gentoo resync : 17.05.2018

2 files changed, 440 insertions, 0 deletions

diff --git a/net-wireless/wpa_supplicant/Manifest b/net-wireless/wpa_supplicant/Manifest
index 870df848a6e9..932c643f97c7 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -17,4 +17,5 @@ DIST wpa_supplicant-2.6.tar.gz 2753524 BLAKE2B 99c61326c402f60b384fa6c9a7381e43d
 EBUILD wpa_supplicant-2.6-r3.ebuild 11044 BLAKE2B ec092b2d8c8094c19ce1e019642ff074cfcc8ab40045d394e01c219fad6cb306dd0c8e6e33879c33d950d95af5bb5e851a667030aad5cc1fe6c9b5aeb6d9fc7d SHA512 2e2b23824a0a073a44e7c40cf21bc06f797a34d8768ecd645aa0f7216c81e1f0425fb09129824b1d927166f0d6fce0f4cff87afd1f65214db4546d83031c1e62
 EBUILD wpa_supplicant-2.6-r5.ebuild 11782 BLAKE2B b74866e78cc82cb5e3600135052024c11b628371932b52634754fa578c6f31ed0d58f5ba2e980fdd7f1ddf50c92e721e538098af2270a9061c64ee5e902940fe SHA512 afd5fc95a798031f7ac84fb17737a113db720686d9ad304d2abfd56b4c16468fc446926594ff87b17438d2b9c39762865782de794019a780074df87f9479307e
 EBUILD wpa_supplicant-2.6-r6.ebuild 11812 BLAKE2B b9ab92e75bc23b3f577d25f01c975b4819fe70c80a7b7af97bfebd3d472a10f0989d956d76b149661ebb0c35efb846e785ae0f7d5fab854d52913d549558c6a0 SHA512 2c02e63568357f8b2772a338225b7aa384479a1a3d98883bcd6e5fcaf79f7108300531b4672e8df6420a6eec40fc217b366bfde487948adfc1fa24c909085f5a
+EBUILD wpa_supplicant-2.6-r7.ebuild 11936 BLAKE2B 6c1e913a6614ea7f615c33b488bf68a193ae7323b058405e142e7db0fcb8b9bb1c737992ca4fb408c61703f53c802ae428831ec0910baadaa9577249bfde28ce SHA512 95142b3b8f81367a27bef80dc63ec6dc37407bfd674406da116ab0a7698a7d1ac4694dc78f655d19b20e67484537f8aee6b68e7b91d0e35398c6d07e52cc9318
 MISC metadata.xml 1321 BLAKE2B 803180e489eb69bc2992a1fb794e16aa897f7502904771653ca507e339eb211a15d805430a27ea8fd55e64ac23799ca70a65b33f4b35639e77d67f7dabe07d56 SHA512 bcc33ebea7348879a4dcaaaa7baeae3e316e5b75919b55310be1dc2dacac6a8e8d9993ac3481d3a790c12b5515f6fd3b1f778737b4c19ecf37eedc9c2e20a9ed
diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r7.ebuild b/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r7.ebuild
new file mode 100644
index 000000000000..08686df3b1f1
--- /dev/null
+++ b/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r7.ebuild
@@ -0,0 +1,439 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit eutils qmake-utils systemd toolchain-funcs readme.gentoo-r1
+
+DESCRIPTION="IEEE 802.1X/WPA supplicant for secure wireless transfers"
+HOMEPAGE="https://w1.fi/wpa_supplicant/"
+SRC_URI="https://w1.fi/releases/${P}.tar.gz"
+LICENSE="|| ( GPL-2 BSD )"
+
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="ap bindist dbus eap-sim eapol_test fasteap gnutls +hs2-0 libressl p2p privsep ps3 qt5 readline selinux smartcard ssl tdls uncommon-eap-types wimax wps kernel_linux kernel_FreeBSD"
+REQUIRED_USE="smartcard? ( ssl )"
