Adding security fixes wrt. bug #554862

Package-Manager: portage-2.2.20/cvs/Linux x86_64 Manifest-Sign-Key: 0x15AE484C
author: Bjarke Istrup Pedersen <gurligebis@gentoo.org> 2015-07-14 19:36:39 +0000
committer: Bjarke Istrup Pedersen <gurligebis@gentoo.org> 2015-07-14 19:36:39 +0000
commit: 5454d64f31a7307bd0bceebea949bc6901f553b0 (patch)
tree: 9953372896d731fca8c7d182c4cf543678807f5e /net-wireless
parent: Stable on alpha, bug 553584 (diff)
download: historical-5454d64f31a7307bd0bceebea949bc6901f553b0.tar.gz
historical-5454d64f31a7307bd0bceebea949bc6901f553b0.tar.bz2
historical-5454d64f31a7307bd0bceebea949bc6901f553b0.zip
5 files changed, 330 insertions, 5 deletions
diff --git a/net-wireless/hostapd/ChangeLog b/net-wireless/hostapd/ChangeLog
index 53a4e362984e..a28a3c6124c7 100644
--- a/net-wireless/hostapd/ChangeLog
+++ b/net-wireless/hostapd/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for net-wireless/hostapd
 # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-wireless/hostapd/ChangeLog,v 1.160 2015/05/20 11:07:18 gurligebis Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-wireless/hostapd/ChangeLog,v 1.161 2015/07/14 19:36:35 gurligebis Exp $
+
+*hostapd-2.4-r3 (14 Jul 2015)
+
+  14 Jul 2015; <gurligebis@gentoo.org> +hostapd-2.4-r3.ebuild,
+  +files/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch,
+  +files/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch
+  :
+  Adding security fixes wrt. bug #554862
 
   20 May 2015; <gurligebis@gentoo.org> -hostapd-2.0-r1.ebuild,
   -files/hostapd-2.0-tls_length_fix.patch, metadata.xml:
diff --git a/net-wireless/hostapd/Manifest b/net-wireless/hostapd/Manifest
index 8facb2e54fa3..986943821a69 100644
--- a/net-wireless/hostapd/Manifest
+++ b/net-wireless/hostapd/Manifest
@@ -8,18 +8,21 @@ AUX 2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch 2359
 AUX 2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch 1859 SHA256 2fd42fb53be793c54343aa18a84afebe4603aa6ce8b6969ad6b3a8d327c6b142 SHA512 341901aa94c44ae725b6d4dddac2a52b6457234189554fc282c9cf5fa0254125d7323553a7b8118f9a3e2020f039267ed4c912f84ac6f2cb12670b40c28ac652 WHIRLPOOL 3e3b4cab765f373713fc41448ef65e8931a83449438fb7a8e3ab0a34c728a4a5772f996a04ee4b747b292044b1452a0821609e419a15dd681c70c063a125dcc0
 AUX 2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch 1806 SHA256 c28ca6303a562809dfd1812f9b918808b3b0f0c52cc43070fd1777e1cfc88f18 SHA512 b752f91c3d6dcf0784d9cb20a0c7f8de6c837c38ff62cf77b136d9b818890b13f55eeed1d6097f244181b480be953e1bdfb5651116dc5d62a2d02c018e19042a WHIRLPOOL 069602c36d30afb3df5d9a722da680a9e5450e2272c84776076ef16a6d871397741b51a0460eca5dd7355d06e2f8b8e9adfb03e8caa7e58cde3c4b2a019df48b
 AUX 2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch 1207 SHA256 04ef66fbd5b2167274cd7123d7f7252963b9a9c1ec2f5edf6558a6ad92d47689 SHA512 07a21f0cc7d00e17bed8ef5ced36159020a410a4606aa0ca24e47223835ab0cc5fbeed3075c4f17d2ce1aee437eedf9fea8f4b95252b2fa255d54a195637cb6f WHIRLPOOL b61d0065dea90cb2234d621b7ecd6e6f9cf29e21b2b7011b275ea25f75a9e7a68c3be53f8cd8a47fb6340567d630d7d0843178a12660f9942f6c7769f2f237b8
