summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBjarke Istrup Pedersen <gurligebis@gentoo.org>2016-03-17 21:00:58 +0000
committerBjarke Istrup Pedersen <gurligebis@gentoo.org>2016-03-17 21:00:58 +0000
commit6bf7f9fd23ab7f28237b2f0533c7410c73a1c6ba (patch)
tree1c1c350b3f7701f39018b867308eee7cabd42f5e /net-wireless/hostapd
parentdev-python/lxml: version bump to 3.6.0 (diff)
downloadgentoo-6bf7f9fd23ab7f28237b2f0533c7410c73a1c6ba.tar.gz
gentoo-6bf7f9fd23ab7f28237b2f0533c7410c73a1c6ba.tar.bz2
gentoo-6bf7f9fd23ab7f28237b2f0533c7410c73a1c6ba.zip
net-wireless/hostapd: Removing old, unsecure versions now that 2.5 is marked stable
Package-Manager: portage-2.2.28
Diffstat (limited to 'net-wireless/hostapd')
-rw-r--r--net-wireless/hostapd/Manifest1
-rw-r--r--net-wireless/hostapd/files/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch49
-rw-r--r--net-wireless/hostapd/files/2015-3/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch41
-rw-r--r--net-wireless/hostapd/files/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch73
-rw-r--r--net-wireless/hostapd/files/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch66
-rw-r--r--net-wireless/hostapd/files/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch52
-rw-r--r--net-wireless/hostapd/files/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch50
-rw-r--r--net-wireless/hostapd/files/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch32
-rw-r--r--net-wireless/hostapd/files/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch29
-rw-r--r--net-wireless/hostapd/files/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch61
-rw-r--r--net-wireless/hostapd/files/hostapd-hlr_auc_gw-openssl.patch43
-rw-r--r--net-wireless/hostapd/hostapd-2.4-r2.ebuild220
-rw-r--r--net-wireless/hostapd/hostapd-2.4-r3.ebuild224
13 files changed, 0 insertions, 941 deletions
diff --git a/net-wireless/hostapd/Manifest b/net-wireless/hostapd/Manifest
index 530780e2a785..b7669549de42 100644
--- a/net-wireless/hostapd/Manifest
+++ b/net-wireless/hostapd/Manifest
@@ -1,2 +1 @@
-DIST hostapd-2.4.tar.gz 1658872 SHA256 6fe0eb6bd1c9cbd24952ece8586b6f7bd14ab358edfda99794e79b9b9dbd657f SHA512 37e648fe9cce92923ab1d1e23a4267e274c988785d7be5610f1affca425ffa86b438de81e37446926a0f9158d6b67ee83e6396c3f81d571545c973dddbf1ffe3 WHIRLPOOL 78484c7e09725ba967c8815c3d8b0ffcc0c56daaec4acc79bc15c7392084c8642a2b41156b2c6a6360badb7e9d23792699d452fe600b56e3d62dd569188b6c2c
DIST hostapd-2.5.tar.gz 1720783 SHA256 8e272d954dc0d7026c264b79b15389ec2b2c555b32970de39f506b9f463ec74a SHA512 bbb0547c29f4925aff8639cae3291ed020c2a9d989dd267be831b2418880916d2ec69003e36ecc796c348476086397cca8f63c52633f91c11a9c2ab72e1c83c0 WHIRLPOOL a2c07e8426796a82cd01dbd4fff22c065c93dff8ea25ccce9b37d78a732941750947e934acfdac8f63841d322636271e976c43aabe419c916e405264ecd4b06a
diff --git a/net-wireless/hostapd/files/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch b/net-wireless/hostapd/files/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch
deleted file mode 100644
index 36b4ca294699..000000000000
--- a/net-wireless/hostapd/files/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 5acd23f4581da58683f3cf5e36cb71bbe4070bd7 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Tue, 28 Apr 2015 17:08:33 +0300
-Subject: [PATCH] WPS: Fix HTTP chunked transfer encoding parser
-
-strtoul() return value may end up overflowing the int h->chunk_size and
-resulting in a negative value to be stored as the chunk_size. This could
-result in the following memcpy operation using a very large length
-argument which would result in a buffer overflow and segmentation fault.
-
-This could have been used to cause a denial service by any device that
-has been authorized for network access (either wireless or wired). This
-would affect both the WPS UPnP functionality in a WPS AP (hostapd with
-upnp_iface parameter set in the configuration) and WPS ER
-(wpa_supplicant with WPS_ER_START control interface command used).