+
+CDEPEND="dbus? ( sys-apps/dbus )
+	kernel_linux? (
+		dev-libs/libnl:3
+		net-wireless/crda
+		eap-sim? ( sys-apps/pcsc-lite )
+	)
+	!kernel_linux? ( net-libs/libpcap )
+	qt5? (
+		dev-qt/qtcore:5
+		dev-qt/qtgui:5
+		dev-qt/qtsvg:5
+		dev-qt/qtwidgets:5
+	)
+	readline? (
+		sys-libs/ncurses:0=
+		sys-libs/readline:0=
+	)
+	ssl? (
+		gnutls? (
+			dev-libs/libgcrypt:0=
+			net-libs/gnutls:=
+		)
+		!gnutls? (
+			!libressl? ( >=dev-libs/openssl-1.0.2k:0=[bindist=] )
+			libressl? ( dev-libs/libressl:0= )
+		)
+	)
+	!ssl? ( dev-libs/libtommath )
+"
+DEPEND="${CDEPEND}
+	virtual/pkgconfig
+"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-networkmanager )
+"
+
+DOC_CONTENTS="
+	If this is a clean installation of wpa_supplicant, you
+	have to create a configuration file named
+	${EROOT%/}/etc/wpa_supplicant/wpa_supplicant.conf
+	An example configuration file is available for reference in
+	${EROOT%/}/usr/share/doc/${PF}/
+"
+
+S="${WORKDIR}/${P}/${PN}"
+
+Kconfig_style_config() {
+		#param 1 is CONFIG_* item
+		#param 2 is what to set it = to, defaulting in y
+		CONFIG_PARAM="${CONFIG_HEADER:-CONFIG_}$1"
+		setting="${2:-y}"
+
+		if [ ! $setting = n ]; then
+			#first remove any leading "# " if $2 is not n
+			sed -i "/^# *$CONFIG_PARAM=/s/^# *//" .config || echo "Kconfig_style_config error uncommenting $CONFIG_PARAM"
+			#set item = $setting (defaulting to y)
+			sed -i "/^$CONFIG_PARAM/s/=.*/=$setting/" .config || echo "Kconfig_style_config error setting $CONFIG_PARAM=$setting"
+			if [ -z "$( grep ^$CONFIG_PARAM= .config )" ] ; then
+				echo "$CONFIG_PARAM=$setting" >>.config
+			fi
+		else
+			#ensure item commented out
+			sed -i "/^$CONFIG_PARAM/s/$CONFIG_PARAM/# $CONFIG_PARAM/" .config || echo "Kconfig_style_config error commenting $CONFIG_PARAM"
+		fi
+}
+
+pkg_setup() {
+	if use ssl ; then
+		if use gnutls && use libressl ; then
+			elog "You have both 'gnutls' and 'libressl' USE flags enabled: defaulting to USE=\"gnutls\""
+		fi
+	else
+		elog "You have 'ssl' USE flag disabled: defaulting to internal TLS implementation"
+	fi
+}
+
+src_prepare() {
+	default
+
+	# net/bpf.h needed for net-libs/libpcap on Gentoo/FreeBSD
+	sed -i \
+		-e "s:\(#include <pcap\.h>\):#include <net/bpf.h>\n\1:" \
+		../src/l2_packet/l2_packet_freebsd.c || die
+
+	# People seem to take the example configuration file too literally (bug #102361)
+	sed -i \
+		-e "s:^\(opensc_engine_path\):#\1:" \
+		-e "s:^\(pkcs11_engine_path\):#\1:" \
+		-e "s:^\(pkcs11_module_path\):#\1:" \
+		wpa_supplicant.conf || die
+
+	# Change configuration to match Gentoo locations (bug #143750)
+	sed -i \
+		-e "s:/usr/lib/opensc:/usr/$(get_libdir):" \
+		-e "s:/usr/lib/pkcs11:/usr/$(get_libdir):" \
+		wpa_supplicant.conf || die