+AUX 2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch 833 SHA256 fe43c98a5b666137721014cc394dbcc9df21eb13bde72c749fe4453d63acac44 SHA512 2ee7549958fede0328764cc1dd03bba1bae350dfdae1327690536058b2a54d489137f9e653e34b3c05efbf9ede0bb9d1fa9e3b64215a0d7d960f311eae5b8964 WHIRLPOOL fd141abc9c7d5017cce37f805c141bc46ff171377aec243ccd0bac32940842c29187ef3495f1642fe1938c186bd795dcaa74ab4e90a8700175ec5115d1c9577b
+AUX 2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch 2411 SHA256 d6d7ebbbd6471257ecec7c23170e75a41036e70984c44c6e820f59344f8782f4 SHA512 44de7942ab49b2809fc2fcc45479f9e1e7e4ab2eff68e3bed2965dffe747efd029105af6727693baeb26bc7c6161e62c310c7829e0f19476c705b06841536aab WHIRLPOOL 78ffd2982c9ca6fe786913c060b930ad3bbf2256cd76f50dcf3a28b7e0915ca4329365f624fe8060f24cf4017acf2f0e85b7ac1cd5d9887293a6bbfaebf93b9a
 AUX hostapd-conf.d 245 SHA256 916f4b14095ee4ec8a510391c883e9f01868e18d79a3d5cbeb13a104a793d45d SHA512 f07a6cd209eca351b8545017c5f025282c3fdea838ca3df49e362571ded43973281ce4ff83984b1299db15ea9b5c21a42cbda91432220af9146bf034e2265c30 WHIRLPOOL 0ab1dbd8e04df9e7b8ae875dfdfdcdd770e4fcb62197bb81e47588a9ecf0b8bb715adbde34f2be82d630fdd536e9f888f463dd12cab0c06220c345b0093a3dd5
 AUX hostapd-hlr_auc_gw-openssl.patch 1232 SHA256 4c5b17af2825611ae479b7037b0dcdf19eab49f97c2191a3cfda709befd3ca30 SHA512 53f5dbcd03d3c824c13c02f69680cd581cb1107e48b8e63a281cef1339ff0303cbcb91e9b46640b28daec4252d7aa6069ea541a260900201a00e1d484a6b7a7e WHIRLPOOL 8eda4cbf0a80a5386d3599a1e5753b17038c34568823c14e12ed56af0da1f98a1a712a1f5ab930e98b67bf73704f3225771c6d60ba5ffb8de3a02f49564c4f6b
 AUX hostapd-init.d 858 SHA256 b9701b9ea509638ee1ed74bec38a22e6bd7358763497ce53c146d2faf9e97a61 SHA512 f34c28422aad0ccc7f144ce391f908d38cac2a04785358337f962da401449ca83e310714f9d852cec9c119d7d2457b9264309b87a553f194b3cde66686000c2d WHIRLPOOL 456dd8982344e31a9c198fbc66d27e2f5080abcf974bced857ecfc5825ac8212829383525cbe81edfda01323133414a62eada9af84f3c80424077dcb7d822217
 AUX hostapd.service 213 SHA256 16f0612c192fb5d7e7de716f25fdfc2ccecc35a00ff745ae67e02d7292558d8f SHA512 4d1a1619c49ad0272f360d2c9d79f2fd30503786fe8f22dd3fc4abcc39176029fe907c79d22f168c100b0d7b4ac969b5f4b5815d5ebe6805db5881dda69eef29 WHIRLPOOL 3e415fa8068aa429cb37c7957d396d5e261b5843ae06eb81370728be36573e59e90707c7047b336eb82562e98017608e712ceb28afe2bae385b2821e1cdbd856
 DIST hostapd-2.4.tar.gz 1658872 SHA256 6fe0eb6bd1c9cbd24952ece8586b6f7bd14ab358edfda99794e79b9b9dbd657f SHA512 37e648fe9cce92923ab1d1e23a4267e274c988785d7be5610f1affca425ffa86b438de81e37446926a0f9158d6b67ee83e6396c3f81d571545c973dddbf1ffe3 WHIRLPOOL 78484c7e09725ba967c8815c3d8b0ffcc0c56daaec4acc79bc15c7392084c8642a2b41156b2c6a6360badb7e9d23792699d452fe600b56e3d62dd569188b6c2c
