commit: de359f9d291ad818476330e855828c0fb79ba482
Author: Rick Farina <zerochaos <AT> gentoo <DOT> org>
AuthorDate: Fri Aug 26 16:30:12 2022 +0000
Commit: Rick Farina <zerochaos <AT> gentoo <DOT> org>
CommitDate: Fri Aug 26 16:32:07 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=de359f9d
net-wireless/wpa_supplicant: add deprecated ewarns
Per discussion in #gentoo-dev, hopefully ease tkip/wep users to finding
the new use flags by adding einfo/ewarn for when wep/tkip use flags are
disabled. In the 5 months it has been disabled there have been a few
complaints, but not nearly enough to lower the security of all users by
defaulting broken encryption/authentication to on.
Signed-off-by: Rick Farina <zerochaos <AT> gentoo.org>
net-wireless/wpa_supplicant/wpa_supplicant-2.10-r1.ebuild | 14 ++++++++++++++
net-wireless/wpa_supplicant/wpa_supplicant-9999.ebuild | 14 ++++++++++++++
2 files changed, 28 insertions(+)
diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-2.10-r1.ebuild
b/net-wireless/wpa_supplicant/wpa_supplicant-2.10-r1.ebuild
index b7a623182f1f..cb80b33748c2 100644
--- a/net-wireless/wpa_supplicant/wpa_supplicant-2.10-r1.ebuild
+++ b/net-wireless/wpa_supplicant/wpa_supplicant-2.10-r1.ebuild
@@ -477,6 +477,20 @@ pkg_postinst() {
ewarn "WARNING: your old configuration file
${EROOT}/etc/wpa_supplicant.conf"
ewarn "needs to be moved to
${EROOT}/etc/wpa_supplicant/wpa_supplicant.conf"
fi
+ if ! use wep; then
+ einfo "WARNING: You are building with WEP support disabled,
which is recommended since"
+ einfo "this protocol is deprecated and insecure. If you still
need to connect to"
+ einfo "WEP-enabled networks, you may turn this flag back on.
With this flag off,"
+ einfo "WEP-enabled networks will not even show up as available."
+ einfo "If your network is missing you may wish to USE=wep"
+ fi
+ if ! use tkip; then
+ ewarn "WARNING: You are building with TKIP support disabled,
which is recommended since"
+ ewarn "this protocol is deprecated and insecure. If you still
need to connect to"
+ ewarn "TKIP-enabled networks, you may turn this flag back on.
With this flag off,"
+ ewarn "TKIP-enabled networks, including mixed mode
TKIP/AES-CCMP will not even show up"
+ ewarn "as available. If your network is missing you may wish
to USE=tkip"
+ fi
# Mea culpa, feel free to remove that after some time --mgorny.
local fn
diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-9999.ebuild
b/net-wireless/wpa_supplicant/wpa_supplicant-9999.ebuild
index abd50f99a8df..276c74b2dc41 100644
--- a/net-wireless/wpa_supplicant/wpa_supplicant-9999.ebuild
+++ b/net-wireless/wpa_supplicant/wpa_supplicant-9999.ebuild
@@ -477,6 +477,20 @@ pkg_postinst() {
ewarn "WARNING: your old configuration file
${EROOT}/etc/wpa_supplicant.conf"
ewarn "needs to be moved to
${EROOT}/etc/wpa_supplicant/wpa_supplicant.conf"
fi
+ if ! use wep; then
+ einfo "WARNING: You are building with WEP support disabled,
which is recommended since"
+ einfo "this protocol is deprecated and insecure. If you still
need to connect to"
+ einfo "WEP-enabled networks, you may turn this flag back on.
With this flag off,"
+ einfo "WEP-enabled networks will not even show up as available."
+ einfo "If your network is missing you may wish to USE=wep"
+ fi
+ if ! use tkip; then
+ ewarn "WARNING: You are building with TKIP support disabled,
which is recommended since"
+ ewarn "this protocol is deprecated and insecure. If you still
need to connect to"
+ ewarn "TKIP-enabled networks, you may turn this flag back on.
With this flag off,"
+ ewarn "TKIP-enabled networks, including mixed mode
TKIP/AES-CCMP will not even show up"
+ ewarn "as available. If your network is missing you may wish
to USE=tkip"
+ fi
# Mea culpa, feel free to remove that after some time --mgorny.
local fn