-
-Validate the parsed chunk length value to avoid this. In addition to
-rejecting negative values, we can also reject chunk size that would be
-larger than the maximum configured body length.
-
-Thanks to Kostya Kortchinsky of Google security team for discovering and
-reporting this issue.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/wps/httpread.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/src/wps/httpread.c b/src/wps/httpread.c
-index 2f08f37..d2855e3 100644
---- a/src/wps/httpread.c
-+++ b/src/wps/httpread.c
-@@ -533,6 +533,13 @@ static void httpread_read_handler(int sd, void *eloop_ctx, void *sock_ctx)
- if (!isxdigit(*cbp))
- goto bad;
- h->chunk_size = strtoul(cbp, NULL, 16);
-+ if (h->chunk_size < 0 ||
-+ h->chunk_size > h->max_bytes) {
-+ wpa_printf(MSG_DEBUG,
-+ "httpread: Invalid chunk size %d",
-+ h->chunk_size);
-+ goto bad;
-+ }
- /* throw away chunk header
- * so we have only real data
- */
---
-1.9.1
-
diff --git a/net-wireless/hostapd/files/2015-3/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch b/net-wireless/hostapd/files/2015-3/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch
deleted file mode 100644
index 79c5af8906fa..000000000000
--- a/net-wireless/hostapd/files/2015-3/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From ef566a4d4f74022e1fdb0a2addfe81e6de9f4aae Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Wed, 29 Apr 2015 02:21:53 +0300
-Subject: [PATCH] AP WMM: Fix integer underflow in WMM Action frame parser
-
-The length of the WMM Action frame was not properly validated and the
-length of the information elements (int left) could end up being
-negative. This would result in reading significantly past the stack
-buffer while parsing the IEs in ieee802_11_parse_elems() and while doing
-so, resulting in segmentation fault.
-
-This can result in an invalid frame being used for a denial of service
-attack (hostapd process killed) against an AP with a driver that uses
-hostapd for management frame processing (e.g., all mac80211-based
-drivers).
-
-Thanks to Kostya Kortchinsky of Google security team for discovering and
-reporting this issue.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/ap/wmm.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/ap/wmm.c b/src/ap/wmm.c
-index 6d4177c..314e244 100644
---- a/src/ap/wmm.c
-+++ b/src/ap/wmm.c
-@@ -274,6 +274,9 @@ void hostapd_wmm_action(struct hostapd_data *hapd,
- return;
- }
-
-+ if (left < 0)
-+ return; /* not a valid WMM Action frame */
-+
- /* extract the tspec info element */
- if (ieee802_11_parse_elems(pos, left, &elems, 1) == ParseFailed) {
- hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
---
-1.9.1
-
diff --git a/net-wireless/hostapd/files/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch b/net-wireless/hostapd/files/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
deleted file mode 100644
index 91627fb7b7f6..000000000000
--- a/net-wireless/hostapd/files/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From dd2f043c9c43d156494e33d7ce22db96e6ef42c7 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 1 May 2015 16:37:45 +0300
-Subject: [PATCH 1/5] EAP-pwd peer: Fix payload length validation for Commit
- and Confirm
-
-The length of the received Commit and Confirm message payloads was not
-checked before reading them. This could result in a buffer read
-overflow when processing an invalid message.
-
-Fix this by verifying that the payload is of expected length before
-processing it. In addition, enforce correct state transition sequence to
-make sure there is no unexpected behavior if receiving a Commit/Confirm
-message before the previous exchanges have been completed.