 EBUILD hostapd-2.4-r2.ebuild 6112 SHA256 6f6e4ed4b40ee4e76397f736f1edeca4be4b4657a2ee5412a87e712ba703355f SHA512 eff530c55c817dc737c3f19d1788e339dc81dae60f358d38b5ea7d954c7c8f96b1611b8bd5db4dcb538926572973dd8ec82f62f3012b794da3d349667c57b623 WHIRLPOOL ff6260475ce19a3d7d18ee382fe7ccf071ba09ae80bdf88ad48bf356580afec2082878f79fe1303d81b0dfaa543422114af5dd16858c6c193cdf1af13e041eb0
-MISC ChangeLog 28278 SHA256 e32b066c7c058949bb6231ef5dc443ba5513855c4b025d80106b2baac0f2a377 SHA512 5bc2a12fb30cc85158bc4c1568c2ab74e0bfd55d9eb9443b8f778130b5d2c3f620cb82a82ed8dacb1a36ffb96ece47faf999908f298451a6f0dadfb3ed0cfcca WHIRLPOOL 10ae99db18765f183ea384600a00d5ac2732e1f19f1f0d9461e23fd18b48a554d84b83659b3c837ab900aab856f1000708fe05e60a9a1f44944aafd46b629023
+EBUILD hostapd-2.4-r3.ebuild 6315 SHA256 3dc9cb72e5f19f364d004872740738600d753bc68653d50e0af4595b6a16cfc7 SHA512 d5f152f3bece480a1c1ff3420f0924030e5c00a119d955de0cea4f5f6898c498b531e6ce4e8005d29aed0b0d0bb36932693f35b905fa9d2f169ffca6b5f51db4 WHIRLPOOL 095eb1dedfe42022720a1648aa0f8aed281409fe61d6ea57d9768f58099c52f2168345e71d7366760611e62aaba92a1d35b05fe87a0d9eaaf223210362e4459a
+MISC ChangeLog 28569 SHA256 3ba81aa1723ad809f53045b2c8712d882108a7178b603e3edcfdcc55f1b679b2 SHA512 c569a575176d90ea119280751ccec7b0bc1cf8b405e0d757aca8692ce13d27f5d26152613b28d5b845dacd45e72807cc8e79b4078c63c1e4990f7561e0f7d4e9 WHIRLPOOL 113bfd63779a7d79c63a3537e0585b827b167f4b0ebd194de864bee7118681dedd000cf263bac109fe98ae95df11d1e4dc3b5c141f5cd69ab131f3cf085c9d22
 MISC metadata.xml 788 SHA256 03323d15e5f70ef10a97216bdbe6440d0426ded1d10bd51a71009ab16fb815d8 SHA512 8c20d224bfdeaf20d1c0f598019ddb32c8a07058b99f5ceb8636cb11850a8d5334b41e350324a96d5a425c6f9ecf905f9412b22b0106e8fc137492c9142e33a3 WHIRLPOOL b3d16c752f7e3c74c6c7c40cc3d776470cd515504e373dbbf096bc96de268eaf940d4c6350502cbb9cb548a0af1e79e0dfd702c3cabad5d57cfac19a75984576
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
-iEYEAREIAAYFAlVcaucACgkQsR7PQhRXYEn5bwCfXda3DT/3cMjbkBzOSiRSncGo
-hTkAni80NI1L2L06SnJccbKsfJ0Zq3KJ
-=DEHK
+iEYEAREIAAYFAlWlZMQACgkQsR7PQhRXYEnbkwCfXDdfJJyMgsGJ/vm9y0ONOACb
+etkAnAqZX9VcKUjxVHKSvCk2wiEVRXwu
+=3n9M
 -----END PGP SIGNATURE-----
diff --git a/net-wireless/hostapd/files/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch b/net-wireless/hostapd/files/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch
new file mode 100644
index 000000000000..d03eb484fc28
--- /dev/null
+++ b/net-wireless/hostapd/files/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch
@@ -0,0 +1,29 @@
+From fc880b11ed70ff9dcf8be48621f75d354cc5094d Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Tue, 7 Jul 2015 15:33:55 +0300
+Subject: [PATCH] NFC: Avoid misaligned read of an NDEF field
+
+The 32-bit version of payload length field may not be 32-bit aligned in
+the message buffer, so use WPA_GET_BE32() to read it instead of ntohl().
