blob: 43d76ab2165ff43f16c1e485903fe0c2e8fac265 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
|
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wpa_supplicant
pkgver=2.4
pkgrel=4
pkgdesc="A utility providing key negotiation for WPA wireless networks"
url="http://hostap.epitest.fi/wpa_supplicant"
arch="all"
license="BSD"
subpackages="$pkgname-doc $pkgname-gui"
depends="dbus"
makedepends="openssl-dev dbus-dev libnl3-dev qt-dev"
source="http://hostap.epitest.fi/releases/$pkgname-$pkgver.tar.gz
CVE-2015-1863.patch
CVE-2015-4141.patch
CVE-2015-4142.patch
0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
wpa_supplicant.initd
wpa_supplicant.confd
wpa_cli.sh
"
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
cd "$_builddir"
for i in $source; do
case $i in
*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
esac
done
cd "$_builddir"/wpa_supplicant
# Toolchain setup
echo "CC = ${CC:-gcc}" > .config
# Basic setup
echo "CONFIG_CTRL_IFACE=y" >> .config
# dbus support
echo "CONFIG_CTRL_IFACE_DBUS=y" >> .config
echo "CONFIG_CTRL_IFACE_DBUS_NEW=y" >> .config
echo "CONFIG_CTRL_IFACE_DBUS_INTRO=y" >> .config
echo "CONFIG_BACKEND=file" >> .config
# Basic authentication methods
# NOTE: we don't set GPSK or SAKE as they conflict
# with the below options
echo "CONFIG_EAP_GTC=y" >> .config
echo "CONFIG_EAP_MD5=y" >> .config
echo "CONFIG_EAP_OTP=y" >> .config
echo "CONFIG_EAP_PAX=y" >> .config
echo "CONFIG_EAP_PSK=y" >> .config
echo "CONFIG_EAP_TLV=y" >> .config
echo "CONFIG_IEEE8021X_EAPOL=y" >> .config
echo "CONFIG_PKCS12=y" >> .config
echo "CONFIG_PEERKEY=y" >> .config
echo "CONFIG_EAP_LEAP=y" >> .config
echo "CONFIG_EAP_MSCHAPV2=y" >> .config
echo "CONFIG_EAP_PEAP=y" >> .config
echo "CONFIG_EAP_TLS=y" >> .config
echo "CONFIG_EAP_TTLS=y" >> .config
# debug
# echo "CONFIG_DEBUG_FILE=y" >> .config
# Smart card authentication
#echo "CONFIG_EAP_SIM=y" >> .config
#echo "CONFIG_EAP_AKA=y" >> .config
#echo "CONFIG_EAP_AKA_PRIME=y" >> .config
#echo "CONFIG_PCSC=y" >> .config
# readline/history support for wpa_cli
#echo "CONFIG_READLINE=y" >> .config
# SSL authentication methods
echo "CONFIG_TLS=openssl" >> .config
echo "CONFIG_SMARTCARD=y" >> .config
# use gnutls
# echo "CONFIG_TLS=gnutls" >> .config
# echo "CONFIG_GNUTLS_EXTRA=y" >> .config
#echo "CONFIG_TLS=internal" >> .config
# Linux specific drivers
echo "CONFIG_DRIVER_ATMEL=y" >> .config
#echo "CONFIG_DRIVER_BROADCOM=y" >> .config
#echo "CONFIG_DRIVER_HERMES=y" >> .config
echo "CONFIG_DRIVER_HOSTAP=y" >> .config
echo "CONFIG_DRIVER_IPW=y" >> .config
echo "CONFIG_DRIVER_NDISWRAPPER=y" >> .config
echo "CONFIG_DRIVER_NL80211=y" >> .config
#echo "CONFIG_DRIVER_PRISM54=y" >> .config
echo "CONFIG_DRIVER_RALINK=y" >> .config
echo "CONFIG_DRIVER_WEXT=y" >> .config
echo "CONFIG_DRIVER_WIRED=y" >> .config
# Add include path for madwifi-driver headers
#echo "CFLAGS += -I/usr/include/madwifi" >> .config
#echo "CONFIG_DRIVER_MADWIFI=y" >> .config
# Wi-Fi Protected Setup (WPS)
echo "CONFIG_WPS=y" >> .config