-
-Thanks to Kostya Kortchinsky of Google security team for discovering and
-reporting this issue.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_peer/eap_pwd.c | 29 +++++++++++++++++++++++++++++
- 1 file changed, 29 insertions(+)
-
-diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
-index f2b0926..a629437 100644
---- a/src/eap_peer/eap_pwd.c
-+++ b/src/eap_peer/eap_pwd.c
-@@ -355,6 +355,23 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
- BIGNUM *mask = NULL, *x = NULL, *y = NULL, *cofactor = NULL;
- u16 offset;
- u8 *ptr, *scalar = NULL, *element = NULL;
-+ size_t prime_len, order_len;
-+
-+ if (data->state != PWD_Commit_Req) {
-+ ret->ignore = TRUE;
-+ goto fin;
-+ }
-+
-+ prime_len = BN_num_bytes(data->grp->prime);
-+ order_len = BN_num_bytes(data->grp->order);
-+
-+ if (payload_len != 2 * prime_len + order_len) {
-+ wpa_printf(MSG_INFO,
-+ "EAP-pwd: Unexpected Commit payload length %u (expected %u)",
-+ (unsigned int) payload_len,
-+ (unsigned int) (2 * prime_len + order_len));
-+ goto fin;
-+ }
-
- if (((data->private_value = BN_new()) == NULL) ||
- ((data->my_element = EC_POINT_new(data->grp->group)) == NULL) ||
-@@ -554,6 +571,18 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
- u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr;
- int offset;
-
-+ if (data->state != PWD_Confirm_Req) {
-+ ret->ignore = TRUE;
-+ goto fin;
-+ }
-+
-+ if (payload_len != SHA256_MAC_LEN) {
-+ wpa_printf(MSG_INFO,
-+ "EAP-pwd: Unexpected Confirm payload length %u (expected %u)",
-+ (unsigned int) payload_len, SHA256_MAC_LEN);
-+ goto fin;
-+ }
-+
- /*
- * first build up the ciphersuite which is group | random_function |
- * prf
---
-1.9.1
-
diff --git a/net-wireless/hostapd/files/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch b/net-wireless/hostapd/files/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
deleted file mode 100644
index 5dca20b2771b..000000000000
--- a/net-wireless/hostapd/files/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From e28a58be26184c2a23f80b410e0997ef1bd5d578 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 1 May 2015 16:40:44 +0300
-Subject: [PATCH 2/5] EAP-pwd server: Fix payload length validation for Commit
- and Confirm
-
-The length of the received Commit and Confirm message payloads was not
-checked before reading them. This could result in a buffer read
-overflow when processing an invalid message.
-
-Fix this by verifying that the payload is of expected length before
-processing it. In addition, enforce correct state transition sequence to
-make sure there is no unexpected behavior if receiving a Commit/Confirm
-message before the previous exchanges have been completed.
-
-Thanks to Kostya Kortchinsky of Google security team for discovering and
-reporting this issue.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_server/eap_server_pwd.c | 19 +++++++++++++++++++
- 1 file changed, 19 insertions(+)
-
-diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c
-index 66bd5d2..3189105 100644
---- a/src/eap_server/eap_server_pwd.c
-+++ b/src/eap_server/eap_server_pwd.c
-@@ -656,9 +656,21 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data,
- BIGNUM *x = NULL, *y = NULL, *cofactor = NULL;
- EC_POINT *K = NULL, *point = NULL;
- int res = 0;
-+ size_t prime_len, order_len;
-
- wpa_printf(MSG_DEBUG, "EAP-pwd: Received commit response");
-
-+ prime_len = BN_num_bytes(data->grp->prime);
-+ order_len = BN_num_bytes(data->grp->order);
-+
-+ if (payload_len != 2 * prime_len + order_len) {
-+ wpa_printf(MSG_INFO,
-+ "EAP-pwd: Unexpected Commit payload length %u (expected %u)",
-+ (unsigned int) payload_len,
-+ (unsigned int) (2 * prime_len + order_len));
-+ goto fin;
-+ }
-+
- if (((data->peer_scalar = BN_new()) == NULL) ||
- ((data->k = BN_new()) == NULL) ||
- ((cofactor = BN_new()) == NULL) ||
-@@ -774,6 +786,13 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data,
- u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr;
- int offset;
-
-+ if (payload_len != SHA256_MAC_LEN) {
-+ wpa_printf(MSG_INFO,
-+ "EAP-pwd: Unexpected Confirm payload length %u (expected %u)",
-+ (unsigned int) payload_len, SHA256_MAC_LEN);
-+ goto fin;
-+ }
-+
- /* build up the ciphersuite: group | random_function | prf */
- grp = htons(data->group_num);
- ptr = (u8 *) &cs;
---
-1.9.1
-
diff --git a/net-wireless/hostapd/files/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch b/net-wireless/hostapd/files/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
deleted file mode 100644
index 4d2f9d8aefeb..000000000000
--- a/net-wireless/hostapd/files/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 477c74395acd0123340457ba6f15ab345d42016e Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sat, 2 May 2015 19:23:04 +0300
-Subject: [PATCH 3/5] EAP-pwd peer: Fix Total-Length parsing for fragment
- reassembly
-
-The remaining number of bytes in the message could be smaller than the
-Total-Length field size, so the length needs to be explicitly checked
-prior to reading the field and decrementing the len variable. This could
-have resulted in the remaining length becoming negative and interpreted
-as a huge positive integer.
