blob: 1dba52de1087a3a550b7417669114305ad423ad4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
|
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wpa_supplicant
pkgver=2.4
pkgrel=3
pkgdesc="A utility providing key negotiation for WPA wireless networks"
url="http://hostap.epitest.fi/wpa_supplicant"
arch="all"
license="BSD"
subpackages="$pkgname-doc $pkgname-gui"
depends="dbus"
makedepends="openssl-dev dbus-dev libnl3-dev qt-dev"
source="http://hostap.epitest.fi/releases/$pkgname-$pkgver.tar.gz
CVE-2015-1863.patch
CVE-2015-4141.patch
CVE-2015-4142.patch
0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch
0002-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch
0003-Remove-newlines-from-wpa_supplicant-config-network-o.patch
0004-Reject-SET_CRED-commands-with-newline-characters-in-.patch
0005-Reject-SET-commands-with-newline-characters-in-the-s.patch
wpa_supplicant.initd
wpa_supplicant.confd
"
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
cd "$_builddir"
for i in $source; do
case $i in
*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
esac
done
cd "$_builddir"/wpa_supplicant
# Toolchain setup
echo "CC = ${CC:-gcc}" > .config
# Basic setup
echo "CONFIG_CTRL_IFACE=y" >> .config
# dbus support
echo "CONFIG_CTRL_IFACE_DBUS=y" >> .config
echo "CONFIG_CTRL_IFACE_DBUS_NEW=y" >> .config
echo "CONFIG_CTRL_IFACE_DBUS_INTRO=y" >> .config
echo "CONFIG_BACKEND=file" >> .config
# Basic authentication methods
# NOTE: we don't set GPSK or SAKE as they conflict
# with the below options
echo "CONFIG_EAP_GTC=y" >> .config
echo "CONFIG_EAP_MD5=y" >> .config
echo "CONFIG_EAP_OTP=y" >> .config
echo "CONFIG_EAP_PAX=y" >> .config
echo "CONFIG_EAP_PSK=y" >> .config
echo "CONFIG_EAP_TLV=y" >> .config
echo "CONFIG_IEEE8021X_EAPOL=y" >> .config
echo "CONFIG_PKCS12=y" >> .config
echo "CONFIG_PEERKEY=y" >> .config
echo "CONFIG_EAP_LEAP=y" >> .config
echo "CONFIG_EAP_MSCHAPV2=y" >> .config
echo "CONFIG_EAP_PEAP=y" >> .config
echo "CONFIG_EAP_TLS=y" >> .config
echo "CONFIG_EAP_TTLS=y" >> .config
# debug
# echo "CONFIG_DEBUG_FILE=y" >> .config
# Smart card authentication
#echo "CONFIG_EAP_SIM=y" >> .config
#echo "CONFIG_EAP_AKA=y" >> .config
#echo "CONFIG_EAP_AKA_PRIME=y" >> .config
#echo "CONFIG_PCSC=y" >> .config
# readline/history support for wpa_cli
#echo "CONFIG_READLINE=y" >> .config
# SSL authentication methods
echo "CONFIG_TLS=openssl" >> .config
echo "CONFIG_SMARTCARD=y" >> .config
# use gnutls
# echo "CONFIG_TLS=gnutls" >> .config
# echo "CONFIG_GNUTLS_EXTRA=y" >> .config
#echo "CONFIG_TLS=internal" >> .config
# Linux specific drivers
echo "CONFIG_DRIVER_ATMEL=y" >> .config
#echo "CONFIG_DRIVER_BROADCOM=y" >> .config
#echo "CONFIG_DRIVER_HERMES=y" >> .config
echo "CONFIG_DRIVER_HOSTAP=y" >> .config
echo "CONFIG_DRIVER_IPW=y" >> .config
echo "CONFIG_DRIVER_NDISWRAPPER=y" >> .config
echo "CONFIG_DRIVER_NL80211=y" >> .config
#echo "CONFIG_DRIVER_PRISM54=y" >> .config
echo "CONFIG_DRIVER_RALINK=y" >> .config
echo "CONFIG_DRIVER_WEXT=y" >> .config
echo "CONFIG_DRIVER_WIRED=y" >> .config
# Add include path for madwifi-driver headers
#echo "CFLAGS += -I/usr/include/madwifi" >> .config
#echo "CONFIG_DRIVER_MADWIFI=y" >> .config
# Wi-Fi Protected Setup (WPS)
echo "CONFIG_WPS=y" >> .config
# Enable mitigation against certain attacks against TKIP
echo "CONFIG_DELAYED_MIC_ERROR_REPORT=y" >> .config
echo "CONFIG_WPS2=y" >> .config
echo "CONFIG_AP=y" >> .config
echo "CONFIG_P2P=y" >> .config
echo "CONFIG_LIBNL32=y" >> .config
}
build() {
cd "$_builddir"/wpa_supplicant
make LIBDIR=/lib BINDIR=/sbin || return 1
# comment out the network={ } stansas in config
sed -i -e '/^network=/,/}/s/^/#/' \
