summaryrefslogtreecommitdiff
path: root/net-wireless/wpa_supplicant
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2018-04-19 14:14:48 +0100
committerV3n3RiX <venerix@redcorelinux.org>2018-04-19 14:14:48 +0100
commit5cfef3c94cd7e82136c69a0322f5ba21f7e64632 (patch)
tree8f255dfacbacb657e3ac3654d01c1e11e651c066 /net-wireless/wpa_supplicant
parent8aebb228036d5e2863b7eaa6e319ab41c1669269 (diff)
gentoo resync : 19.04.2018
Diffstat (limited to 'net-wireless/wpa_supplicant')
-rw-r--r--net-wireless/wpa_supplicant/Manifest6
-rw-r--r--net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl-compatibility.patch106
-rw-r--r--net-wireless/wpa_supplicant/files/wpa_supplicant-conf.d6
-rw-r--r--net-wireless/wpa_supplicant/wpa_supplicant-2.6-r5.ebuild (renamed from net-wireless/wpa_supplicant/wpa_supplicant-2.6-r4.ebuild)7
-rw-r--r--net-wireless/wpa_supplicant/wpa_supplicant-2.6-r6.ebuild436
5 files changed, 556 insertions, 5 deletions
diff --git a/net-wireless/wpa_supplicant/Manifest b/net-wireless/wpa_supplicant/Manifest
index c1eca51e5a5f..cd0d9c5b46c3 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -8,11 +8,13 @@ AUX 2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-
AUX 2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch 2750 BLAKE2B 059da1df148c8db68c9fa6aa656e46da301ebe7de3e41ecd4675ca579ebf6f1a66395e852cd8b562743ba83a345d4860618ea11bd01304a3386867115867fb9f SHA512 fc84edd8b30305cc42053c872554098f3f077292ec980ed6a442f37884087ff2f055738fd55977ed792bef1887dcc8c4626586465d78dd0258edb83dcd50a65a
AUX wpa_cli.sh 1284 BLAKE2B 50757aa432bf714923d0ff5e2e8357bf3126c82dcfebbc2c342325ad97e3ca95a15ea138f9a55e5a7b9ac86cb2518c173e7d5186d5feb3e57ac762a71b11ef85 SHA512 250372231eda6f7228fcf76b13fc1b95637d0d9dec96b7bef820bfa1af1496f218909f521daf2ddb2ca81d0ebb3162500f833575b64d8d2b4820c247499e1c56
AUX wpa_supplicant-2.6-do-not-call-dbus-functions-with-NULL-path.patch 486 BLAKE2B 877e15a45851331a1499cf8bc96fd514d88b6b270f54d52760e46cc7edbcc4b74a48a0271f0c93b546bb659203c56fdfba63b231757c21ca8ee6ade98406ac2e SHA512 dac56bc505a51167042ebe548f0e81a20a5578f753af9bb7ec3335a542d799c6e8739681ef7c8f7747a9bc954f8aa6f1a147250eacba17fd7fff80c4e53638ed
+AUX wpa_supplicant-2.6-libressl-compatibility.patch 3873 BLAKE2B 281029d49bd4267df5913aa87b2e70741def66646f6cfbf5cf163e88522ae5bb933be3ed0df971ff2872a25a36584409feb0d22acf8254f446421201026b1ce8 SHA512 61c4cfeb119a9bc7ab1d4f690c1af5bce2def7836212469011c277ad4d97ab601d2a1efca7dc7bea433d974a8820aed7740e2cf047a0c63734d8a71e3df14e45
AUX wpa_supplicant-2.6-libressl.patch 3003 BLAKE2B 49781bcb77e84912b8f46ec992da7c6b1b015cc793208e1f8afa6457991bcc1be130810d90671f0e53fa65dcebd4528c6e359f69a2576ee715317b796d31eec2 SHA512 2fb29ec14db2f33f8c011e1c2e98eef4d36b2e9f3b36f6058c390484ae5c64ad5d67aa25f138829503fabfac374bda24172871bdefef2a0566db963a5a362ec8
