1 |
commit: 9e6f35f746a3167551005b501a304375369fb488 |
2 |
Author: Andrey Utkin <andrey_utkin <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Apr 27 21:18:59 2018 +0000 |
4 |
Commit: Andrey Utkin <andrey_utkin <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed May 2 10:08:44 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9e6f35f7 |
7 |
|
8 |
net-wireless/hostapd: add 2.6-r4 for further enhancements |
9 |
|
10 |
Package-Manager: Portage-2.3.31, Repoman-2.3.9 |
11 |
|
12 |
net-wireless/hostapd/hostapd-2.6-r4.ebuild | 238 +++++++++++++++++++++++++++++ |
13 |
1 file changed, 238 insertions(+) |
14 |
|
15 |
diff --git a/net-wireless/hostapd/hostapd-2.6-r4.ebuild b/net-wireless/hostapd/hostapd-2.6-r4.ebuild |
16 |
new file mode 100644 |
17 |
index 00000000000..feebb2eda45 |
18 |
--- /dev/null |
19 |
+++ b/net-wireless/hostapd/hostapd-2.6-r4.ebuild |
20 |
@@ -0,0 +1,238 @@ |
21 |
+# Copyright 1999-2018 Gentoo Foundation |
22 |
+# Distributed under the terms of the GNU General Public License v2 |
23 |
+ |
24 |
+EAPI="6" |
25 |
+ |
26 |
+inherit toolchain-funcs eutils systemd savedconfig |
27 |
+ |
28 |
+DESCRIPTION="IEEE 802.11 wireless LAN Host AP daemon" |
29 |
+HOMEPAGE="http://hostap.epitest.fi" |
30 |
+SRC_URI="http://hostap.epitest.fi/releases/${P}.tar.gz" |
31 |
+ |
32 |
+LICENSE="BSD" |
33 |
+SLOT="0" |
34 |
+KEYWORDS="~amd64 ~arm ~mips ~ppc ~x86" |
35 |
+IUSE="ipv6 libressl logwatch netlink sqlite +ssl +wps +crda" |
36 |
+ |
37 |
+DEPEND=" |
38 |
+ ssl? ( |
39 |
+ !libressl? ( dev-libs/openssl:0=[-bindist] ) |
40 |
+ libressl? ( dev-libs/libressl:0= ) |
41 |
+ ) |
42 |
+ kernel_linux? ( |
43 |
+ dev-libs/libnl:3 |
44 |
+ crda? ( net-wireless/crda ) |
45 |
+ ) |
46 |
+ netlink? ( net-libs/libnfnetlink ) |
47 |
+ sqlite? ( >=dev-db/sqlite-3 )" |
48 |
+ |
49 |
+RDEPEND="${DEPEND}" |
50 |
+ |
51 |
+S="${S}/${PN}" |
52 |
+ |
53 |
+src_prepare() { |
54 |
+ # Allow users to apply patches to src/drivers for example, |
55 |
+ # i.e. anything outside ${S}/${PN} |
56 |
+ pushd ../ >/dev/null || die |
57 |
+ |
58 |
+ # Add LibreSSL compatibility patch bug (#567262) |
59 |
+ eapply "${FILESDIR}/${P}-libressl-compatibility.patch" |
60 |
+ |
61 |
+ # https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt |
62 |
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch" |
63 |
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch" |
64 |
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch" |
65 |
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch" |
66 |
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch" |
67 |
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch" |
68 |
+ eapply "${FILESDIR}/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch" |
69 |
+ default |
70 |
+ popd >/dev/null || die |
71 |
+ |
72 |
+ sed -i -e "s:/etc/hostapd:/etc/hostapd/hostapd:g" \ |
73 |
+ "${S}/hostapd.conf" || die |
74 |
+ |
75 |
+} |
76 |
+ |
77 |
+src_configure() { |
78 |
+ local CONFIG="${S}/.config" |
79 |
+ |
80 |
+ restore_config "${CONFIG}" |
81 |
+ if [[ -f "${CONFIG}" ]]; then |