-e '/^freq_list/s/^/#/' \
wpa_supplicant.conf
make wpa_gui-qt4 || return 1
make eapol_test || return 1
}
package() {
cd "$_builddir"/wpa_supplicant
make DESTDIR="$pkgdir" LIBDIR=/lib BINDIR=/sbin install || return 1
install -Dm644 wpa_supplicant.conf \
"$pkgdir"/etc/wpa_supplicant/wpa_supplicant.conf
install -Dm644 doc/docbook/wpa_supplicant.conf.5 \
"$pkgdir"/usr/share/man/man5/wpa_supplicant.conf.5 || return 1
for i in wpa_background wpa_cli wpa_passphrase wpa_supplicant; do
install -Dm644 doc/docbook/$i.8 \
"$pkgdir"/usr/share/man/man8/$i.8 || return 1
done
install -Dm755 eapol_test "$pkgdir"/sbin/eapol_test || return 1
# gui
install -d "$pkgdir"/usr/bin
install -m 0755 wpa_gui-qt4/wpa_gui "$pkgdir"/usr/bin/wpa_gui \
|| return 1
# dbus
cd dbus || return 1
install -d "$pkgdir"/etc/dbus-1/system.d
install dbus-wpa_supplicant.conf \
"$pkgdir"/etc/dbus-1/system.d/wpa_supplicant.conf || return 1
install -d "$pkgdir"/usr/share/dbus-1/system-services
install fi.epitest.hostap.WPASupplicant.service \
"$pkgdir"/usr/share/dbus-1/system-services || return 1
install -d "$pkgdir"/var/run/wpa_supplicant
install -Dm755 "$srcdir"/wpa_supplicant.initd \
"$pkgdir"/etc/init.d/wpa_supplicant || return 1
install -Dm755 "$srcdir"/wpa_supplicant.confd \
"$pkgdir"/etc/conf.d/wpa_supplicant || return 1
}
gui() {
pkgdesc="Grafical User Interface for $pkgname"
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/wpa_gui "$subpkgdir"/usr/bin/
}
md5sums="f0037dbe03897dcaf2ad2722e659095d wpa_supplicant-2.4.tar.gz
8e8c34267fefcc4142ee142e5515b5df CVE-2015-1863.patch
222ec96a8dc73c41608cc463beac3966 CVE-2015-4141.patch
d3688697f81ca1e684a79dfa3682a111 CVE-2015-4142.patch
87d611a9b704402f66fa59ba1458928d 0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
bafcec421e4f5c6a8383893d029a79e5 0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
fa2aed3cf49f7e6c7b17bf9db9a001f5 0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
de0fca4d74a1883d15ef5754f13a5226 0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
9d854969af23b207f9f3dff38ef78770 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
09372e008bac7534dc807b3740e35fe6 0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch
a6d17283765f2960795bded4617ec550 0002-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch
80751055600b8531c6c29e363bec9655 0003-Remove-newlines-from-wpa_supplicant-config-network-o.patch
6bfadc32cb5d6135f9dce5247909be9a 0004-Reject-SET_CRED-commands-with-newline-characters-in-.patch
9aed57628300f6930227b7bb28fdfcff 0005-Reject-SET-commands-with-newline-characters-in-the-s.patch
5ee64e2494a9e83740d2344dd5b9bb19 wpa_supplicant.initd
bc117427f2c538439f3f1481a028ee06 wpa_supplicant.confd"
sha256sums="058dc832c096139a059e6df814080f50251a8d313c21b13364c54a1e70109122 wpa_supplicant-2.4.tar.gz
a3abf75801f02199ff48c316a7b6598860e6ca20ce2fe79b0bec873905e5c8a4 CVE-2015-1863.patch
eb63d845fdc38b6310c527ad1705b6fe3b74f90e263188da2aca97468cc55142 CVE-2015-4141.patch
cc6c488afab4ccfdaedd9e224989b5fe713d6b0415ea94579190bd8ba60c9be5 CVE-2015-4142.patch
a204bc37f52e5346780a306c01706689eb46263dedcdcb1eb2f4c0b291a0db93 0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
298fc3b89f987922fb2600d0c95e8c868d6da30d24643748afd47bcd30da7b44 0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
2fd42fb53be793c54343aa18a84afebe4603aa6ce8b6969ad6b3a8d327c6b142 0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
c28ca6303a562809dfd1812f9b918808b3b0f0c52cc43070fd1777e1cfc88f18 0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
04ef66fbd5b2167274cd7123d7f7252963b9a9c1ec2f5edf6558a6ad92d47689 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