-AUX wpa_supplicant-conf.d 161 BLAKE2B 5fa719f155606c978c809bbffc3de20df0b0b77564c7673929d5597af044baf4937d7d18f73b4418c20942d73f9f7e9374a6958d03bde4033f0dd5a0c7cadb2c SHA512 29103161ec2b9631fca9e8d9a97fafd60ffac3fe78cf613b834395ddcaf8be1e253c22e060d7d9f9b974b2d7ce794caa932a2125e29f6494b75bce475f7b30e1
+AUX wpa_supplicant-conf.d 291 BLAKE2B 348e7d21fe01d2fdd2117adf22444557fa3d401f649489afd1636105cdddc29d58d45659c5368cc177f919ce94a7e2b5a9ed3fe8ddccd1fba3d059d270bae1a8 SHA512 6bbb9d4f6132b3d4e20cd65f27245ccadd60712ef5794261499f882057a930a393297e491d8147e04e30c0a53645af0eb3514332587118c19b5594f23f1d62ad
AUX wpa_supplicant-init.d 1250 BLAKE2B 159ebbd5a3552cbd8fdd6d48984c3a511e77cf1e140f56fc1d3e6b16454351a270e566dd7fc4717b92251193bdf59a77f57fc3fdd1d53b067f2e5253796c041b SHA512 f7439937a11d7a91eee98ab9e16a4853ce8e27395970007ae60ca9a8b1852fadc4a37ee0bf81d7e4806c545f70b139f26942ed1630db070abe8fe8e5ce752403
AUX wpa_supplicant.conf 183 BLAKE2B ea25d56f366783548b8d4bc14615d89d1c9cff1e6535992d14fa2f87a095b6c7226fbdf6b2d2ecd5fdcc13fb413fc56d5294f906c840ab3f9386c99ea69139fc SHA512 425a5c955d462ea0d0d3f79c3e1bbf68e15b495df04ad03ed7aee12408b52616af05650dfc147ca5940d69e97360c33995d33733820fef8eb8769b31e58434e8
DIST wpa_supplicant-2.6.tar.gz 2753524 BLAKE2B 99c61326c402f60b384fa6c9a7381e43d4d021d7e44537a6e05552909270f30997da91b690d8a30aa690f0d1ce0aed7798bd8bb8972fcf6830c282ccc91193ac SHA512 46442cddb6ca043b8b08d143908f149954c238e0f3a57a0df73ca4fab9c1acd91b078f3f26375a1d99cd1d65625986328018c735d8705882c8f91e389cad28a6
EBUILD wpa_supplicant-2.6-r3.ebuild 11044 BLAKE2B ec092b2d8c8094c19ce1e019642ff074cfcc8ab40045d394e01c219fad6cb306dd0c8e6e33879c33d950d95af5bb5e851a667030aad5cc1fe6c9b5aeb6d9fc7d SHA512 2e2b23824a0a073a44e7c40cf21bc06f797a34d8768ecd645aa0f7216c81e1f0425fb09129824b1d927166f0d6fce0f4cff87afd1f65214db4546d83031c1e62
-EBUILD wpa_supplicant-2.6-r4.ebuild 11720 BLAKE2B 06b407e4fa5553cae85819459e95738e2b28f29608fd7fd5397f4827d6555ce2772eb19f536e591ef02fa8866381fd2788e9a7100900717cfc7e52f99b7b30fd SHA512 cf71f35672063730780f901b923c3b489c075457d04602b85f7d90345bccf528793bf2d51aad5658fe29c64375017c01fa149a64854f533652cfc55c52340d44
+EBUILD wpa_supplicant-2.6-r5.ebuild 11782 BLAKE2B b74866e78cc82cb5e3600135052024c11b628371932b52634754fa578c6f31ed0d58f5ba2e980fdd7f1ddf50c92e721e538098af2270a9061c64ee5e902940fe SHA512 afd5fc95a798031f7ac84fb17737a113db720686d9ad304d2abfd56b4c16468fc446926594ff87b17438d2b9c39762865782de794019a780074df87f9479307e
+EBUILD wpa_supplicant-2.6-r6.ebuild 11805 BLAKE2B 8ae07d55f314e1500dc1f68c068551f16aac685ba7eb52313e9592be4071b5c591e4463409ada2964352be1d69f6af3b4d909eb55ba33dc7f5a858d2bf43b72e SHA512 591751ace8036d456fef927878cf0b6bcd9e2fd2fc155ac263260e642fd0d802bb64f83fea0307e140e17c2936f6d9ecc9a667e81e227d7c92c52a67991c1cfd
MISC metadata.xml 1321 BLAKE2B 803180e489eb69bc2992a1fb794e16aa897f7502904771653ca507e339eb211a15d805430a27ea8fd55e64ac23799ca70a65b33f4b35639e77d67f7dabe07d56 SHA512 bcc33ebea7348879a4dcaaaa7baeae3e316e5b75919b55310be1dc2dacac6a8e8d9993ac3481d3a790c12b5515f6fd3b1f778737b4c19ecf37eedc9c2e20a9ed