# Enable mitigation against certain attacks against TKIP
echo "CONFIG_DELAYED_MIC_ERROR_REPORT=y" >> .config
echo "CONFIG_WPS2=y" >> .config
echo "CONFIG_AP=y" >> .config
echo "CONFIG_P2P=y" >> .config
echo "CONFIG_LIBNL32=y" >> .config
}
build() {
cd "$_builddir"/wpa_supplicant
make LIBDIR=/lib BINDIR=/sbin || return 1
# comment out the network={ } stansas in config
sed -i -e '/^network=/,/}/s/^/#/' \
-e '/^freq_list/s/^/#/' \
wpa_supplicant.conf
make wpa_gui-qt4 || return 1
make eapol_test || return 1
}
package() {
cd "$_builddir"/wpa_supplicant
make DESTDIR="$pkgdir" LIBDIR=/lib BINDIR=/sbin install || return 1
install -Dm644 wpa_supplicant.conf \
"$pkgdir"/etc/wpa_supplicant/wpa_supplicant.conf || return 1
install -Dm755 "$srcdir"/wpa_cli.sh \
"$pkgdir"/etc/wpa_supplicant/wpa_cli.sh || return 1
install -Dm644 doc/docbook/wpa_supplicant.conf.5 \
"$pkgdir"/usr/share/man/man5/wpa_supplicant.conf.5 || return 1
for i in wpa_background wpa_cli wpa_passphrase wpa_supplicant; do
install -Dm644 doc/docbook/$i.8 \
"$pkgdir"/usr/share/man/man8/$i.8 || return 1
done
install -Dm755 eapol_test "$pkgdir"/sbin/eapol_test || return 1
# gui
install -d "$pkgdir"/usr/bin
install -m 0755 wpa_gui-qt4/wpa_gui "$pkgdir"/usr/bin/wpa_gui \
|| return 1
# dbus
cd dbus || return 1
install -d "$pkgdir"/etc/dbus-1/system.d
install dbus-wpa_supplicant.conf \
"$pkgdir"/etc/dbus-1/system.d/wpa_supplicant.conf || return 1
install -d "$pkgdir"/usr/share/dbus-1/system-services
install fi.epitest.hostap.WPASupplicant.service \
"$pkgdir"/usr/share/dbus-1/system-services || return 1
install -d "$pkgdir"/var/run/wpa_supplicant
install -Dm755 "$srcdir"/wpa_supplicant.initd \
"$pkgdir"/etc/init.d/wpa_supplicant || return 1
install -Dm755 "$srcdir"/wpa_supplicant.confd \
"$pkgdir"/etc/conf.d/wpa_supplicant || return 1
}
gui() {
pkgdesc="Grafical User Interface for $pkgname"
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/wpa_gui "$subpkgdir"/usr/bin/
}
md5sums="f0037dbe03897dcaf2ad2722e659095d wpa_supplicant-2.4.tar.gz
8e8c34267fefcc4142ee142e5515b5df CVE-2015-1863.patch
222ec96a8dc73c41608cc463beac3966 CVE-2015-4141.patch
d3688697f81ca1e684a79dfa3682a111 CVE-2015-4142.patch
87d611a9b704402f66fa59ba1458928d 0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
bafcec421e4f5c6a8383893d029a79e5 0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
fa2aed3cf49f7e6c7b17bf9db9a001f5 0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
de0fca4d74a1883d15ef5754f13a5226 0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
9d854969af23b207f9f3dff38ef78770 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
a8da41f58b8b4779d666ab7bd8233c18 wpa_supplicant.initd
bc117427f2c538439f3f1481a028ee06 wpa_supplicant.confd
cbdff360cf3f0f31d33027deb868e5f2 wpa_cli.sh"
sha256sums="058dc832c096139a059e6df814080f50251a8d313c21b13364c54a1e70109122 wpa_supplicant-2.4.tar.gz
a3abf75801f02199ff48c316a7b6598860e6ca20ce2fe79b0bec873905e5c8a4 CVE-2015-1863.patch