+
+	# systemd entries to D-Bus service files (bug #372877)
+	echo 'SystemdService=wpa_supplicant.service' \
+		| tee -a dbus/*.service >/dev/null || die
+
+	cd "${WORKDIR}/${P}" || die
+
+	if use wimax; then
+		# generate-libeap-peer.patch comes before
+		# fix-undefined-reference-to-random_get_bytes.patch
+		eapply "${FILESDIR}/${P}-generate-libeap-peer.patch"
+
+		# multilib-strict fix (bug #373685)
+		sed -e "s/\/usr\/lib/\/usr\/$(get_libdir)/" -i src/eap_peer/Makefile || die
+	fi
+
+	# bug (320097)
+	eapply "${FILESDIR}/${P}-do-not-call-dbus-functions-with-NULL-path.patch"
+
+	# bug (596332 & 651314)
+	eapply "${FILESDIR}/${P}-libressl-compatibility.patch"
+
+	# https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
+	eapply "${FILESDIR}/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch"
+	eapply "${FILESDIR}/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch"
+	eapply "${FILESDIR}/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch"
+	eapply "${FILESDIR}/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch"
+	eapply "${FILESDIR}/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch"
+	eapply "${FILESDIR}/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch"
+	eapply "${FILESDIR}/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch"
+	eapply "${FILESDIR}/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch"
+
+	# bug (640492)
+	sed -i 's#-Werror ##' wpa_supplicant/Makefile || die
+}
+
+src_configure() {
+	# Toolchain setup
+	tc-export CC
+
+	cp defconfig .config || die
+
+	# Basic setup
+	Kconfig_style_config CTRL_IFACE
+	Kconfig_style_config MATCH_IFACE
+	Kconfig_style_config BACKEND file
+	Kconfig_style_config IBSS_RSN
+	Kconfig_style_config IEEE80211W
+	Kconfig_style_config IEEE80211R
+
+	# Basic authentication methods
+	# NOTE: we don't set GPSK or SAKE as they conflict
+	# with the below options
+	Kconfig_style_config EAP_GTC
+	Kconfig_style_config EAP_MD5
+	Kconfig_style_config EAP_OTP
+	Kconfig_style_config EAP_PAX
+	Kconfig_style_config EAP_PSK
+	Kconfig_style_config EAP_TLV
+	Kconfig_style_config EAP_EXE
+	Kconfig_style_config IEEE8021X_EAPOL
+	Kconfig_style_config PKCS12
+	Kconfig_style_config PEERKEY
+	Kconfig_style_config EAP_LEAP
+	Kconfig_style_config EAP_MSCHAPV2
+	Kconfig_style_config EAP_PEAP
+	Kconfig_style_config EAP_TLS
+	Kconfig_style_config EAP_TTLS
+
+	# Enabling background scanning.
+	Kconfig_style_config BGSCAN_SIMPLE
+	Kconfig_style_config BGSCAN_LEARN
+
+	if use dbus ; then
+		Kconfig_style_config CTRL_IFACE_DBUS
+		Kconfig_style_config CTRL_IFACE_DBUS_NEW
+		Kconfig_style_config CTRL_IFACE_DBUS_INTRO
+	fi
+
+	if use eapol_test ; then
+		Kconfig_style_config EAPOL_TEST
+	fi
+
+	# Enable support for writing debug info to a log file and syslog.