diff --git a/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl-compatibility.patch b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl-compatibility.patch
new file mode 100644
index 000000000000..025da58028da
--- /dev/null
+++ b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.6-libressl-compatibility.patch
@@ -0,0 +1,106 @@
+diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
+index 19e0e2be8..6585c0245 100644
+--- a/src/crypto/crypto_openssl.c
++++ b/src/crypto/crypto_openssl.c
+@@ -33,7 +33,9 @@
+ #include "aes_wrap.h"
+ #include "crypto.h"
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++ (defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ /* Compatibility wrappers for older versions. */
+
+ static HMAC_CTX * HMAC_CTX_new(void)
+@@ -79,7 +81,9 @@ static void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
+
+ static BIGNUM * get_group5_prime(void)
+ {
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
++ !(defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ return BN_get_rfc3526_prime_1536(NULL);
+ #elif !defined(OPENSSL_IS_BORINGSSL)
+ return get_rfc3526_prime_1536(NULL);
+@@ -611,7 +615,9 @@ void crypto_cipher_deinit(struct crypto_cipher *ctx)
+
+ void * dh5_init(struct wpabuf **priv, struct wpabuf **publ)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++ (defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ DH *dh;
+ struct wpabuf *pubkey = NULL, *privkey = NULL;
+ size_t publen, privlen;
+@@ -712,7 +718,9 @@ err:
+
+ void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++ (defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ DH *dh;
+
+ dh = DH_new();
+diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
+index 23ac64b48..91acc579d 100644
+--- a/src/crypto/tls_openssl.c
++++ b/src/crypto/tls_openssl.c
+@@ -59,7 +59,8 @@ typedef int stack_index_t;
+ #endif /* SSL_set_tlsext_status_type */
+
+ #if (OPENSSL_VERSION_NUMBER < 0x10100000L || \
+- defined(LIBRESSL_VERSION_NUMBER)) && \
++ (defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)) && \
+ !defined(BORINGSSL_API_VERSION)
+ /*
+ * SSL_get_client_random() and SSL_get_server_random() were added in OpenSSL
+@@ -919,7 +920,9 @@ void * tls_init(const struct tls_config *conf)
+ }
+ #endif /* OPENSSL_FIPS */
+ #endif /* CONFIG_FIPS */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++ (defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ SSL_load_error_strings();
+ SSL_library_init();
+ #ifndef OPENSSL_NO_SHA256
+@@ -1043,7 +1046,9 @@ void tls_deinit(void *ssl_ctx)
+
+ tls_openssl_ref_count--;
+ if (tls_openssl_ref_count == 0) {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++ (defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ #ifndef OPENSSL_NO_ENGINE
+ ENGINE_cleanup();