82 |
+ default_src_configure |
83 |
+ return 0 |
84 |
+ fi |
85 |
+ |
86 |
+ # toolchain setup |
87 |
+ echo "CC = $(tc-getCC)" > ${CONFIG} |
88 |
+ |
89 |
+ # EAP authentication methods |
90 |
+ echo "CONFIG_EAP=y" >> ${CONFIG} |
91 |
+ echo "CONFIG_ERP=y" >> ${CONFIG} |
92 |
+ echo "CONFIG_EAP_MD5=y" >> ${CONFIG} |
93 |
+ |
94 |
+ if use ssl; then |
95 |
+ # SSL authentication methods |
96 |
+ echo "CONFIG_EAP_FAST=y" >> ${CONFIG} |
97 |
+ echo "CONFIG_EAP_TLS=y" >> ${CONFIG} |
98 |
+ echo "CONFIG_EAP_TTLS=y" >> ${CONFIG} |
99 |
+ echo "CONFIG_EAP_MSCHAPV2=y" >> ${CONFIG} |
100 |
+ echo "CONFIG_EAP_PEAP=y" >> ${CONFIG} |
101 |
+ echo "CONFIG_TLSV11=y" >> ${CONFIG} |
102 |
+ echo "CONFIG_TLSV12=y" >> ${CONFIG} |
103 |
+ fi |
104 |
+ |
105 |
+ if use wps; then |
106 |
+ # Enable Wi-Fi Protected Setup |
107 |
+ echo "CONFIG_WPS=y" >> ${CONFIG} |
108 |
+ echo "CONFIG_WPS2=y" >> ${CONFIG} |
109 |
+ echo "CONFIG_WPS_UPNP=y" >> ${CONFIG} |
110 |
+ echo "CONFIG_WPS_NFC=y" >> ${CONFIG} |
111 |
+ einfo "Enabling Wi-Fi Protected Setup support" |
112 |
+ fi |
113 |
+ |
114 |
+ echo "CONFIG_EAP_IKEV2=y" >> ${CONFIG} |
115 |
+ echo "CONFIG_EAP_TNC=y" >> ${CONFIG} |
116 |
+ echo "CONFIG_EAP_GTC=y" >> ${CONFIG} |
117 |
+ echo "CONFIG_EAP_SIM=y" >> ${CONFIG} |
118 |
+ echo "CONFIG_EAP_AKA=y" >> ${CONFIG} |
119 |
+ echo "CONFIG_EAP_AKA_PRIME=y" >> ${CONFIG} |
120 |
+ echo "CONFIG_EAP_EKE=y" >> ${CONFIG} |
121 |
+ echo "CONFIG_EAP_PAX=y" >> ${CONFIG} |
122 |
+ echo "CONFIG_EAP_PSK=y" >> ${CONFIG} |
123 |
+ echo "CONFIG_EAP_SAKE=y" >> ${CONFIG} |
124 |
+ echo "CONFIG_EAP_GPSK=y" >> ${CONFIG} |
125 |
+ echo "CONFIG_EAP_GPSK_SHA256=y" >> ${CONFIG} |
126 |
+ echo "CONFIG_EAP_PWD=y" >> ${CONFIG} |
127 |
+ |
128 |
+ einfo "Enabling drivers: " |
129 |
+ |
130 |
+ # drivers |
131 |
+ echo "CONFIG_DRIVER_HOSTAP=y" >> ${CONFIG} |
132 |
+ einfo " HostAP driver enabled" |
133 |
+ echo "CONFIG_DRIVER_WIRED=y" >> ${CONFIG} |
134 |
+ einfo " Wired driver enabled" |
135 |
+ echo "CONFIG_DRIVER_NONE=y" >> ${CONFIG} |
136 |
+ einfo " None driver enabled" |
137 |
+ |
138 |
+ einfo " nl80211 driver enabled" |
139 |
+ echo "CONFIG_DRIVER_NL80211=y" >> ${CONFIG} |
140 |
+ |
141 |
+ # epoll |
142 |
+ echo "CONFIG_ELOOP_EPOLL=y" >> ${CONFIG} |
143 |
+ |
144 |
+ # misc |
145 |
+ echo "CONFIG_DEBUG_FILE=y" >> ${CONFIG} |
146 |
+ echo "CONFIG_PKCS12=y" >> ${CONFIG} |
147 |
+ echo "CONFIG_RADIUS_SERVER=y" >> ${CONFIG} |
148 |
+ echo "CONFIG_IAPP=y" >> ${CONFIG} |
149 |
+ echo "CONFIG_IEEE80211R=y" >> ${CONFIG} |
150 |
+ echo "CONFIG_IEEE80211W=y" >> ${CONFIG} |
151 |
+ echo "CONFIG_IEEE80211N=y" >> ${CONFIG} |
152 |
+ echo "CONFIG_IEEE80211AC=y" >> ${CONFIG} |
153 |
+ echo "CONFIG_PEERKEY=y" >> ${CONFIG} |
154 |
+ echo "CONFIG_RSN_PREAUTH=y" >> ${CONFIG} |
155 |
+ echo "CONFIG_INTERWORKING=y" >> ${CONFIG} |
156 |
+ echo "CONFIG_FULL_DYNAMIC_VLAN=y" >> ${CONFIG} |
157 |
+ echo "CONFIG_HS20=y" >> ${CONFIG} |
158 |
+ echo "CONFIG_WNM=y" >> ${CONFIG} |
159 |
+ echo "CONFIG_FST=y" >> ${CONFIG} |
160 |
+ echo "CONFIG_FST_TEST=y" >> ${CONFIG} |
161 |
