# Maintainer: Natanael Copa pkgname=hostapd pkgver=2.6 pkgrel=5 pkgdesc="daemon for wireless software access points" url="http://hostap.epitest.fi/hostapd/" arch="all" license="custom" makedepends="openssl-dev libnl3-dev linux-headers" subpackages="$pkgname-doc" patches="CVE-2012-4445.patch libressl.patch 0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch 0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch 0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch 0004-Prevent-installation-of-an-all-zero-TK.patch 0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch 0006-TDLS-Reject-TPK-TK-reconfiguration.patch 0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch " source="http://hostap.epitest.fi/releases/$pkgname-$pkgver.tar.gz $patches $pkgname.initd $pkgname.confd" options="!check" #no testsuite builddir="$srcdir"/$pkgname-$pkgver/hostapd # secfixes: # 2.6-r2: # - CVE-2017-13077 # - CVE-2017-13078 # - CVE-2017-13079 # - CVE-2017-13080 # - CVE-2017-13081 # - CVE-2017-13082 # - CVE-2017-13086 # - CVE-2017-13087 # - CVE-2017-13088 prepare() { local conf="$builddir/.config" cd "$builddir"/.. for i in $patches; do msg $i patch -p1 -i "$srcdir"/$i done cd "$builddir" sed -i -e "s:/etc/hostapd:/etc/hostapd/hostapd:g" \ hostapd.conf # toolchain setup sed \ -e '/^#CONFIG_DRIVER_NL80211=y/s/^#//' \ -e '/^#CONFIG_RADIUS_SERVER=y/s/^#//' \ -e '/^#CONFIG_DRIVER_WIRED=y/s/^#//' \ -e '/^#CONFIG_DRIVER_NONE=y/s/^#//' \ -e '/^#CONFIG_IEEE80211N=y/s/^#//' \ -e '/^#CONFIG_IEEE80211R=y/s/^#//' \ -e '/^#CONFIG_IEEE80211AC=y/s/^#//' \ -e '/^#CONFIG_FULL_DYNAMIC_VLAN=y/s/^#//' \ -e '/^#CONFIG_LIBNL32=y/s/^#//' \ -e '/^#CONFIG_ACS=y/s/^#//' \ defconfig >> .config echo "CC ?= ${CC:-gcc}" >> .config echo "CFLAGS += -I/usr/include/libnl3" >> .config echo "LIBS += -L/usr/lib" >> .config } build() { cd "$builddir" make msg "nt_password_hash" make nt_password_hash } package() { cd "$builddir" install -d "$pkgdir"/etc/hostapd install hostapd.conf hostapd.accept hostapd.deny hostapd.eap_user \ hostapd.radius_clients hostapd.sim_db hostapd.wpa_psk \ "$pkgdir"/etc/hostapd/ install -Dm755 hostapd "$pkgdir"/usr/sbin/hostapd \ && install -Dm755 hostapd_cli "$pkgdir"/usr/bin/hostapd_cli \ && install -Dm755 nt_password_hash \ "$pkgdir"/usr/bin/nt_password_hash \ && install -Dm755 "$srcdir"/hostapd.initd \ "$pkgdir"/etc/init.d/hostapd \ && install -Dm644 "$srcdir"/hostapd.confd \ "$pkgdir"/etc/conf.d/hostapd \ && install -Dm644 hostapd.8 \ "$pkgdir"/usr/share/man/man8/hostapd.8 \ && install -Dm644 hostapd_cli.1 \ "$pkgdir"/usr/share/man/man1/hostapd_cli } sha512sums="e60baaa092786250b8de9935f5417c7626f5d749210cce9f83d776b65c19fc92a8141f41923389f05c16295d482a15ae8d8b744f4667425040c99e3c2f5b1bda hostapd-2.6.tar.gz 619acce84516dead1e03e5da71657ea4c4b6f3ca8271574409773aeb316cbddc88095b50320804f457f001f4f3fe83053e660c008d8409f59bb4d3bfe058b601 CVE-2012-4445.patch e9fe8cf40150e6c92c56401dbc5dbbcd287dd9f4b02e65e6a476d5cce0996af34e562f568beda29d808213cd89c2d0a2f5931c1f93853d0dcbbbc502d992c21f libressl.patch f855fa792425f175ccc800eb49df42067b1c1f4b52ba2d24160af4dfbb74dcf8e81661b7e6c8d92fa408938b8a559fc74557d1677913e4a751bfd43706c14bb6 0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch b4e413aa815572ea0002d33d24b69cd499aebb5efebed8fcaade8b29324bb5853a5db64e8b1dfdf24478e02c66196238b81a6ec777a7a28610435dce4d2c344e 0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch a6382d8e84b4829be33c46bf2f4c6f3232c9d924a4547a21dfe023bf5be8ee1c635920295f52be285359efaae95bcc1f12b512659cfd1653b871dd0bea7e5ace 0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch 51ed806f0d5b3f588e26d4db4dcfc6be2cfb12002e26893a6cedd62c7cad0d0de75aed4a666223c4877fc1854b08dce6ddf6f6c4cfd752a5d8d58ad4a968b553 0004-Prevent-installation-of-an-all-zero-TK.patch 8707a123cd78149dfee9f5bd791761ee1eca605ef96580167044c2339c896920cf0e030b184a5afa9e310f5755afb30bef8ebd4522fc52753f3fbd6acead2cdf 0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch 37d050b2e4a3598484912667d8b2705fbe84c5c562267f900d42b0c7b606fb1fed09ddca8b80e2131768baa8f3690aab6ba7a232dee6ff1e66150fdb8816c927 0006-TDLS-Reject-TPK-TK-reconfiguration.patch fc84edd8b30305cc42053c872554098f3f077292ec980ed6a442f37884087ff2f055738fd55977ed792bef1887dcc8c4626586465d78dd0258edb83dcd50a65a 0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch b54b7c6aa17e5cb86a9b354a516eb2dbefb544df18471339c61d82776de447011a2ac290bea1e6c8beae4b6cebefafb8174683ea42fb773e9e8fe6c679f33ba3 hostapd.initd 0882263bbd7c0b05bf51f51d66e11a23a0b8ca7da2a3b8a30166d2c5f044c0c134e6bccb1d02c9e81819ca8fb0c0fb55c7121a08fe7233ccaa73ff8ab9a238fe hostapd.confd"