+ #endif /* OPENSSL_NO_ENGINE */
+@@ -3105,7 +3110,9 @@ int tls_connection_get_random(void *ssl_ctx, struct tls_connection *conn,
+ #ifdef OPENSSL_NEED_EAP_FAST_PRF
+ static int openssl_get_keyblock_size(SSL *ssl)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++ (defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ const EVP_CIPHER *c;
+ const EVP_MD *h;
+ int md_size;
+@@ -4159,7 +4166,9 @@ static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len,
+ struct tls_connection *conn = arg;
+ int ret;
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
++ (defined(LIBRESSL_VERSION_NUMBER) && \
++ LIBRESSL_VERSION_NUMBER < 0x20700000L)
+ if (conn == NULL || conn->session_ticket_cb == NULL)
+ return 0;
+
diff --git a/net-wireless/wpa_supplicant/files/wpa_supplicant-conf.d b/net-wireless/wpa_supplicant/files/wpa_supplicant-conf.d
index 104b9dc5d8c3..5381c8c748e2 100644
--- a/net-wireless/wpa_supplicant/files/wpa_supplicant-conf.d
+++ b/net-wireless/wpa_supplicant/files/wpa_supplicant-conf.d
@@ -1,5 +1,9 @@
# conf.d file for wpa_supplicant
-#
+
+# uncomment this if wpa_supplicant starts up before your network interface
+# is ready and it causes issues
+# rc_want="dev-settle"
+
# Please check man 8 wpa_supplicant for more information about the options
# wpa_supplicant accepts.
#
diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r4.ebuild b/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r5.ebuild
index 02b2a20e35f8..db98a23c929a 100644
--- a/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r4.ebuild
+++ b/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r5.ebuild
@@ -13,7 +13,7 @@ LICENSE="|| ( GPL-2 BSD )"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
IUSE="ap dbus eap-sim eapol_test fasteap gnutls +hs2-0 libressl p2p privsep ps3 qt5 readline selinux smartcard ssl tdls uncommon-eap-types wimax wps kernel_linux kernel_FreeBSD"
-REQUIRED_USE="fasteap? ( !ssl ) smartcard? ( ssl )"
+REQUIRED_USE="smartcard? ( ssl )"
CDEPEND="dbus? ( sys-apps/dbus )
kernel_linux? (
@@ -38,7 +38,7 @@ CDEPEND="dbus? ( sys-apps/dbus )
net-libs/gnutls:=
)
!gnutls? (
- !libressl? ( dev-libs/openssl:0= )
+ !libressl? ( >=dev-libs/openssl-1.0.2k:0= )
libressl? ( dev-libs/libressl:0= )
)
)
@@ -142,6 +142,9 @@ src_prepare() {
eapply "${FILESDIR}/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch"
eapply "${FILESDIR}/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch"
eapply "${FILESDIR}/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch"
+
+ # bug (640492)
+ sed -i 's#-Werror ##' wpa_supplicant/Makefile || die
}
src_configure() {
diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r6.ebuild b/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r6.ebuild
new file mode 100644
index 000000000000..ad09f128b089
--- /dev/null
+++ b/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r6.ebuild
