==
551
+#blob-base64-exampleblob={
552
+#SGVsbG8gV29ybGQhCg==