From 33cb62354b5501a0ea591ec46779c882f4698819 Mon Sep 17 00:00:00 2001 From: sthen Date: Sat, 28 Dec 2019 18:58:36 +0000 Subject: [PATCH] update to wpa_supplicant 2.9, tests/ok phessler@ kn@ --- security/wpa_supplicant/Makefile | 5 +-- security/wpa_supplicant/distinfo | 4 +- .../patches/patch-wpa_supplicant_ctrl_iface_c | 13 ++++++ .../patches/patch-wpa_supplicant_defconfig | 42 +++++++++---------- 4 files changed, 38 insertions(+), 26 deletions(-) create mode 100644 security/wpa_supplicant/patches/patch-wpa_supplicant_ctrl_iface_c diff --git a/security/wpa_supplicant/Makefile b/security/wpa_supplicant/Makefile index 5a5189df61e..1ae7b15dc8e 100644 --- a/security/wpa_supplicant/Makefile +++ b/security/wpa_supplicant/Makefile @@ -1,9 +1,8 @@ -# $OpenBSD: Makefile,v 1.47 2019/12/28 17:50:11 sthen Exp $ +# $OpenBSD: Makefile,v 1.48 2019/12/28 18:58:36 sthen Exp $ COMMENT= IEEE 802.1X supplicant -DISTNAME= wpa_supplicant-2.8 -REVISION= 2 +DISTNAME= wpa_supplicant-2.9 CATEGORIES= security net HOMEPAGE= https://w1.fi/wpa_supplicant/ diff --git a/security/wpa_supplicant/distinfo b/security/wpa_supplicant/distinfo index 9414865c062..3128f1abf8c 100644 --- a/security/wpa_supplicant/distinfo +++ b/security/wpa_supplicant/distinfo @@ -1,2 +1,2 @@ -SHA256 (wpa_supplicant-2.8.tar.gz) = pokzahKpkVG53l4lv8ytuIQ49PRDjrjbMxzZQ0b9PZY= -SIZE (wpa_supplicant-2.8.tar.gz) = 3155904 +SHA256 (wpa_supplicant-2.9.tar.gz) = /L3ue0pkvqgXeXMpnIyCRBnEE+wuOpXbY91qXcNUHxc= +SIZE (wpa_supplicant-2.9.tar.gz) = 3231785 diff --git a/security/wpa_supplicant/patches/patch-wpa_supplicant_ctrl_iface_c b/security/wpa_supplicant/patches/patch-wpa_supplicant_ctrl_iface_c new file mode 100644 index 00000000000..0cbd19c4f20 --- /dev/null +++ b/security/wpa_supplicant/patches/patch-wpa_supplicant_ctrl_iface_c @@ -0,0 +1,13 @@ +$OpenBSD: patch-wpa_supplicant_ctrl_iface_c,v 1.1 2019/12/28 18:58:36 sthen Exp $ + +Index: wpa_supplicant/ctrl_iface.c +--- wpa_supplicant/ctrl_iface.c.orig ++++ wpa_supplicant/ctrl_iface.c +@@ -11,7 +11,6 @@ + #include + #endif /* CONFIG_TESTING_OPTIONS */ + +-#include + #include "utils/common.h" + #include "utils/eloop.h" + #include "utils/uuid.h" diff --git a/security/wpa_supplicant/patches/patch-wpa_supplicant_defconfig b/security/wpa_supplicant/patches/patch-wpa_supplicant_defconfig index c90d6b2ab0f..e4742abe42a 100644 --- a/security/wpa_supplicant/patches/patch-wpa_supplicant_defconfig +++ b/security/wpa_supplicant/patches/patch-wpa_supplicant_defconfig @@ -1,4 +1,4 @@ -$OpenBSD: patch-wpa_supplicant_defconfig,v 1.1 2019/11/19 14:35:59 sthen Exp $ +$OpenBSD: patch-wpa_supplicant_defconfig,v 1.2 2019/12/28 18:58:36 sthen Exp $ Index: wpa_supplicant/.config --- wpa_supplicant/.config.orig @@ -36,16 +36,16 @@ Index: wpa_supplicant/.config # Driver interface for Windows NDIS #CONFIG_DRIVER_NDIS=y #CFLAGS += -I/usr/include/w32api/ddk -@@ -118,7 +120,7 @@ CONFIG_EAP_GTC=y +@@ -128,7 +130,7 @@ CONFIG_EAP_GTC=y CONFIG_EAP_OTP=y # EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) -#CONFIG_EAP_SIM=y +CONFIG_EAP_SIM=y - # EAP-PSK (experimental; this is _not_ needed for WPA-PSK) - #CONFIG_EAP_PSK=y -@@ -133,7 +135,7 @@ CONFIG_EAP_PAX=y + # Enable SIM simulator (Milenage) for EAP-SIM + #CONFIG_SIM_SIMULATOR=y +@@ -146,7 +148,7 @@ CONFIG_EAP_PAX=y CONFIG_EAP_LEAP=y # EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) @@ -54,7 +54,7 @@ Index: wpa_supplicant/.config # EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used). # This requires CONFIG_EAP_AKA to be enabled, too. -@@ -151,10 +153,10 @@ CONFIG_EAP_GPSK=y +@@ -164,10 +166,10 @@ CONFIG_EAP_GPSK=y CONFIG_EAP_GPSK_SHA256=y # EAP-TNC and related Trusted Network Connect support (experimental) @@ -67,7 +67,7 @@ Index: wpa_supplicant/.config # Enable WPS external registrar functionality #CONFIG_WPS_ER=y # Disable credentials for an open network by default when acting as a WPS -@@ -182,7 +184,7 @@ CONFIG_SMARTCARD=y +@@ -195,7 +197,7 @@ CONFIG_SMARTCARD=y # PC/SC interface for smartcards (USIM, GSM SIM) # Enable this if EAP-SIM or EAP-AKA is included @@ -76,7 +76,7 @@ Index: wpa_supplicant/.config # Support HT overrides (disable HT/HT40, mask MCS rates, etc.) #CONFIG_HT_OVERRIDES=y -@@ -191,7 +193,7 @@ CONFIG_SMARTCARD=y +@@ -204,7 +206,7 @@ CONFIG_SMARTCARD=y #CONFIG_VHT_OVERRIDES=y # Development testing @@ -85,7 +85,7 @@ Index: wpa_supplicant/.config # Select control interface backend for external programs, e.g, wpa_cli: # unix = UNIX domain sockets (default for Linux/*BSD) -@@ -233,7 +235,7 @@ CONFIG_CTRL_IFACE=y +@@ -246,7 +248,7 @@ CONFIG_CTRL_IFACE=y #CONFIG_NO_WPA_PASSPHRASE=y # Simultaneous Authentication of Equals (SAE), WPA3-Personal @@ -94,7 +94,7 @@ Index: wpa_supplicant/.config # Disable scan result processing (ap_mode=1) to save code size by about 1 kB. # This can be used if ap_scan=1 mode is never enabled. -@@ -299,7 +301,7 @@ CONFIG_BACKEND=file +@@ -312,7 +314,7 @@ CONFIG_BACKEND=file # IEEE 802.11w (management frame protection), also known as PMF # Driver support is also needed for IEEE 802.11w. @@ -103,7 +103,7 @@ Index: wpa_supplicant/.config # Support Operating Channel Validation #CONFIG_OCV=y -@@ -317,14 +319,14 @@ CONFIG_IEEE80211W=y +@@ -330,14 +332,14 @@ CONFIG_IEEE80211W=y # are used. It should be noted that some existing TLS v1.0 -based # implementation may not be compatible with TLS v1.1 message (ClientHello is # sent prior to negotiating which version will be used) @@ -120,7 +120,7 @@ Index: wpa_supplicant/.config # Select which ciphers to use by default with OpenSSL if the user does not # specify them. -@@ -354,10 +356,10 @@ CONFIG_IEEE80211W=y +@@ -367,10 +369,10 @@ CONFIG_IEEE80211W=y # Add support for new DBus control interface # (fi.w1.hostap.wpa_supplicant1) @@ -133,7 +133,7 @@ Index: wpa_supplicant/.config # Add support for loading EAP methods dynamically as shared libraries. # When this option is enabled, each EAP method can be either included -@@ -381,7 +383,7 @@ CONFIG_CTRL_IFACE_DBUS_INTRO=y +@@ -394,7 +396,7 @@ CONFIG_CTRL_IFACE_DBUS_INTRO=y #CONFIG_DYNAMIC_EAP_METHODS=y # IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode @@ -142,7 +142,7 @@ Index: wpa_supplicant/.config # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) CONFIG_DEBUG_FILE=y -@@ -455,7 +457,7 @@ CONFIG_DEBUG_SYSLOG=y +@@ -468,7 +470,7 @@ CONFIG_DEBUG_SYSLOG=y # disabled. This will save some in binary size and CPU use. However, this # should only be considered for builds that are known to be used on devices # that meet the requirements described above. @@ -151,7 +151,7 @@ Index: wpa_supplicant/.config # Should we attempt to use the getrandom(2) call that provides more reliable # yet secure randomness source than /dev/random on Linux 3.17 and newer. -@@ -463,11 +465,11 @@ CONFIG_DEBUG_SYSLOG=y +@@ -476,11 +478,11 @@ CONFIG_DEBUG_SYSLOG=y #CONFIG_GETRANDOM=y # IEEE 802.11n (High Throughput) support (mainly for AP mode) @@ -165,7 +165,7 @@ Index: wpa_supplicant/.config # Wireless Network Management (IEEE Std 802.11v-2011) # Note: This is experimental and not complete implementation. -@@ -477,10 +479,10 @@ CONFIG_IEEE80211AC=y +@@ -490,10 +492,10 @@ CONFIG_IEEE80211AC=y # This can be used to enable functionality to improve interworking with # external networks (GAS/ANQP to learn more about the networks and network # selection based on available credentials). @@ -178,7 +178,7 @@ Index: wpa_supplicant/.config # Enable interface matching in wpa_supplicant #CONFIG_MATCH_IFACE=y -@@ -493,12 +495,12 @@ CONFIG_HS20=y +@@ -506,12 +508,12 @@ CONFIG_HS20=y # should be noted that this is mainly aimed at simple cases like # WPA2-Personal while more complex configurations like WPA2-Enterprise with an # external RADIUS server can be supported with hostapd. @@ -193,7 +193,7 @@ Index: wpa_supplicant/.config # Enable TDLS support #CONFIG_TDLS=y -@@ -506,7 +508,7 @@ CONFIG_P2P=y +@@ -519,7 +521,7 @@ CONFIG_P2P=y # Wi-Fi Display # This can be used to enable Wi-Fi Display extensions for P2P using an external # program to control the additional information exchanges in the messages. @@ -202,7 +202,7 @@ Index: wpa_supplicant/.config # Autoscan # This can be used to enable automatic scan support in wpa_supplicant. -@@ -572,7 +574,7 @@ CONFIG_WIFI_DISPLAY=y +@@ -585,7 +587,7 @@ CONFIG_WIFI_DISPLAY=y # Support RSN on IBSS networks # This is needed to be able to use mode=1 network profile with proto=RSN and # key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None). @@ -211,7 +211,7 @@ Index: wpa_supplicant/.config # External PMKSA cache control # This can be used to enable control interface commands that allow the current -@@ -587,7 +589,7 @@ CONFIG_IBSS_RSN=y +@@ -600,7 +602,7 @@ CONFIG_IBSS_RSN=y # operations for roaming within an ESS (same SSID). See the bgscan parameter in # the wpa_supplicant.conf file for more details. # Periodic background scans based on signal strength @@ -220,7 +220,7 @@ Index: wpa_supplicant/.config # Learn channels used by the network and try to avoid bgscans on other # channels (experimental) #CONFIG_BGSCAN_LEARN=y -@@ -599,4 +601,4 @@ CONFIG_BGSCAN_SIMPLE=y +@@ -612,4 +614,4 @@ CONFIG_BGSCAN_SIMPLE=y # Device Provisioning Protocol (DPP) # This requires CONFIG_IEEE80211W=y to be enabled, too. (see # wpa_supplicant/README-DPP for details)