aboutsummaryrefslogtreecommitdiffstats
path: root/main/wpa_supplicant/APKBUILD
blob: c2f2bcc23215079be676287e000b9d6f15f8ce65 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wpa_supplicant
pkgver=2.4
pkgrel=1
pkgdesc="A utility providing key negotiation for WPA wireless networks"
url="http://hostap.epitest.fi/wpa_supplicant"
arch="all"
license="BSD"
subpackages="$pkgname-doc $pkgname-gui"
depends="dbus"
makedepends="openssl-dev dbus-dev libnl3-dev qt-dev"
source="http://hostap.epitest.fi/releases/$pkgname-$pkgver.tar.gz
	CVE-2015-1863.patch
	CVE-2015-4141.patch
	CVE-2015-4142.patch
	0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
	0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
	0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
	0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
	0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch

	wpa_supplicant.initd
	wpa_supplicant.confd
	"

_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
	cd "$_builddir"
	for i in $source; do
		case $i in
		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
		esac
	done

	cd "$_builddir"/wpa_supplicant
	# Toolchain setup
	echo "CC = ${CC:-gcc}" > .config

	# Basic setup
	echo "CONFIG_CTRL_IFACE=y" >> .config
	# dbus support
	echo "CONFIG_CTRL_IFACE_DBUS=y" >> .config
	echo "CONFIG_CTRL_IFACE_DBUS_NEW=y" >> .config
	echo "CONFIG_CTRL_IFACE_DBUS_INTRO=y" >> .config

	echo "CONFIG_BACKEND=file" >> .config

	# Basic authentication methods
	# NOTE: we don't set GPSK or SAKE as they conflict
	# with the below options
	echo "CONFIG_EAP_GTC=y"         >> .config
	echo "CONFIG_EAP_MD5=y"         >> .config
	echo "CONFIG_EAP_OTP=y"         >> .config
	echo "CONFIG_EAP_PAX=y"         >> .config
	echo "CONFIG_EAP_PSK=y"         >> .config
	echo "CONFIG_EAP_TLV=y"         >> .config
	echo "CONFIG_IEEE8021X_EAPOL=y" >> .config
	echo "CONFIG_PKCS12=y"          >> .config
	echo "CONFIG_PEERKEY=y"         >> .config
	echo "CONFIG_EAP_LEAP=y"        >> .config
	echo "CONFIG_EAP_MSCHAPV2=y"    >> .config
	echo "CONFIG_EAP_PEAP=y"        >> .config
	echo "CONFIG_EAP_TLS=y"         >> .config
	echo "CONFIG_EAP_TTLS=y"        >> .config

	# debug
	# echo "CONFIG_DEBUG_FILE=y" >> .config

	# Smart card authentication
	#echo "CONFIG_EAP_SIM=y"       >> .config
	#echo "CONFIG_EAP_AKA=y"       >> .config
	#echo "CONFIG_EAP_AKA_PRIME=y" >> .config
	#echo "CONFIG_PCSC=y"          >> .config

	# readline/history support for wpa_cli
	#echo "CONFIG_READLINE=y" >> .config

	# SSL authentication methods
	echo "CONFIG_TLS=openssl"    >> .config
	echo "CONFIG_SMARTCARD=y"    >> .config
	# use gnutls
	# echo "CONFIG_TLS=gnutls"     >> .config
	# echo "CONFIG_GNUTLS_EXTRA=y" >> .config
	#echo "CONFIG_TLS=internal"   >> .config

	# Linux specific drivers
	echo "CONFIG_DRIVER_ATMEL=y"       >> .config
	#echo "CONFIG_DRIVER_BROADCOM=y"   >> .config
	#echo "CONFIG_DRIVER_HERMES=y"	   >> .config
	echo "CONFIG_DRIVER_HOSTAP=y"      >> .config
	echo "CONFIG_DRIVER_IPW=y"         >> .config
	echo "CONFIG_DRIVER_NDISWRAPPER=y" >> .config
	echo "CONFIG_DRIVER_NL80211=y"     >> .config
	#echo "CONFIG_DRIVER_PRISM54=y"    >> .config
	echo "CONFIG_DRIVER_RALINK=y"      >> .config
	echo "CONFIG_DRIVER_WEXT=y"        >> .config
	echo "CONFIG_DRIVER_WIRED=y"       >> .config

