commit: 142119b897dbea138bc9609b00ebfa6e3a2d0ec4 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Sun Jan 10 14:42:28 2021 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Sun Jan 10 14:42:33 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=142119b8
net-wireless/hostapd: sync live Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Sam James <sam <AT> gentoo.org> net-wireless/hostapd/hostapd-9999.ebuild | 147 ++++++++++++++++--------------- 1 file changed, 78 insertions(+), 69 deletions(-) diff --git a/net-wireless/hostapd/hostapd-9999.ebuild b/net-wireless/hostapd/hostapd-9999.ebuild index 06ae239217e..97a5fee6569 100644 --- a/net-wireless/hostapd/hostapd-9999.ebuild +++ b/net-wireless/hostapd/hostapd-9999.ebuild @@ -1,7 +1,7 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI="6" +EAPI=7 inherit toolchain-funcs systemd savedconfig @@ -10,16 +10,18 @@ HOMEPAGE="http://w1.fi"; EXTRAS_VER="2.7-r2" EXTRAS_NAME="${CATEGORY}_${PN}_${EXTRAS_VER}_extras" SRC_URI="https://dev.gentoo.org/~andrey_utkin/distfiles/${EXTRAS_NAME}.tar.xz"; +S="${S}/${PN}" -if [[ $PV == 9999 ]]; then +if [[ ${PV} == 9999 ]]; then inherit git-r3 EGIT_REPO_URI="https://w1.fi/hostap.git"; else - if [[ $PV =~ ^.*_p[0-9]{8}$ ]]; then + if [[ ${PV} =~ ^.*_p[0-9]{8}$ ]]; then SRC_URI+=" https://dev.gentoo.org/~andrey_utkin/distfiles/${P}.tar.xz"; else SRC_URI+=" https://w1.fi/releases/${P}.tar.gz"; fi + # Never stabilize snapshot ebuilds please KEYWORDS="~amd64 ~arm ~arm64 ~mips ~ppc ~x86" fi @@ -46,8 +48,6 @@ DEPEND=" RDEPEND="${DEPEND}" -S="${S}/${PN}" - pkg_pretend() { if use internal-tls; then if use libressl; then @@ -71,6 +71,14 @@ src_prepare() { # i.e. anything outside ${S}/${PN} pushd ../ >/dev/null || die default + + # CVE-2019-16275 bug #696032 + eapply "${FILESDIR}/hostapd-2.9-AP-Silently-ignore-management-frame-from-unexpected.patch" + # CVE-2020-12695 bug #727542 + eapply "${FILESDIR}/${P}-0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch" + eapply "${FILESDIR}/${P}-0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch" + eapply "${FILESDIR}/${P}-0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch" + popd >/dev/null || die sed -i -e "s:/etc/hostapd:/etc/hostapd/hostapd:g" \ @@ -82,122 +90,122 @@ src_configure() { restore_config "${CONFIG}" if [[ -f "${CONFIG}" ]]; then - default_src_configure + default return 0 fi # toolchain setup - echo "CC = $(tc-getCC)" > ${CONFIG} + echo "CC = $(tc-getCC)" > ${CONFIG} || die # EAP authentication methods - echo "CONFIG_EAP=y" >> ${CONFIG} - echo "CONFIG_ERP=y" >> ${CONFIG} - echo "CONFIG_EAP_MD5=y" >> ${CONFIG} - echo "CONFIG_SAE=y" >> ${CONFIG} - echo "CONFIG_OWE=y" >> ${CONFIG} - echo "CONFIG_DPP=y" >> ${CONFIG} + echo "CONFIG_EAP=y" >> ${CONFIG} || die + echo "CONFIG_ERP=y" >> ${CONFIG} || die + echo "CONFIG_EAP_MD5=y" >> ${CONFIG} || die if use suiteb; then - echo "CONFIG_SUITEB=y" >> ${CONFIG} - echo "CONFIG_SUITEB192=y" >> ${CONFIG} + echo "CONFIG_SUITEB=y" >> ${CONFIG} || die + echo "CONFIG_SUITEB192=y" >> ${CONFIG} || die fi if use internal-tls && ! use libressl; then - echo "CONFIG_TLS=internal" >> ${CONFIG} + echo "CONFIG_TLS=internal" >> ${CONFIG} || die else # SSL authentication methods - echo "CONFIG_EAP_FAST=y" >> ${CONFIG} - echo "CONFIG_EAP_TLS=y" >> ${CONFIG} - echo "CONFIG_EAP_TTLS=y" >> ${CONFIG} - echo "CONFIG_EAP_MSCHAPV2=y" >> ${CONFIG} - echo "CONFIG_EAP_PEAP=y" >> ${CONFIG} - echo "CONFIG_TLSV11=y" >> ${CONFIG} - echo "CONFIG_TLSV12=y" >> ${CONFIG} - echo "CONFIG_EAP_PWD=y" >> ${CONFIG} + echo "CONFIG_DPP=y" >> ${CONFIG} || die + echo "CONFIG_EAP_FAST=y" >> ${CONFIG} || die + echo "CONFIG_EAP_MSCHAPV2=y" >> ${CONFIG} || die + echo "CONFIG_EAP_PEAP=y" >> ${CONFIG} || die + echo "CONFIG_EAP_PWD=y" >> ${CONFIG} || die + echo "CONFIG_EAP_TLS=y" >> ${CONFIG} || die + echo "CONFIG_EAP_TTLS=y" >> ${CONFIG} || die + echo "CONFIG_OWE=y" >> ${CONFIG} || die + echo "CONFIG_SAE=y" >> ${CONFIG} || die + echo "CONFIG_TLSV11=y" >> ${CONFIG} || die + echo "CONFIG_TLSV12=y" >> ${CONFIG} || die fi if use wps; then # Enable Wi-Fi Protected Setup - echo "CONFIG_WPS=y" >> ${CONFIG} - echo "CONFIG_WPS2=y" >> ${CONFIG} - echo "CONFIG_WPS_UPNP=y" >> ${CONFIG} - echo "CONFIG_WPS_NFC=y" >> ${CONFIG} + echo "CONFIG_WPS=y" >> ${CONFIG} || die + echo "CONFIG_WPS2=y" >> ${CONFIG} || die + echo "CONFIG_WPS_UPNP=y" >> ${CONFIG} || die + echo "CONFIG_WPS_NFC=y" >> ${CONFIG} || die einfo "Enabling Wi-Fi Protected Setup support" fi - echo "CONFIG_EAP_IKEV2=y" >> ${CONFIG} - echo "CONFIG_EAP_TNC=y" >> ${CONFIG} - echo "CONFIG_EAP_GTC=y" >> ${CONFIG} - echo "CONFIG_EAP_SIM=y" >> ${CONFIG} - echo "CONFIG_EAP_AKA=y" >> ${CONFIG} - echo "CONFIG_EAP_AKA_PRIME=y" >> ${CONFIG} - echo "CONFIG_EAP_EKE=y" >> ${CONFIG} - echo "CONFIG_EAP_PAX=y" >> ${CONFIG} - echo "CONFIG_EAP_PSK=y" >> ${CONFIG} - echo "CONFIG_EAP_SAKE=y" >> ${CONFIG} - echo "CONFIG_EAP_GPSK=y" >> ${CONFIG} - echo "CONFIG_EAP_GPSK_SHA256=y" >> ${CONFIG} + echo "CONFIG_EAP_IKEV2=y" >> ${CONFIG} || die + echo "CONFIG_EAP_TNC=y" >> ${CONFIG} || die + echo "CONFIG_EAP_GTC=y" >> ${CONFIG} || die + echo "CONFIG_EAP_SIM=y" >> ${CONFIG} || die + echo "CONFIG_EAP_AKA=y" >> ${CONFIG} || die + echo "CONFIG_EAP_AKA_PRIME=y" >> ${CONFIG} || die + echo "CONFIG_EAP_EKE=y" >> ${CONFIG} || die + echo "CONFIG_EAP_PAX=y" >> ${CONFIG} || die + echo "CONFIG_EAP_PSK=y" >> ${CONFIG} || die + echo "CONFIG_EAP_SAKE=y" >> ${CONFIG} || die + echo "CONFIG_EAP_GPSK=y" >> ${CONFIG} || die + echo "CONFIG_EAP_GPSK_SHA256=y" >> ${CONFIG} || die einfo "Enabling drivers: " # drivers - echo "CONFIG_DRIVER_HOSTAP=y" >> ${CONFIG} + echo "CONFIG_DRIVER_HOSTAP=y" >> ${CONFIG} || die einfo " HostAP driver enabled" - echo "CONFIG_DRIVER_WIRED=y" >> ${CONFIG} + echo "CONFIG_DRIVER_WIRED=y" >> ${CONFIG} || die einfo " Wired driver enabled" - echo "CONFIG_DRIVER_NONE=y" >> ${CONFIG} + echo "CONFIG_DRIVER_NONE=y" >> ${CONFIG} || die einfo " None driver enabled" einfo " nl80211 driver enabled" - echo "CONFIG_DRIVER_NL80211=y" >> ${CONFIG} + echo "CONFIG_DRIVER_NL80211=y" >> ${CONFIG} || die # epoll - echo "CONFIG_ELOOP_EPOLL=y" >> ${CONFIG} + echo "CONFIG_ELOOP_EPOLL=y" >> ${CONFIG} || die # misc - echo "CONFIG_DEBUG_FILE=y" >> ${CONFIG} - echo "CONFIG_PKCS12=y" >> ${CONFIG} - echo "CONFIG_RADIUS_SERVER=y" >> ${CONFIG} - echo "CONFIG_IAPP=y" >> ${CONFIG} - echo "CONFIG_IEEE80211R=y" >> ${CONFIG} - echo "CONFIG_IEEE80211W=y" >> ${CONFIG} - echo "CONFIG_IEEE80211N=y" >> ${CONFIG} - echo "CONFIG_IEEE80211AC=y" >> ${CONFIG} - echo "CONFIG_PEERKEY=y" >> ${CONFIG} - echo "CONFIG_RSN_PREAUTH=y" >> ${CONFIG} - echo "CONFIG_INTERWORKING=y" >> ${CONFIG} - echo "CONFIG_FULL_DYNAMIC_VLAN=y" >> ${CONFIG} - echo "CONFIG_HS20=y" >> ${CONFIG} - echo "CONFIG_WNM=y" >> ${CONFIG} - echo "CONFIG_FST=y" >> ${CONFIG} - echo "CONFIG_FST_TEST=y" >> ${CONFIG} - echo "CONFIG_ACS=y" >> ${CONFIG} + echo "CONFIG_DEBUG_FILE=y" >> ${CONFIG} || die + echo "CONFIG_PKCS12=y" >> ${CONFIG} || die + echo "CONFIG_RADIUS_SERVER=y" >> ${CONFIG} || die + echo "CONFIG_IAPP=y" >> ${CONFIG} || die + echo "CONFIG_IEEE80211R=y" >> ${CONFIG} || die + echo "CONFIG_IEEE80211W=y" >> ${CONFIG} || die + echo "CONFIG_IEEE80211N=y" >> ${CONFIG} || die + echo "CONFIG_IEEE80211AC=y" >> ${CONFIG} || die + echo "CONFIG_PEERKEY=y" >> ${CONFIG} || die + echo "CONFIG_RSN_PREAUTH=y" >> ${CONFIG} || die + echo "CONFIG_INTERWORKING=y" >> ${CONFIG} || die + echo "CONFIG_FULL_DYNAMIC_VLAN=y" >> ${CONFIG} || die + echo "CONFIG_HS20=y" >> ${CONFIG} || die + echo "CONFIG_WNM=y" >> ${CONFIG} || die + echo "CONFIG_FST=y" >> ${CONFIG} || die + echo "CONFIG_FST_TEST=y" >> ${CONFIG} || die + echo "CONFIG_ACS=y" >> ${CONFIG} || die if use netlink; then # Netlink support - echo "CONFIG_VLAN_NETLINK=y" >> ${CONFIG} + echo "CONFIG_VLAN_NETLINK=y" >> ${CONFIG} || die fi if use ipv6; then # IPv6 support - echo "CONFIG_IPV6=y" >> ${CONFIG} + echo "CONFIG_IPV6=y" >> ${CONFIG} || die fi if use sqlite; then # Sqlite support - echo "CONFIG_SQLITE=y" >> ${CONFIG} + echo "CONFIG_SQLITE=y" >> ${CONFIG} || die fi # If we are using libnl 2.0 and above, enable support for it # Removed for now, since the 3.2 version is broken, and we don't # support it. if has_version ">=dev-libs/libnl-3.2"; then - echo "CONFIG_LIBNL32=y" >> .config + echo "CONFIG_LIBNL32=y" >> ${CONFIG} || die fi # TODO: Add support for BSD drivers - default_src_configure + default } src_compile() { @@ -259,7 +267,8 @@ pkg_postinst() { einfo "essid_wlan0=\"test\"" einfo "mode_wlan0=\"master\"" einfo - #if [ -e "${KV_DIR}"/net/mac80211 ]; then + + #if [[ -e "${KV_DIR}"/net/mac80211 ]]; then # einfo "This package now compiles against the headers installed by" # einfo "the kernel source for the mac80211 driver. You should " # einfo "re-emerge ${PN} after upgrading your kernel source."