-
-In addition, check that there is no already started fragment in progress
-before allocating a new buffer for reassembling fragments. This avoid a
-potential memory leak when processing invalid message.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_peer/eap_pwd.c | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
-diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
-index a629437..1d2079b 100644
---- a/src/eap_peer/eap_pwd.c
-+++ b/src/eap_peer/eap_pwd.c
-@@ -866,11 +866,23 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret,
- * if it's the first fragment there'll be a length field
- */
- if (EAP_PWD_GET_LENGTH_BIT(lm_exch)) {
-+ if (len < 2) {
-+ wpa_printf(MSG_DEBUG,
-+ "EAP-pwd: Frame too short to contain Total-Length field");
-+ ret->ignore = TRUE;
-+ return NULL;
-+ }
- tot_len = WPA_GET_BE16(pos);
- wpa_printf(MSG_DEBUG, "EAP-pwd: Incoming fragments whose "
- "total length = %d", tot_len);
- if (tot_len > 15000)
- return NULL;
-+ if (data->inbuf) {
-+ wpa_printf(MSG_DEBUG,
-+ "EAP-pwd: Unexpected new fragment start when previous fragment is still in use");
-+ ret->ignore = TRUE;
-+ return NULL;
-+ }
- data->inbuf = wpabuf_alloc(tot_len);
- if (data->inbuf == NULL) {
- wpa_printf(MSG_INFO, "Out of memory to buffer "
---
-1.9.1
-
diff --git a/net-wireless/hostapd/files/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch b/net-wireless/hostapd/files/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
deleted file mode 100644
index 7edef099eb59..000000000000
--- a/net-wireless/hostapd/files/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 3035cc2894e08319b905bd6561e8bddc8c2db9fa Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sat, 2 May 2015 19:26:06 +0300
-Subject: [PATCH 4/5] EAP-pwd server: Fix Total-Length parsing for fragment
- reassembly
-
-The remaining number of bytes in the message could be smaller than the
-Total-Length field size, so the length needs to be explicitly checked
-prior to reading the field and decrementing the len variable. This could
-have resulted in the remaining length becoming negative and interpreted
-as a huge positive integer.
-
-In addition, check that there is no already started fragment in progress
-before allocating a new buffer for reassembling fragments. This avoid a
-potential memory leak when processing invalid message.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_server/eap_server_pwd.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c
-index 3189105..2bfc3c2 100644
---- a/src/eap_server/eap_server_pwd.c
-+++ b/src/eap_server/eap_server_pwd.c
-@@ -942,11 +942,21 @@ static void eap_pwd_process(struct eap_sm *sm, void *priv,
- * the first fragment has a total length
- */
- if (EAP_PWD_GET_LENGTH_BIT(lm_exch)) {
-+ if (len < 2) {
-+ wpa_printf(MSG_DEBUG,
-+ "EAP-pwd: Frame too short to contain Total-Length field");
-+ return;
-+ }
- tot_len = WPA_GET_BE16(pos);
- wpa_printf(MSG_DEBUG, "EAP-pwd: Incoming fragments, total "
- "length = %d", tot_len);
- if (tot_len > 15000)
- return;
-+ if (data->inbuf) {
-+ wpa_printf(MSG_DEBUG,
-+ "EAP-pwd: Unexpected new fragment start when previous fragment is still in use");
-+ return;
-+ }
- data->inbuf = wpabuf_alloc(tot_len);
- if (data->inbuf == NULL) {
- wpa_printf(MSG_INFO, "EAP-pwd: Out of memory to "
---
-1.9.1
-
diff --git a/net-wireless/hostapd/files/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch b/net-wireless/hostapd/files/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
deleted file mode 100644
index a601323f14da..000000000000
--- a/net-wireless/hostapd/files/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 28a069a545b06b99eb55ad53f63f2c99e65a98f6 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sat, 2 May 2015 19:26:28 +0300
-Subject: [PATCH 5/5] EAP-pwd peer: Fix asymmetric fragmentation behavior
-
-The L (Length) and M (More) flags needs to be cleared before deciding
-whether the locally generated response requires fragmentation. This
-fixes an issue where these flags from the server could have been invalid
-for the following message. In some cases, this could have resulted in
-triggering the wpabuf security check that would terminate the process
-due to invalid buffer allocation.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_peer/eap_pwd.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
-index 1d2079b..e58b13a 100644
---- a/src/eap_peer/eap_pwd.c
-+++ b/src/eap_peer/eap_pwd.c
-@@ -968,6 +968,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret,
- /*
- * we have output! Do we need to fragment it?