@@ -0,0 +1,436 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit eutils qmake-utils systemd toolchain-funcs readme.gentoo-r1
+
+DESCRIPTION="IEEE 802.1X/WPA supplicant for secure wireless transfers"
+HOMEPAGE="https://w1.fi/wpa_supplicant/"
+SRC_URI="https://w1.fi/releases/${P}.tar.gz"
+LICENSE="|| ( GPL-2 BSD )"
+
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="ap dbus eap-sim eapol_test fasteap gnutls +hs2-0 libressl p2p privsep ps3 qt5 readline selinux smartcard ssl tdls uncommon-eap-types wimax wps kernel_linux kernel_FreeBSD"
+REQUIRED_USE="smartcard? ( ssl )"
+
+CDEPEND="dbus? ( sys-apps/dbus )
+ kernel_linux? (
+ dev-libs/libnl:3
+ net-wireless/crda
+ eap-sim? ( sys-apps/pcsc-lite )
+ )
+ !kernel_linux? ( net-libs/libpcap )
+ qt5? (
+ dev-qt/qtcore:5
+ dev-qt/qtgui:5
+ dev-qt/qtsvg:5
+ dev-qt/qtwidgets:5
+ )
+ readline? (
+ sys-libs/ncurses:0=
+ sys-libs/readline:0=
+ )
+ ssl? (
+ gnutls? (
+ dev-libs/libgcrypt:0=
+ net-libs/gnutls:=
+ )
+ !gnutls? (
+ !libressl? ( >=dev-libs/openssl-1.0.2k:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+ )
+ !ssl? ( dev-libs/libtommath )
+"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig
+"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-networkmanager )
+"
+
+DOC_CONTENTS="
+ If this is a clean installation of wpa_supplicant, you
+ have to create a configuration file named
+ ${EROOT%/}/etc/wpa_supplicant/wpa_supplicant.conf
+ An example configuration file is available for reference in
+ ${EROOT%/}/usr/share/doc/${PF}/
+"
+
+S="${WORKDIR}/${P}/${PN}"
+
+Kconfig_style_config() {
+ #param 1 is CONFIG_* item
+ #param 2 is what to set it = to, defaulting in y
+ CONFIG_PARAM="${CONFIG_HEADER:-CONFIG_}$1"
+ setting="${2:-y}"
+
+ if [ ! $setting = n ]; then
+ #first remove any leading "# " if $2 is not n
+ sed -i "/^# *$CONFIG_PARAM=/s/^# *//" .config || echo "Kconfig_style_config error uncommenting $CONFIG_PARAM"
+ #set item = $setting (defaulting to y)
+ sed -i "/^$CONFIG_PARAM/s/=.*/=$setting/" .config || echo "Kconfig_style_config error setting $CONFIG_PARAM=$setting"
+ if [ -z "$( grep ^$CONFIG_PARAM= .config )" ] ; then
+ echo "$CONFIG_PARAM=$setting" >>.config
+ fi
+ else
+ #ensure item commented out
+ sed -i "/^$CONFIG_PARAM/s/$CONFIG_PARAM/# $CONFIG_PARAM/" .config || echo "Kconfig_style_config error commenting $CONFIG_PARAM"
+ fi
+}
+
+pkg_setup() {
+ if use ssl ; then
+ if use gnutls && use libressl ; then
+ elog "You have both 'gnutls' and 'libressl' USE flags enabled: defaulting to USE=\"gnutls\""
+ fi
+ else
+ elog "You have 'ssl' USE flag disabled: defaulting to internal TLS implementation"
+ fi
+}
+
+src_prepare() {
+ default
+
+ # net/bpf.h needed for net-libs/libpcap on Gentoo/FreeBSD
+ sed -i \
+ -e "s:\(#include <pcap\.h>\):#include <net/bpf.h>\n\1:" \
+ ../src/l2_packet/l2_packet_freebsd.c || die
+
+ # People seem to take the example configuration file too literally (bug #102361)