+	Kconfig_style_config DEBUG_FILE
+	Kconfig_style_config DEBUG_SYSLOG
+
+	if use hs2-0 ; then
+		Kconfig_style_config INTERWORKING
+		Kconfig_style_config HS20
+	fi
+
+	if use uncommon-eap-types; then
+		Kconfig_style_config EAP_GPSK
+		Kconfig_style_config EAP_SAKE
+		Kconfig_style_config EAP_GPSK_SHA256
+		Kconfig_style_config EAP_IKEV2
+		Kconfig_style_config EAP_EKE
+	fi
+
+	if use eap-sim ; then
+		# Smart card authentication
+		Kconfig_style_config EAP_SIM
+		Kconfig_style_config EAP_AKA
+		Kconfig_style_config EAP_AKA_PRIME
+		Kconfig_style_config PCSC
+	fi
+
+	if use fasteap ; then
+		Kconfig_style_config EAP_FAST
+	fi
+
+	if use readline ; then
+		# readline/history support for wpa_cli
+		Kconfig_style_config READLINE
+	else
+		#internal line edit mode for wpa_cli
+		Kconfig_style_config WPA_CLI_EDIT
+	fi
+
+	# SSL authentication methods
+	if use ssl ; then
+		if use gnutls ; then
+			Kconfig_style_config TLS gnutls
+			Kconfig_style_config GNUTLS_EXTRA
+		else
+			Kconfig_style_config TLS openssl
+			if ! use bindist; then
+			  Kconfig_style_config EAP_PWD
+			  # Enabling mesh networks.
+			  Kconfig_style_config MESH
+			  #we also need to disable OWE and FILS, except they aren't enabled yet
+			fi
+
+		fi
+	else
+		Kconfig_style_config TLS internal
+	fi
+
+	if use smartcard ; then
+		Kconfig_style_config SMARTCARD
+	fi
+
+	if use tdls ; then
+		Kconfig_style_config TDLS
+	fi
+
+	if use kernel_linux ; then
+		# Linux specific drivers
+		Kconfig_style_config DRIVER_ATMEL
+		Kconfig_style_config DRIVER_HOSTAP
+		Kconfig_style_config DRIVER_IPW
+		Kconfig_style_config DRIVER_NL80211
+		Kconfig_style_config DRIVER_RALINK
+		Kconfig_style_config DRIVER_WEXT
+		Kconfig_style_config DRIVER_WIRED
+
+		if use ps3 ; then
+			Kconfig_style_config DRIVER_PS3
+		fi
+
+	elif use kernel_FreeBSD ; then
+		# FreeBSD specific driver
+		Kconfig_style_config DRIVER_BSD
+	fi
+
+	# Wi-Fi Protected Setup (WPS)
+	if use wps ; then
+		Kconfig_style_config WPS
+		Kconfig_style_config WPS2
+		# USB Flash Drive
+		Kconfig_style_config WPS_UFD
+		# External Registrar
+		Kconfig_style_config WPS_ER
+		# Universal Plug'n'Play
+		Kconfig_style_config WPS_UPNP
+		# Near Field Communication
+		Kconfig_style_config WPS_NFC
+	fi
+
+	# Wi-Fi Direct (WiDi)
+	if use p2p ; then
+		Kconfig_style_config P2P
+		Kconfig_style_config WIFI_DISPLAY
+	fi
+
+	# Access Point Mode
+	if use ap ; then
+		Kconfig_style_config AP
+	fi
+
+	# Enable essentials for AP/P2P
+	if use ap || use p2p ; then
+		# Enabling HT support (802.11n)
+		Kconfig_style_config IEEE80211N
+
+		# Enabling VHT support (802.11ac)
+		Kconfig_style_config IEEE80211AC
+	fi
+
+	# Enable mitigation against certain attacks against TKIP
+	Kconfig_style_config DELAYED_MIC_ERROR_REPORT
+
+	if use privsep ; then
+		Kconfig_style_config PRIVSEP
+	fi
+
+	# If we are using libnl 2.0 and above, enable support for it
+	# Bug 382159
+	# Removed for now, since the 3.2 version is broken, and we don't
+	# support it.