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/wps/ndef.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/wps/ndef.c b/src/wps/ndef.c
+index 8d1ce1e..5604b0a 100644
+--- a/src/wps/ndef.c
++++ b/src/wps/ndef.c
+@@ -47,7 +47,7 @@ static int ndef_parse_record(const u8 *data, u32 size,
+ 	} else {
+ 		if (size < 6)
+ 			return -1;
+-		record->payload_length = ntohl(*(u32 *)pos);
++		record->payload_length = WPA_GET_BE32(pos);
+ 		pos += sizeof(u32);
+ 	}
+ 
+-- 
+1.7.9.5
+
diff --git a/net-wireless/hostapd/files/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch b/net-wireless/hostapd/files/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch
new file mode 100644
index 000000000000..1f624c8dad46
--- /dev/null
+++ b/net-wireless/hostapd/files/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch
@@ -0,0 +1,61 @@
+From df9079e72760ceb7ebe7fb11538200c516bdd886 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Tue, 7 Jul 2015 21:57:28 +0300
+Subject: [PATCH] NFC: Fix payload length validation in NDEF record parser
+
+It was possible for the 32-bit record->total_length value to end up
+wrapping around due to integer overflow if the longer form of payload
+length field is used and record->payload_length gets a value close to
+2^32. This could result in ndef_parse_record() accepting a too large
+payload length value and the record type filter reading up to about 20
+bytes beyond the end of the buffer and potentially killing the process.
+This could also result in an attempt to allocate close to 2^32 bytes of
+heap memory and if that were to succeed, a buffer read overflow of the
+same length which would most likely result in the process termination.
+In case of record->total_length ending up getting the value 0, there
+would be no buffer read overflow, but record parsing would result in an
+infinite loop in ndef_parse_records().
+
+Any of these error cases could potentially be used for denial of service
+attacks over NFC by using a malformed NDEF record on an NFC Tag or
+sending them during NFC connection handover if the application providing
+the NDEF message to hostapd/wpa_supplicant did no validation of the
+received records. While such validation is likely done in the NFC stack
+that needs to parse the NFC messages before further processing,
+hostapd/wpa_supplicant better be prepared for any data being included
+here.
+
+Fix this by validating record->payload_length value in a way that
+detects integer overflow. (CID 122668)
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/wps/ndef.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/wps/ndef.c b/src/wps/ndef.c
+index 5604b0a..50d018f 100644
+--- a/src/wps/ndef.c
++++ b/src/wps/ndef.c
+@@ -48,6 +48,8 @@ static int ndef_parse_record(const u8 *data, u32 size,
+ 		if (size < 6)
+ 			return -1;
+ 		record->payload_length = WPA_GET_BE32(pos);
++		if (record->payload_length > size - 6)
++			return -1;
+ 		pos += sizeof(u32);
+ 	}
+ 
+@@ -68,7 +70,8 @@ static int ndef_parse_record(const u8 *data, u32 size,
+ 	pos += record->payload_length;
+ 
+ 	record->total_length = pos - data;
+-	if (record->total_length > size)
++	if (record->total_length > size ||
++	    record->total_length < record->payload_length)
+ 		return -1;
+ 	return 0;
+ }
+-- 
+1.9.1
+
diff --git a/net-wireless/hostapd/hostapd-2.4-r3.ebuild b/net-wireless/hostapd/hostapd-2.4-r3.ebuild
new file mode 100644
index 000000000000..65815170ec7e
--- /dev/null
+++ b/net-wireless/hostapd/hostapd-2.4-r3.ebuild
@@ -0,0 +1,224 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-wireless/hostapd/hostapd-2.4-r3.ebuild,v 1.1 2015/07/14 19:36:35 gurligebis Exp $
+
+EAPI="4"
+
+inherit toolchain-funcs eutils systemd
+
+DESCRIPTION="IEEE 802.11 wireless LAN Host AP daemon"
+HOMEPAGE="http://hostap.epitest.fi"
+SRC_URI="http://hostap.epitest.fi/releases/${P}.tar.gz"
+
+LICENSE="|| ( GPL-2 BSD )"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~mips ~ppc ~x86"
+IUSE="ipv6 logwatch netlink sqlite +ssl +wps +crda"
+
+DEPEND="ssl? ( dev-libs/openssl[-bindist] )
+	kernel_linux? (
+		dev-libs/libnl:3
+		crda? ( net-wireless/crda )
+	)
+	netlink? ( net-libs/libnfnetlink )
+	sqlite? ( >=dev-db/sqlite-3 )"
+
+RDEPEND="${DEPEND}"
+
+S="${S}/${PN}"
+
+src_prepare() {
+	cd ..