+ sed -i \
+ -e "s:^\(opensc_engine_path\):#\1:" \
+ -e "s:^\(pkcs11_engine_path\):#\1:" \
+ -e "s:^\(pkcs11_module_path\):#\1:" \
+ wpa_supplicant.conf || die
+
+ # Change configuration to match Gentoo locations (bug #143750)
+ sed -i \
+ -e "s:/usr/lib/opensc:/usr/$(get_libdir):" \
+ -e "s:/usr/lib/pkcs11:/usr/$(get_libdir):" \
+ wpa_supplicant.conf || die
+
+ # systemd entries to D-Bus service files (bug #372877)
+ echo 'SystemdService=wpa_supplicant.service' \
+ | tee -a dbus/*.service >/dev/null || die
+
+ cd "${WORKDIR}/${P}" || die
+
+ if use wimax; then
+ # generate-libeap-peer.patch comes before
+ # fix-undefined-reference-to-random_get_bytes.patch
+ eapply "${FILESDIR}/${P}-generate-libeap-peer.patch"
+
+ # multilib-strict fix (bug #373685)
+ sed -e "s/\/usr\/lib/\/usr\/$(get_libdir)/" -i src/eap_peer/Makefile || die
+ fi
+
+ # bug (320097)
+ eapply "${FILESDIR}/${P}-do-not-call-dbus-functions-with-NULL-path.patch"
+
+ # bug (596332 & 651314)
+ eapply "${FILESDIR}/${P}-libressl-compatibility.patch"
+
+ # https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch"
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch"
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch"
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch"
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch"
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch"
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch"
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch"
+
+ # bug (640492)
+ sed -i 's#-Werror ##' wpa_supplicant/Makefile || die
+}
+
+src_configure() {
+ # Toolchain setup
+ tc-export CC
+
+ cp defconfig .config || die
+
+ # Basic setup
+ Kconfig_style_config CTRL_IFACE
+ Kconfig_style_config MATCH_IFACE
+ Kconfig_style_config BACKEND file
+ Kconfig_style_config IBSS_RSN
+ Kconfig_style_config IEEE80211W
+ Kconfig_style_config IEEE80211R
+
+ # Basic authentication methods
+ # NOTE: we don't set GPSK or SAKE as they conflict
+ # with the below options
+ Kconfig_style_config EAP_GTC
+ Kconfig_style_config EAP_MD5
+ Kconfig_style_config EAP_OTP
+ Kconfig_style_config EAP_PAX
+ Kconfig_style_config EAP_PSK
+ Kconfig_style_config EAP_TLV
+ Kconfig_style_config EAP_EXE
+ Kconfig_style_config IEEE8021X_EAPOL
+ Kconfig_style_config PKCS12
+ Kconfig_style_config PEERKEY
+ Kconfig_style_config EAP_LEAP
+ Kconfig_style_config EAP_MSCHAPV2
+ Kconfig_style_config EAP_PEAP
+ Kconfig_style_config EAP_TLS
+ Kconfig_style_config EAP_TTLS
+
+ # Enabling background scanning.
+ Kconfig_style_config BGSCAN_SIMPLE
+ Kconfig_style_config BGSCAN_LEARN
+
+ if use dbus ; then
+ Kconfig_style_config CTRL_IFACE_DBUS
+ Kconfig_style_config CTRL_IFACE_DBUS_NEW
+ Kconfig_style_config CTRL_IFACE_DBUS_INTRO
+ fi
+
+ if use eapol_test ; then
+ Kconfig_style_config EAPOL_TEST
+ fi
+
+ # Enable support for writing debug info to a log file and syslog.