+	if has_version ">=dev-libs/libnl-3.2"; then
+		Kconfig_style_config LIBNL32
+	fi
+
+	if use qt5 ; then
+		pushd "${S}"/wpa_gui-qt4 > /dev/null || die
+		eqmake5 wpa_gui.pro
+		popd > /dev/null || die
+	fi
+}
+
+src_compile() {
+	einfo "Building wpa_supplicant"
+	emake V=1 BINDIR=/usr/sbin
+
+	if use wimax; then
+		emake -C ../src/eap_peer clean
+		emake -C ../src/eap_peer
+	fi
+
+	if use qt5; then
+		einfo "Building wpa_gui"
+		emake -C "${S}"/wpa_gui-qt4
+	fi
+
+	if use eapol_test ; then
+		emake eapol_test
+	fi
+}
+
+src_install() {
+	dosbin wpa_supplicant
+	use privsep && dosbin wpa_priv
+	dobin wpa_cli wpa_passphrase
+
+	# baselayout-1 compat
+	if has_version "<sys-apps/baselayout-2.0.0"; then
+		dodir /sbin
+		dosym ../usr/sbin/wpa_supplicant /sbin/wpa_supplicant
+		dodir /bin
+		dosym ../usr/bin/wpa_cli /bin/wpa_cli
+	fi
+
+	if has_version ">=sys-apps/openrc-0.5.0"; then
+		newinitd "${FILESDIR}/${PN}-init.d" wpa_supplicant
+		newconfd "${FILESDIR}/${PN}-conf.d" wpa_supplicant
+	fi
+
+	exeinto /etc/wpa_supplicant/
+	newexe "${FILESDIR}/wpa_cli.sh" wpa_cli.sh
+
+	readme.gentoo_create_doc
+	dodoc ChangeLog {eap_testing,todo}.txt README{,-WPS} \
+		wpa_supplicant.conf
+
+	newdoc .config build-config
+
+	doman doc/docbook/*.{5,8}
+
+	if use qt5 ; then
+		into /usr
+		dobin wpa_gui-qt4/wpa_gui
+		doicon wpa_gui-qt4/icons/wpa_gui.svg
+		make_desktop_entry wpa_gui "WPA Supplicant Administration GUI" "wpa_gui" "Qt;Network;"
+	else
+		rm "${ED}"/usr/share/man/man8/wpa_gui.8
+	fi
+
+	use wimax && emake DESTDIR="${D}" -C ../src/eap_peer install
+
+	if use dbus ; then
+		pushd "${S}"/dbus > /dev/null || die
+		insinto /etc/dbus-1/system.d
+		newins dbus-wpa_supplicant.conf wpa_supplicant.conf
+		insinto /usr/share/dbus-1/system-services
+		doins fi.epitest.hostap.WPASupplicant.service fi.w1.wpa_supplicant1.service
+		popd > /dev/null || die
+
+		# This unit relies on dbus support, bug 538600.
+		systemd_dounit systemd/wpa_supplicant.service
+	fi
+
+	if use eapol_test ; then
+		dobin eapol_test
+	fi
+
+	systemd_dounit "systemd/wpa_supplicant@.service"
+	systemd_dounit "systemd/wpa_supplicant-nl80211@.service"
+	systemd_dounit "systemd/wpa_supplicant-wired@.service"
+}
+
+pkg_postinst() {
+	readme.gentoo_print_elog
+
+	if [[ -e "${EROOT%/}"/etc/wpa_supplicant.conf ]] ; then
+		echo
+		ewarn "WARNING: your old configuration file ${EROOT%/}/etc/wpa_supplicant.conf"
+		ewarn "needs to be moved to ${EROOT%/}/etc/wpa_supplicant/wpa_supplicant.conf"
+	fi
+
+	# Mea culpa, feel free to remove that after some time --mgorny.
+	local fn
+	for fn in wpa_supplicant{,@wlan0}.service; do
+		if [[ -e "${EROOT%/}"/etc/systemd/system/network.target.wants/${fn} ]]
+		then
+			ebegin "Moving ${fn} to multi-user.target"
+			mv "${EROOT%/}"/etc/systemd/system/network.target.wants/${fn} \
+				"${EROOT%/}"/etc/systemd/system/multi-user.target.wants/ || die
+			eend ${?} \
+				"Please try to re-enable ${fn}"
+		fi
+	done
+
+	systemd_reenable wpa_supplicant.service
+}