560bab824aa2a0bbeb549e2d3df49b23aed1b1dd12ca8685eae16cc24669b077 0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch
a0af8c207a9224c110502670440bbce6f0a728fd9d954ae8f7450e97a8360bcb 0002-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch
ce022bee65f42a4ae061f390fc52c2b5123985d83755bb03118f901a851eafbe 0003-Remove-newlines-from-wpa_supplicant-config-network-o.patch
de254d80186a944e2dda73abcdcc66de46b1d2612eb9a1fb1bf3e8d83adbd7f1 0004-Reject-SET_CRED-commands-with-newline-characters-in-.patch
3ede8fd0fa72d7b675d91693a138c3aa8adb1f43ac7f251abc43038b57d83865 0005-Reject-SET-commands-with-newline-characters-in-the-s.patch
131828768c8f334b39bb5294398105ed4cd6d031908e6e9b00bb4a0938f5f7f2 wpa_supplicant.initd
61ec59007f66ac5bacc0aa095d1f2ccbc977a687038e161a463d1727223d5a90 wpa_supplicant.confd"
sha512sums="03d8199325b3910f77013ddb7edd803ab4444542230484e1cb465dc3df9372b39ee3307d823ce88730e8f5a5231ef3183954c54cf07297b70432f526e45aac2b wpa_supplicant-2.4.tar.gz
61f90d06bd42fb7ea17ba147db861303f5b1fdce2cda35492cec578214da5ea5d654a1df99dee4d4a0c07ef3e8b3bfb65ab4b98eff21c2013adf536766136ce1 CVE-2015-1863.patch
4633a96a91e151407e4c62b74b4e78d37e4fba586278c6ae4340ce149bee0c644a4d62675256839c3130374a4dc7531beaeed8282946e7dcd3faf1ed74bf99be CVE-2015-4141.patch
dc561d90f3f329ebb201abbb53eea161603fb2abba6b2fc5c79298d97c84f2d65d401608cd7bb2fb82abf909661c56699bf4bcbf902f6f8c7d5b1853b0277353 CVE-2015-4142.patch
9440f8d9d18d20b95d236c1a4467d86dfbbc17d8f26b0caa48d6737c6231d1ff14793c6fc8a1e4508f3ad38c9a5d710fd49b85c7de16634dbe6685af05f44f7c 0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
0887017bfdb4632baa49bb849b732eed7eec9a498247fdd5ef8448e4a6df10380c06d68fa706e0b2624c04eb6f5a327cdb71c5c71c3476dc383f889ee7372702 0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
341901aa94c44ae725b6d4dddac2a52b6457234189554fc282c9cf5fa0254125d7323553a7b8118f9a3e2020f039267ed4c912f84ac6f2cb12670b40c28ac652 0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
b752f91c3d6dcf0784d9cb20a0c7f8de6c837c38ff62cf77b136d9b818890b13f55eeed1d6097f244181b480be953e1bdfb5651116dc5d62a2d02c018e19042a 0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
07a21f0cc7d00e17bed8ef5ced36159020a410a4606aa0ca24e47223835ab0cc5fbeed3075c4f17d2ce1aee437eedf9fea8f4b95252b2fa255d54a195637cb6f 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
e9ae7a6504cd6376f0fb24f79a21bc3996732451b474fe186769e1b098e47fdaedb08167fd90de900eb961e148577f24f24770d94050e60daa3a3f8de36a92c8 0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch
b18f43bd301d54d5549a1bcb425c02d6cb1f27a0ee28bd0d4bf101f2953d9461a7aaff8b67b0377a5618bb5377aa04bb80eac9a632f22a0ae0e754ca394433ac 0002-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch
fba16df15bad5d5da9bd6e12afa8360e06749cfc711d7741a60a6d152c5b345cfb0f10a8b5f6252c57b01af783ea2d7024da3fc5357282e3524ebd9b592e857f 0003-Remove-newlines-from-wpa_supplicant-config-network-o.patch
02b618709800f1434f27660ff7f687a457500f4d266280e59619266558fc214651b0ab9fe206ce56d321477f7cacaff5bbbef1570fe7f7a5402536fa8024f4ff 0004-Reject-SET_CRED-commands-with-newline-characters-in-.patch
bb9d22f2d8f041c3d9705a3b15d07212f75315aa55a76b9094dae3008dd52b0afcc3c4fc939c3cab74860d26a6ac5915a39010ace5b8059f0aaee6e6a3698e2d 0005-Reject-SET-commands-with-newline-characters-in-the-s.patch
4a62879f6eb37226a2009a4bceb123c6e610c366c2369ee2fc84b66b79e8dddee5185a64cebe0331bafe13d61cf44c0bbbe3dce2620c0f4525c96afcb58dd362 wpa_supplicant.initd
29103161ec2b9631fca9e8d9a97fafd60ffac3fe78cf613b834395ddcaf8be1e253c22e060d7d9f9b974b2d7ce794caa932a2125e29f6494b75bce475f7b30e1 wpa_supplicant.confd"
|