+ Kconfig_style_config DEBUG_FILE
+ Kconfig_style_config DEBUG_SYSLOG
+
+ if use hs2-0 ; then
+ Kconfig_style_config INTERWORKING
+ Kconfig_style_config HS20
+ fi
+
+ if use uncommon-eap-types; then
+ Kconfig_style_config EAP_GPSK
+ Kconfig_style_config EAP_SAKE
+ Kconfig_style_config EAP_GPSK_SHA256
+ Kconfig_style_config EAP_IKEV2
+ Kconfig_style_config EAP_EKE
+ fi
+
+ if use eap-sim ; then
+ # Smart card authentication
+ Kconfig_style_config EAP_SIM
+ Kconfig_style_config EAP_AKA
+ Kconfig_style_config EAP_AKA_PRIME
+ Kconfig_style_config PCSC
+ fi
+
+ if use fasteap ; then
+ Kconfig_style_config EAP_FAST
+ fi
+
+ if use readline ; then
+ # readline/history support for wpa_cli
+ Kconfig_style_config READLINE
+ else
+ #internal line edit mode for wpa_cli
+ Kconfig_style_config WPA_CLI_EDIT
+ fi
+
+ # SSL authentication methods
+ if use ssl ; then
+ if use gnutls ; then
+ Kconfig_style_config TLS gnutls
+ Kconfig_style_config GNUTLS_EXTRA
+ else
+ Kconfig_style_config TLS openssl
+ Kconfig_style_config EAP_PWD
+
+ # Enabling mesh networks.
+ Kconfig_style_config MESH
+ fi
+ else
+ Kconfig_style_config TLS internal
+ fi
+
+ if use smartcard ; then
+ Kconfig_style_config SMARTCARD
+ fi
+
+ if use tdls ; then
+ Kconfig_style_config TDLS
+ fi
+
+ if use kernel_linux ; then
+ # Linux specific drivers
+ Kconfig_style_config DRIVER_ATMEL
+ Kconfig_style_config DRIVER_HOSTAP
+ Kconfig_style_config DRIVER_IPW
+ Kconfig_style_config DRIVER_NL80211
+ Kconfig_style_config DRIVER_RALINK
+ Kconfig_style_config DRIVER_WEXT
+ Kconfig_style_config DRIVER_WIRED
+
+ if use ps3 ; then
+ Kconfig_style_config DRIVER_PS3
+ fi
+
+ elif use kernel_FreeBSD ; then
+ # FreeBSD specific driver
+ Kconfig_style_config DRIVER_BSD
+ fi
+
+ # Wi-Fi Protected Setup (WPS)
+ if use wps ; then
+ Kconfig_style_config WPS
+ Kconfig_style_config WPS2
+ # USB Flash Drive
+ Kconfig_style_config WPS_UFD
+ # External Registrar
+ Kconfig_style_config WPS_ER
+ # Universal Plug'n'Play
+ Kconfig_style_config WPS_UPNP
+ # Near Field Communication
+ Kconfig_style_config WPS_NFC
+ fi
+
+ # Wi-Fi Direct (WiDi)
+ if use p2p ; then
+ Kconfig_style_config P2P
+ Kconfig_style_config WIFI_DISPLAY
+ fi
+
+ # Access Point Mode
+ if use ap ; then
+ Kconfig_style_config AP
+ fi
+
+ # Enable essentials for AP/P2P
+ if use ap || use p2p ; then
+ # Enabling HT support (802.11n)
+ Kconfig_style_config IEEE80211N
+
+ # Enabling VHT support (802.11ac)
+ Kconfig_style_config IEEE80211AC
+ fi
+
+ # Enable mitigation against certain attacks against TKIP
+ Kconfig_style_config DELAYED_MIC_ERROR_REPORT
+
+ if use privsep ; then
+ Kconfig_style_config PRIVSEP
+ fi
+
+ # If we are using libnl 2.0 and above, enable support for it
+ # Bug 382159
+ # Removed for now, since the 3.2 version is broken, and we don't
+ # support it.