eb63d845fdc38b6310c527ad1705b6fe3b74f90e263188da2aca97468cc55142 CVE-2015-4141.patch
cc6c488afab4ccfdaedd9e224989b5fe713d6b0415ea94579190bd8ba60c9be5 CVE-2015-4142.patch
a204bc37f52e5346780a306c01706689eb46263dedcdcb1eb2f4c0b291a0db93 0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
298fc3b89f987922fb2600d0c95e8c868d6da30d24643748afd47bcd30da7b44 0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
2fd42fb53be793c54343aa18a84afebe4603aa6ce8b6969ad6b3a8d327c6b142 0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
c28ca6303a562809dfd1812f9b918808b3b0f0c52cc43070fd1777e1cfc88f18 0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
04ef66fbd5b2167274cd7123d7f7252963b9a9c1ec2f5edf6558a6ad92d47689 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
5d6ee43b7752d15013fb31298087e9d82caa2568064e59e6ed6230d7de403867 wpa_supplicant.initd
61ec59007f66ac5bacc0aa095d1f2ccbc977a687038e161a463d1727223d5a90 wpa_supplicant.confd
34c06cabfb9c7cf73fda64836971898424b4fcf2569bf21af628239093e8417e wpa_cli.sh"
sha512sums="03d8199325b3910f77013ddb7edd803ab4444542230484e1cb465dc3df9372b39ee3307d823ce88730e8f5a5231ef3183954c54cf07297b70432f526e45aac2b wpa_supplicant-2.4.tar.gz
61f90d06bd42fb7ea17ba147db861303f5b1fdce2cda35492cec578214da5ea5d654a1df99dee4d4a0c07ef3e8b3bfb65ab4b98eff21c2013adf536766136ce1 CVE-2015-1863.patch
4633a96a91e151407e4c62b74b4e78d37e4fba586278c6ae4340ce149bee0c644a4d62675256839c3130374a4dc7531beaeed8282946e7dcd3faf1ed74bf99be CVE-2015-4141.patch
dc561d90f3f329ebb201abbb53eea161603fb2abba6b2fc5c79298d97c84f2d65d401608cd7bb2fb82abf909661c56699bf4bcbf902f6f8c7d5b1853b0277353 CVE-2015-4142.patch
9440f8d9d18d20b95d236c1a4467d86dfbbc17d8f26b0caa48d6737c6231d1ff14793c6fc8a1e4508f3ad38c9a5d710fd49b85c7de16634dbe6685af05f44f7c 0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
0887017bfdb4632baa49bb849b732eed7eec9a498247fdd5ef8448e4a6df10380c06d68fa706e0b2624c04eb6f5a327cdb71c5c71c3476dc383f889ee7372702 0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
341901aa94c44ae725b6d4dddac2a52b6457234189554fc282c9cf5fa0254125d7323553a7b8118f9a3e2020f039267ed4c912f84ac6f2cb12670b40c28ac652 0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
b752f91c3d6dcf0784d9cb20a0c7f8de6c837c38ff62cf77b136d9b818890b13f55eeed1d6097f244181b480be953e1bdfb5651116dc5d62a2d02c018e19042a 0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
07a21f0cc7d00e17bed8ef5ced36159020a410a4606aa0ca24e47223835ab0cc5fbeed3075c4f17d2ce1aee437eedf9fea8f4b95252b2fa255d54a195637cb6f 0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
cfe9de2813d5ec778c7f5cb404c23aad371dee9922dea172358a8ea95ab4e5dd01a3b9fc1a452dd3c3c9a2f02e8b12ffe162b69767f95faa18480fb79499301b wpa_supplicant.initd
29103161ec2b9631fca9e8d9a97fafd60ffac3fe78cf613b834395ddcaf8be1e253c22e060d7d9f9b974b2d7ce794caa932a2125e29f6494b75bce475f7b30e1 wpa_supplicant.confd
fa2688288c8f7882745e131f90f5ed6692c38c4fd9d0cd4082f3661bbf6fc09627c3d5005a9f4d00ac900753a8a28931079e5e17e2238bff33e1beff48774cfd wpa_cli.sh"
|