+
+	# bug (548744)
+	epatch "${FILESDIR}/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch"
+	epatch "${FILESDIR}/2015-3/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch"
+	epatch "${FILESDIR}/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch"
+	epatch "${FILESDIR}/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch"
+	epatch "${FILESDIR}/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch"
+	epatch "${FILESDIR}/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch"
+	epatch "${FILESDIR}/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch"
+
+	# bug (554862)
+	epatch "${FILESDIR}/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch"
+	epatch "${FILESDIR}/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch"
+
+	cd "${PN}"
+
+	epatch "${FILESDIR}/${PN}-hlr_auc_gw-openssl.patch"
+
+	sed -i -e "s:/etc/hostapd:/etc/hostapd/hostapd:g" \
+		"${S}/hostapd.conf" || die
+}
+
+src_configure() {
+	local CONFIG="${S}/.config"
+
+	# toolchain setup
+	echo "CC = $(tc-getCC)" > ${CONFIG}
+
+	# EAP authentication methods
+	echo "CONFIG_EAP=y" >> ${CONFIG}
+	echo "CONFIG_ERP=y" >> ${CONFIG}
+	echo "CONFIG_EAP_MD5=y" >> ${CONFIG}
+
+	if use ssl; then
+		# SSL authentication methods
+		echo "CONFIG_EAP_FAST=y" >> ${CONFIG}
+		echo "CONFIG_EAP_TLS=y" >> ${CONFIG}
+		echo "CONFIG_EAP_TTLS=y" >> ${CONFIG}
+		echo "CONFIG_EAP_MSCHAPV2=y" >> ${CONFIG}
+		echo "CONFIG_EAP_PEAP=y" >> ${CONFIG}
+		echo "CONFIG_TLSV11=y" >> ${CONFIG}
+		echo "CONFIG_TLSV12=y" >> ${CONFIG}
+	fi
+
+	if use wps; then
+		# Enable Wi-Fi Protected Setup
+		echo "CONFIG_WPS=y" >> ${CONFIG}
+		echo "CONFIG_WPS2=y" >> ${CONFIG}
+		echo "CONFIG_WPS_UPNP=y" >> ${CONFIG}
+		echo "CONFIG_WPS_NFC=y" >> ${CONFIG}
+		einfo "Enabling Wi-Fi Protected Setup support"
+	fi
+
+	echo "CONFIG_EAP_IKEV2=y" >> ${CONFIG}
+	echo "CONFIG_EAP_TNC=y" >> ${CONFIG}
+	echo "CONFIG_EAP_GTC=y" >> ${CONFIG}
+	echo "CONFIG_EAP_SIM=y" >> ${CONFIG}
+	echo "CONFIG_EAP_AKA=y" >> ${CONFIG}
+	echo "CONFIG_EAP_AKA_PRIME=y" >> ${CONFIG}
+	echo "CONFIG_EAP_EKE=y" >> ${CONFIG}
+	echo "CONFIG_EAP_PAX=y" >> ${CONFIG}
+	echo "CONFIG_EAP_PSK=y" >> ${CONFIG}
+	echo "CONFIG_EAP_SAKE=y" >> ${CONFIG}
+	echo "CONFIG_EAP_GPSK=y" >> ${CONFIG}
+	echo "CONFIG_EAP_GPSK_SHA256=y" >> ${CONFIG}
+	echo "CONFIG_EAP_PWD=y" >> ${CONFIG}
+
+	einfo "Enabling drivers: "
+
+	# drivers
+	echo "CONFIG_DRIVER_HOSTAP=y" >> ${CONFIG}
+	einfo "  HostAP driver enabled"
+	echo "CONFIG_DRIVER_WIRED=y" >> ${CONFIG}
+	einfo "  Wired driver enabled"
+	echo "CONFIG_DRIVER_PRISM54=y" >> ${CONFIG}
+	einfo "  Prism54 driver enabled"
+	echo "CONFIG_DRIVER_NONE=y" >> ${CONFIG}
+	einfo "  None driver enabled"
+
+	einfo "  nl80211 driver enabled"
+	echo "CONFIG_DRIVER_NL80211=y" >> ${CONFIG}
+
+	# misc
+	echo "CONFIG_DEBUG_FILE=y" >> ${CONFIG}
+	echo "CONFIG_PKCS12=y" >> ${CONFIG}
+	echo "CONFIG_RADIUS_SERVER=y" >> ${CONFIG}
+	echo "CONFIG_IAPP=y" >> ${CONFIG}
+	echo "CONFIG_IEEE80211R=y" >> ${CONFIG}
+	echo "CONFIG_IEEE80211W=y" >> ${CONFIG}
+	echo "CONFIG_IEEE80211N=y" >> ${CONFIG}
+	echo "CONFIG_IEEE80211AC=y" >> ${CONFIG}
+	echo "CONFIG_PEERKEY=y" >> ${CONFIG}
+	echo "CONFIG_RSN_PREAUTH=y" >> ${CONFIG}
+	echo "CONFIG_INTERWORKING=y" >> ${CONFIG}
+	echo "CONFIG_FULL_DYNAMIC_VLAN=y" >> ${CONFIG}
+	echo "CONFIG_HS20=y" >> ${CONFIG}
+	echo "CONFIG_WNM=y" >> ${CONFIG}
+	echo "CONFIG_ACS=y" >> ${CONFIG}
+
+	if use netlink; then
+		# Netlink support
+		echo "CONFIG_VLAN_NETLINK=y" >> ${CONFIG}
+	fi
+
+	if use ipv6; then
+		# IPv6 support
+		echo "CONFIG_IPV6=y" >> ${CONFIG}
+	fi
+
+	if use sqlite; then
+		# Sqlite support
+		echo "CONFIG_SQLITE=y" >> ${CONFIG}
+	fi
+
+	# If we are using libnl 2.0 and above, enable support for it
+	# Removed for now, since the 3.2 version is broken, and we don't
+	# support it.