	# Add include path for madwifi-driver headers
	#echo "CFLAGS += -I/usr/include/madwifi" >> .config
	#echo "CONFIG_DRIVER_MADWIFI=y"          >> .config

	# Wi-Fi Protected Setup (WPS)
	echo "CONFIG_WPS=y" >> .config

	# Enable mitigation against certain attacks against TKIP
	echo "CONFIG_DELAYED_MIC_ERROR_REPORT=y" >> .config

	echo "CONFIG_WPS2=y" >> .config
	echo "CONFIG_AP=y" >> .config
	echo "CONFIG_P2P=y" >> .config
	echo "CONFIG_LIBNL32=y" >> .config
}

build() {
	cd "$_builddir"/wpa_supplicant
	make LIBDIR=/lib BINDIR=/sbin || return 1
	# comment out the network={ } stansas in config
	sed -i -e '/^network=/,/}/s/^/#/' wpa_supplicant.conf
	make wpa_gui-qt4 || return 1
	make eapol_test || return 1
}

package() {
	cd "$_builddir"/wpa_supplicant
	make DESTDIR="$pkgdir" LIBDIR=/lib BINDIR=/sbin install || return 1
	install -Dm644 wpa_supplicant.conf \
		"$pkgdir"/etc/wpa_supplicant/wpa_supplicant.conf
	install -Dm644 doc/docbook/wpa_supplicant.conf.5 \
		"$pkgdir"/usr/share/man/man5/wpa_supplicant.conf.5 || return 1
	for i in wpa_background wpa_cli wpa_passphrase wpa_supplicant; do
		install -Dm644 doc/docbook/$i.8 \
			"$pkgdir"/usr/share/man/man8/$i.8 || return 1
	done
	install -Dm755 eapol_test "$pkgdir"/sbin/eapol_test || return 1

	# gui
	install -d "$pkgdir"/usr/bin
	install -m 0755 wpa_gui-qt4/wpa_gui "$pkgdir"/usr/bin/wpa_gui \
		|| return 1

	# dbus
	cd dbus || return 1
	install -d "$pkgdir"/etc/dbus-1/system.d
	install dbus-wpa_supplicant.conf \
		"$pkgdir"/etc/dbus-1/system.d/wpa_supplicant.conf || return 1
	install -d "$pkgdir"/usr/share/dbus-1/system-services
	install fi.epitest.hostap.WPASupplicant.service \
		"$pkgdir"/usr/share/dbus-1/system-services || return 1
	install -d "$pkgdir"/var/run/wpa_supplicant
	install -Dm755 "$srcdir"/wpa_supplicant.initd \
		"$pkgdir"/etc/init.d/wpa_supplicant || return 1
	install -Dm755 "$srcdir"/wpa_supplicant.confd \
		"$pkgdir"/etc/conf.d/wpa_supplicant || return 1
}

gui() {
	pkgdesc="Grafical User Interface for $pkgname"
	mkdir -p "$subpkgdir"/usr/bin
	mv "$pkgdir"/usr/bin/wpa_gui "$subpkgdir"/usr/bin/
}