+ if has_version ">=dev-libs/libnl-3.2"; then
+ Kconfig_style_config LIBNL32
+ fi
+
+ if use qt5 ; then
+ pushd "${S}"/wpa_gui-qt4 > /dev/null || die
+ eqmake5 wpa_gui.pro
+ popd > /dev/null || die
+ fi
+}
+
+src_compile() {
+ einfo "Building wpa_supplicant"
+ emake V=1 BINDIR=/usr/sbin
+
+ if use wimax; then
+ emake -C ../src/eap_peer clean
+ emake -C ../src/eap_peer
+ fi
+
+ if use qt5; then
+ einfo "Building wpa_gui"
+ emake -C "${S}"/wpa_gui-qt4
+ fi
+
+ if use eapol_test ; then
+ emake eapol_test
+ fi
+}
+
+src_install() {
+ dosbin wpa_supplicant
+ use privsep && dosbin wpa_priv
+ dobin wpa_cli wpa_passphrase
+
+ # baselayout-1 compat
+ if has_version "<sys-apps/baselayout-2.0.0"; then
+ dodir /sbin
+ dosym ../usr/sbin/wpa_supplicant /sbin/wpa_supplicant
+ dodir /bin
+ dosym ../usr/bin/wpa_cli /bin/wpa_cli
+ fi
+
+ if has_version ">=sys-apps/openrc-0.5.0"; then
+ newinitd "${FILESDIR}/${PN}-init.d" wpa_supplicant
+ newconfd "${FILESDIR}/${PN}-conf.d" wpa_supplicant
+ fi
+
+ exeinto /etc/wpa_supplicant/
+ newexe "${FILESDIR}/wpa_cli.sh" wpa_cli.sh
+
+ readme.gentoo_create_doc
+ dodoc ChangeLog {eap_testing,todo}.txt README{,-WPS} \
+ wpa_supplicant.conf
+
+ newdoc .config build-config
+
+ doman doc/docbook/*.{5,8}
+
+ if use qt5 ; then
+ into /usr
+ dobin wpa_gui-qt4/wpa_gui
+ doicon wpa_gui-qt4/icons/wpa_gui.svg
+ make_desktop_entry wpa_gui "WPA Supplicant Administration GUI" "wpa_gui" "Qt;Network;"
+ else
+ rm "${ED}"/usr/share/man/man8/wpa_gui.8
+ fi
+
+ use wimax && emake DESTDIR="${D}" -C ../src/eap_peer install
+
+ if use dbus ; then
+ pushd "${S}"/dbus > /dev/null || die
+ insinto /etc/dbus-1/system.d
+ newins dbus-wpa_supplicant.conf wpa_supplicant.conf
+ insinto /usr/share/dbus-1/system-services
+ doins fi.epitest.hostap.WPASupplicant.service fi.w1.wpa_supplicant1.service
+ popd > /dev/null || die
+
+ # This unit relies on dbus support, bug 538600.
+ systemd_dounit systemd/wpa_supplicant.service
+ fi
+
+ if use eapol_test ; then
+ dobin eapol_test
+ fi
+
+ systemd_dounit "systemd/wpa_supplicant@.service"
+ systemd_dounit "systemd/wpa_supplicant-nl80211@.service"
+ systemd_dounit "systemd/wpa_supplicant-wired@.service"
+}
+
+pkg_postinst() {
+ readme.gentoo_print_elog
+
+ if [[ -e "${EROOT%/}"/etc/wpa_supplicant.conf ]] ; then
+ echo
+ ewarn "WARNING: your old configuration file ${EROOT%/}/etc/wpa_supplicant.conf"
+ ewarn "needs to be moved to ${EROOT%/}/etc/wpa_supplicant/wpa_supplicant.conf"
+ fi
+
+ # Mea culpa, feel free to remove that after some time --mgorny.
+ local fn
+ for fn in wpa_supplicant{,@wlan0}.service; do
+ if [[ -e "${EROOT%/}"/etc/systemd/system/network.target.wants/${fn} ]]
+ then
+ ebegin "Moving ${fn} to multi-user.target"
+ mv "${EROOT%/}"/etc/systemd/system/network.target.wants/${fn} \
+ "${EROOT%/}"/etc/systemd/system/multi-user.target.wants/ || die
+ eend ${?} \
+ "Please try to re-enable ${fn}"
+ fi
+ done
+
+ systemd_reenable wpa_supplicant.service
+}