+	if has_version ">=dev-libs/libnl-3.2"; then
+		echo "CONFIG_LIBNL32=y" >> .config
+	fi
+
+	# TODO: Add support for BSD drivers
+
+	default_src_configure
+}
+
+src_compile() {
+	emake V=1
+
+	if use ssl; then
+		emake V=1 nt_password_hash
+		emake V=1 hlr_auc_gw
+	fi
+}
+
+src_install() {
+	insinto /etc/${PN}
+	doins ${PN}.{conf,accept,deny,eap_user,radius_clients,sim_db,wpa_psk}
+
+	fperms -R 600 /etc/${PN}
+
+	dosbin ${PN}
+	dobin ${PN}_cli
+
+	use ssl && dobin nt_password_hash hlr_auc_gw
+
+	newinitd "${FILESDIR}"/${PN}-init.d ${PN}
+	newconfd "${FILESDIR}"/${PN}-conf.d ${PN}
+	systemd_dounit "${FILESDIR}"/${PN}.service
+
+	doman ${PN}{.8,_cli.1}
+
+	dodoc ChangeLog README
+	use wps && dodoc README-WPS
+
+	docinto examples
+	dodoc wired.conf
+
+	if use logwatch; then
+		insinto /etc/log.d/conf/services/
+		doins logwatch/${PN}.conf
+
+		exeinto /etc/log.d/scripts/services/
+		doexe logwatch/${PN}
+	fi
+}
+
+pkg_postinst() {
+	einfo
+	einfo "If you are running openRC you need to follow this instructions:"
+	einfo "In order to use ${PN} you need to set up your wireless card"
+	einfo "for master mode in /etc/conf.d/net and then start"
+	einfo "/etc/init.d/${PN}."
+	einfo
+	einfo "Example configuration:"
+	einfo
+	einfo "config_wlan0=( \"192.168.1.1/24\" )"
+	einfo "channel_wlan0=\"6\""
+	einfo "essid_wlan0=\"test\""
+	einfo "mode_wlan0=\"master\""
+	einfo
+	#if [ -e "${KV_DIR}"/net/mac80211 ]; then
+	#	einfo "This package now compiles against the headers installed by"
+	#	einfo "the kernel source for the mac80211 driver. You should "
+	#	einfo "re-emerge ${PN} after upgrading your kernel source."
+	#fi
+
+	if use wps; then
+		einfo "You have enabled Wi-Fi Protected Setup support, please"
+		einfo "read the README-WPS file in /usr/share/doc/${P}"
+		einfo "for info on how to use WPS"
+	fi
+}
author	Bjarke Istrup Pedersen <gurligebis@gentoo.org>	2015-07-14 19:36:39 +0000
committer	Bjarke Istrup Pedersen <gurligebis@gentoo.org>	2015-07-14 19:36:39 +0000
commit	5454d64f31a7307bd0bceebea949bc6901f553b0 (patch)
tree	9953372896d731fca8c7d182c4cf543678807f5e /net-wireless
parent	Stable on alpha, bug 553584 (diff)
download	historical-5454d64f31a7307bd0bceebea949bc6901f553b0.tar.gz historical-5454d64f31a7307bd0bceebea949bc6901f553b0.tar.bz2 historical-5454d64f31a7307bd0bceebea949bc6901f553b0.zip