+ echo "CONFIG_ACS=y" >> ${CONFIG} |
162 |
+ |
163 |
+ if use netlink; then |
164 |
+ # Netlink support |
165 |
+ echo "CONFIG_VLAN_NETLINK=y" >> ${CONFIG} |
166 |
+ fi |
167 |
+ |
168 |
+ if use ipv6; then |
169 |
+ # IPv6 support |
170 |
+ echo "CONFIG_IPV6=y" >> ${CONFIG} |
171 |
+ fi |
172 |
+ |
173 |
+ if use sqlite; then |
174 |
+ # Sqlite support |
175 |
+ echo "CONFIG_SQLITE=y" >> ${CONFIG} |
176 |
+ fi |
177 |
+ |
178 |
+ # If we are using libnl 2.0 and above, enable support for it |
179 |
+ # Removed for now, since the 3.2 version is broken, and we don't |
180 |
+ # support it. |
181 |
+ if has_version ">=dev-libs/libnl-3.2"; then |
182 |
+ echo "CONFIG_LIBNL32=y" >> .config |
183 |
+ fi |
184 |
+ |
185 |
+ # TODO: Add support for BSD drivers |
186 |
+ |
187 |
+ default_src_configure |
188 |
+} |
189 |
+ |
190 |
+src_compile() { |
191 |
+ emake V=1 |
192 |
+ |
193 |
+ if use ssl; then |
194 |
+ emake V=1 nt_password_hash |
195 |
+ emake V=1 hlr_auc_gw |
196 |
+ fi |
197 |
+} |
198 |
+ |
199 |
+src_install() { |
200 |
+ insinto /etc/${PN} |
201 |
+ doins ${PN}.{conf,accept,deny,eap_user,radius_clients,sim_db,wpa_psk} |
202 |
+ |
203 |
+ fperms -R 600 /etc/${PN} |
204 |
+ |
205 |
+ dosbin ${PN} |
206 |
+ dobin ${PN}_cli |
207 |
+ |
208 |
+ use ssl && dobin nt_password_hash hlr_auc_gw |
209 |
+ |
210 |
+ newinitd "${FILESDIR}"/${PN}-init.d ${PN} |
211 |
+ newconfd "${FILESDIR}"/${PN}-conf.d ${PN} |
212 |
+ systemd_dounit "${FILESDIR}"/${PN}.service |
213 |
+ |
214 |
+ doman ${PN}{.8,_cli.1} |
215 |
+ |
216 |
+ dodoc ChangeLog README |
217 |
+ use wps && dodoc README-WPS |
218 |
+ |
219 |
+ docinto examples |
220 |
+ dodoc wired.conf |
221 |
+ |
222 |
+ if use logwatch; then |
223 |
+ insinto /etc/log.d/conf/services/ |
224 |
+ doins logwatch/${PN}.conf |
225 |
+ |
226 |
+ exeinto /etc/log.d/scripts/services/ |
227 |
+ doexe logwatch/${PN} |
228 |
+ fi |
229 |
+ |
230 |
+ save_config .config |
231 |
+} |
232 |
+ |
233 |
+pkg_postinst() { |
234 |
+ einfo |
235 |
+ einfo "If you are running openRC you need to follow this instructions:" |
236 |
+ einfo "In order to use ${PN} you need to set up your wireless card" |
237 |
+ einfo "for master mode in /etc/conf.d/net and then start" |
238 |
+ einfo "/etc/init.d/${PN}." |
239 |
+ einfo |
240 |
+ einfo "Example configuration:" |
241 |
+ einfo |
242 |
+ einfo "config_wlan0=( \"192.168.1.1/24\" )" |
243 |
+ einfo "channel_wlan0=\"6\"" |
244 |
+ einfo "essid_wlan0=\"test\"" |
245 |
+ einfo "mode_wlan0=\"master\"" |
246 |
+ einfo |
247 |
+ #if [ -e "${KV_DIR}"/net/mac80211 ]; then |
248 |
+ # einfo "This package now compiles against the headers installed by" |
249 |
+ # einfo "the kernel source for the mac80211 driver. You should " |
250 |
+ # einfo "re-emerge ${PN} after upgrading your kernel source." |
251 |
+ #fi |
252 |
+ |
253 |
+ if use wps; then |
254 |
+ einfo "You have enabled Wi-Fi Protected Setup support, please" |
255 |
+ einfo "read the README-WPS file in /usr/share/doc/${P}" |
256 |
+ einfo "for info on how to use WPS" |
257 |
+ fi |
258 |
+} |