md5sums="f0037dbe03897dcaf2ad2722e659095d  wpa_supplicant-2.4.tar.gz
8e8c34267fefcc4142ee142e5515b5df  CVE-2015-1863.patch
222ec96a8dc73c41608cc463beac3966  CVE-2015-4141.patch
d3688697f81ca1e684a79dfa3682a111  CVE-2015-4142.patch
87d611a9b704402f66fa59ba1458928d  0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
bafcec421e4f5c6a8383893d029a79e5  0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
fa2aed3cf49f7e6c7b17bf9db9a001f5  0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
de0fca4d74a1883d15ef5754f13a5226  0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
9d854969af23b207f9f3dff38ef78770  0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
5ee64e2494a9e83740d2344dd5b9bb19  wpa_supplicant.initd
bc117427f2c538439f3f1481a028ee06  wpa_supplicant.confd"
sha256sums="058dc832c096139a059e6df814080f50251a8d313c21b13364c54a1e70109122  wpa_supplicant-2.4.tar.gz
a3abf75801f02199ff48c316a7b6598860e6ca20ce2fe79b0bec873905e5c8a4  CVE-2015-1863.patch
eb63d845fdc38b6310c527ad1705b6fe3b74f90e263188da2aca97468cc55142  CVE-2015-4141.patch
cc6c488afab4ccfdaedd9e224989b5fe713d6b0415ea94579190bd8ba60c9be5  CVE-2015-4142.patch
a204bc37f52e5346780a306c01706689eb46263dedcdcb1eb2f4c0b291a0db93  0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
298fc3b89f987922fb2600d0c95e8c868d6da30d24643748afd47bcd30da7b44  0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
2fd42fb53be793c54343aa18a84afebe4603aa6ce8b6969ad6b3a8d327c6b142  0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
c28ca6303a562809dfd1812f9b918808b3b0f0c52cc43070fd1777e1cfc88f18  0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
04ef66fbd5b2167274cd7123d7f7252963b9a9c1ec2f5edf6558a6ad92d47689  0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
131828768c8f334b39bb5294398105ed4cd6d031908e6e9b00bb4a0938f5f7f2  wpa_supplicant.initd
61ec59007f66ac5bacc0aa095d1f2ccbc977a687038e161a463d1727223d5a90  wpa_supplicant.confd"
sha512sums="03d8199325b3910f77013ddb7edd803ab4444542230484e1cb465dc3df9372b39ee3307d823ce88730e8f5a5231ef3183954c54cf07297b70432f526e45aac2b  wpa_supplicant-2.4.tar.gz
61f90d06bd42fb7ea17ba147db861303f5b1fdce2cda35492cec578214da5ea5d654a1df99dee4d4a0c07ef3e8b3bfb65ab4b98eff21c2013adf536766136ce1  CVE-2015-1863.patch
4633a96a91e151407e4c62b74b4e78d37e4fba586278c6ae4340ce149bee0c644a4d62675256839c3130374a4dc7531beaeed8282946e7dcd3faf1ed74bf99be  CVE-2015-4141.patch
dc561d90f3f329ebb201abbb53eea161603fb2abba6b2fc5c79298d97c84f2d65d401608cd7bb2fb82abf909661c56699bf4bcbf902f6f8c7d5b1853b0277353  CVE-2015-4142.patch
9440f8d9d18d20b95d236c1a4467d86dfbbc17d8f26b0caa48d6737c6231d1ff14793c6fc8a1e4508f3ad38c9a5d710fd49b85c7de16634dbe6685af05f44f7c  0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
0887017bfdb4632baa49bb849b732eed7eec9a498247fdd5ef8448e4a6df10380c06d68fa706e0b2624c04eb6f5a327cdb71c5c71c3476dc383f889ee7372702  0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
341901aa94c44ae725b6d4dddac2a52b6457234189554fc282c9cf5fa0254125d7323553a7b8118f9a3e2020f039267ed4c912f84ac6f2cb12670b40c28ac652  0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
b752f91c3d6dcf0784d9cb20a0c7f8de6c837c38ff62cf77b136d9b818890b13f55eeed1d6097f244181b480be953e1bdfb5651116dc5d62a2d02c018e19042a  0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
07a21f0cc7d00e17bed8ef5ced36159020a410a4606aa0ca24e47223835ab0cc5fbeed3075c4f17d2ce1aee437eedf9fea8f4b95252b2fa255d54a195637cb6f  0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
4a62879f6eb37226a2009a4bceb123c6e610c366c2369ee2fc84b66b79e8dddee5185a64cebe0331bafe13d61cf44c0bbbe3dce2620c0f4525c96afcb58dd362  wpa_supplicant.initd
29103161ec2b9631fca9e8d9a97fafd60ffac3fe78cf613b834395ddcaf8be1e253c22e060d7d9f9b974b2d7ce794caa932a2125e29f6494b75bce475f7b30e1  wpa_supplicant.confd"