# Maintainer: Natanael Copa pkgname=hostapd pkgver=2.8 pkgrel=2 pkgdesc="daemon for wireless software access points" url="http://hostap.epitest.fi/hostapd/" arch="all" license="custom" makedepends="openssl-dev libnl3-dev linux-headers" subpackages="$pkgname-doc $pkgname-openrc" patches="0001-SAE-Use-const_time_memcmp-for-pwd_value-prime-compar.patch 0002-EAP-pwd-Use-const_time_memcmp-for-pwd_value-prime-co.patch 0003-OpenSSL-Use-BN_bn2binpad-or-BN_bn2bin_padded-if-avai.patch 0004-SAE-Run-through-prf-result-processing-even-if-it-pri.patch 0005-EAP-pwd-Run-through-prf-result-processing-even-if-it.patch 0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch CVE-2019-16275.patch " source="http://hostap.epitest.fi/releases/$pkgname-$pkgver.tar.gz $patches $pkgname.initd $pkgname.confd" options="!check" #no testsuite builddir="$srcdir"/$pkgname-$pkgver/hostapd # secfixes: # 2.8-r2: # - CVE-2019-16275 # 2.8-r1: # - CVE-2019-13377 # 2.8-r0: # - CVE-2019-11555 # - CVE-2019-9496 # 2.7-r0: # - CVE-2017-13082 # 2.6-r2: # - CVE-2017-13077 # - CVE-2017-13078 # - CVE-2017-13079 # - CVE-2017-13080 # - CVE-2017-13081 # - CVE-2017-13082 # - CVE-2017-13086 # - CVE-2017-13087 # - CVE-2017-13088 prepare() { local conf="$builddir/.config" cd "$builddir"/.. for i in $patches; do msg $i patch -p1 -i "$srcdir"/$i done cd "$builddir" sed -i -e "s:/etc/hostapd:/etc/hostapd/hostapd:g" \ hostapd.conf # toolchain setup sed \ -e '/^#CONFIG_DRIVER_NL80211=y/s/^#//' \ -e '/^#CONFIG_RADIUS_SERVER=y/s/^#//' \ -e '/^#CONFIG_DRIVER_WIRED=y/s/^#//' \ -e '/^#CONFIG_DRIVER_NONE=y/s/^#//' \ -e '/^#CONFIG_IEEE80211N=y/s/^#//' \ -e '/^#CONFIG_IEEE80211R=y/s/^#//' \ -e '/^#CONFIG_IEEE80211AC=y/s/^#//' \ -e '/^#CONFIG_FULL_DYNAMIC_VLAN=y/s/^#//' \ -e '/^#CONFIG_LIBNL32=y/s/^#//' \ -e '/^#CONFIG_ACS=y/s/^#//' \ defconfig >> .config echo "CC ?= ${CC:-gcc}" >> .config echo "CFLAGS += -I/usr/include/libnl3" >> .config echo "LIBS += -L/usr/lib" >> .config } build() { cd "$builddir" make msg "nt_password_hash" make nt_password_hash } package() { cd "$builddir" install -d "$pkgdir"/etc/hostapd install hostapd.conf hostapd.accept hostapd.deny hostapd.eap_user \ hostapd.radius_clients hostapd.sim_db hostapd.wpa_psk \ "$pkgdir"/etc/hostapd/ install -Dm755 hostapd "$pkgdir"/usr/sbin/hostapd \ && install -Dm755 hostapd_cli "$pkgdir"/usr/bin/hostapd_cli \ && install -Dm755 nt_password_hash \ "$pkgdir"/usr/bin/nt_password_hash \ && install -Dm755 "$srcdir"/hostapd.initd \ "$pkgdir"/etc/init.d/hostapd \ && install -Dm644 "$srcdir"/hostapd.confd \ "$pkgdir"/etc/conf.d/hostapd \ && install -Dm644 hostapd.8 \ "$pkgdir"/usr/share/man/man8/hostapd.8 \ && install -Dm644 hostapd_cli.1 \ "$pkgdir"/usr/share/man/man1/hostapd_cli } sha512sums="5a352517470912bcb87755a592238eac2d814a7089d4ba1ecb7969f172dbb746a4e9a6c0d47c0d7c4a6a86b04b14ac39147d729fdf3163371c1067490a4897aa hostapd-2.8.tar.gz 0dfc8728cfc3a86f7a182a7f71213b94f64880ee4470e2a939c83059df5af7a60d56ec0a8a5f2f717838995f4ef2c6a8fb909324875b0f12a52040239092d115 0001-SAE-Use-const_time_memcmp-for-pwd_value-prime-compar.patch 88b28f73267b5031417e527b4e2eea117e62649862bafbe99b83b77bade56612283279906c8d1a4c997fb8f32fc7a6cf8c88931a64e9520d1bf45fbdb0e6c381 0002-EAP-pwd-Use-const_time_memcmp-for-pwd_value-prime-co.patch 01389b9d3951bf1148894c0f4b45d22ef8352a8fe1090721d17216506581305726f6a6c0ebff88479e5342330e75fc04db9201d7d65d4cc6b01a5f7258dc26f9 0003-OpenSSL-Use-BN_bn2binpad-or-BN_bn2bin_padded-if-avai.patch 1fabc83a5e05ce3d09c89e37365d038bd0eec3a76683966ad172eac3c2c884dbc24fc6ca11c27a8f4582e886d0f1cde73bbede4484352b42a3f686d89d088fff 0004-SAE-Run-through-prf-result-processing-even-if-it-pri.patch bcae73930c35d441c5615970c305abb3dff293fdec16df50823e57419b22d1aac0e780970619e0c78b4482b7d07962bcf6162706a20e20f7b21a3a10f500eff1 0005-EAP-pwd-Run-through-prf-result-processing-even-if-it.patch 4734a8ab8ba1e91fc9e3d729f34527c14c291df238b02adea5acc04b0361b41d4bffca2fb13a4f464e9f007fa624117af4f50d755cb41a3129b4868da91bdf9a 0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch 63710cfb0992f2c346a9807d8c97cbeaed032fa376a0e93a2e56f7742ce515e9c4dfadbdb1af03ba272281f639aab832f0178f67634c222a5d99e1d462aa9e38 CVE-2019-16275.patch b54b7c6aa17e5cb86a9b354a516eb2dbefb544df18471339c61d82776de447011a2ac290bea1e6c8beae4b6cebefafb8174683ea42fb773e9e8fe6c679f33ba3 hostapd.initd 0882263bbd7c0b05bf51f51d66e11a23a0b8ca7da2a3b8a30166d2c5f044c0c134e6bccb1d02c9e81819ca8fb0c0fb55c7121a08fe7233ccaa73ff8ab9a238fe hostapd.confd"