- */
-+ lm_exch = EAP_PWD_GET_EXCHANGE(lm_exch);
- len = wpabuf_len(data->outbuf);
- if ((len + EAP_PWD_HDR_SIZE) > data->mtu) {
- resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_PWD, data->mtu,
---
-1.9.1
-
diff --git a/net-wireless/hostapd/files/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch b/net-wireless/hostapd/files/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch
deleted file mode 100644
index d03eb484fc28..000000000000
--- a/net-wireless/hostapd/files/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From fc880b11ed70ff9dcf8be48621f75d354cc5094d Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Tue, 7 Jul 2015 15:33:55 +0300
-Subject: [PATCH] NFC: Avoid misaligned read of an NDEF field
-
-The 32-bit version of payload length field may not be 32-bit aligned in
-the message buffer, so use WPA_GET_BE32() to read it instead of ntohl().
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/wps/ndef.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/wps/ndef.c b/src/wps/ndef.c
-index 8d1ce1e..5604b0a 100644
---- a/src/wps/ndef.c
-+++ b/src/wps/ndef.c
-@@ -47,7 +47,7 @@ static int ndef_parse_record(const u8 *data, u32 size,
- } else {
- if (size < 6)
- return -1;
-- record->payload_length = ntohl(*(u32 *)pos);
-+ record->payload_length = WPA_GET_BE32(pos);
- pos += sizeof(u32);
- }
-
---
-1.7.9.5
-
diff --git a/net-wireless/hostapd/files/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch b/net-wireless/hostapd/files/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch
deleted file mode 100644
index 1f624c8dad46..000000000000
--- a/net-wireless/hostapd/files/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From df9079e72760ceb7ebe7fb11538200c516bdd886 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Tue, 7 Jul 2015 21:57:28 +0300
-Subject: [PATCH] NFC: Fix payload length validation in NDEF record parser
-
-It was possible for the 32-bit record->total_length value to end up
-wrapping around due to integer overflow if the longer form of payload
-length field is used and record->payload_length gets a value close to
-2^32. This could result in ndef_parse_record() accepting a too large
-payload length value and the record type filter reading up to about 20
-bytes beyond the end of the buffer and potentially killing the process.
-This could also result in an attempt to allocate close to 2^32 bytes of
-heap memory and if that were to succeed, a buffer read overflow of the
-same length which would most likely result in the process termination.
-In case of record->total_length ending up getting the value 0, there
-would be no buffer read overflow, but record parsing would result in an
-infinite loop in ndef_parse_records().
-
-Any of these error cases could potentially be used for denial of service
-attacks over NFC by using a malformed NDEF record on an NFC Tag or
-sending them during NFC connection handover if the application providing
-the NDEF message to hostapd/wpa_supplicant did no validation of the
-received records. While such validation is likely done in the NFC stack
-that needs to parse the NFC messages before further processing,
-hostapd/wpa_supplicant better be prepared for any data being included
-here.
-
-Fix this by validating record->payload_length value in a way that
-detects integer overflow. (CID 122668)
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/wps/ndef.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/wps/ndef.c b/src/wps/ndef.c
-index 5604b0a..50d018f 100644
---- a/src/wps/ndef.c
-+++ b/src/wps/ndef.c
-@@ -48,6 +48,8 @@ static int ndef_parse_record(const u8 *data, u32 size,
- if (size < 6)
- return -1;
- record->payload_length = WPA_GET_BE32(pos);
-+ if (record->payload_length > size - 6)
-+ return -1;
- pos += sizeof(u32);
- }
-
-@@ -68,7 +70,8 @@ static int ndef_parse_record(const u8 *data, u32 size,
- pos += record->payload_length;
-
- record->total_length = pos - data;
-- if (record->total_length > size)
-+ if (record->total_length > size ||
-+ record->total_length < record->payload_length)
- return -1;
- return 0;
- }
---
-1.9.1
-
diff --git a/net-wireless/hostapd/files/hostapd-hlr_auc_gw-openssl.patch b/net-wireless/hostapd/files/hostapd-hlr_auc_gw-openssl.patch
deleted file mode 100644
index 1e88859b8e00..000000000000
--- a/net-wireless/hostapd/files/hostapd-hlr_auc_gw-openssl.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 58e115b86928000475b734a4345862afe11d6352 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <jouni@qca.qualcomm.com>
-Date: Fri, 20 Mar 2015 12:56:31 +0000
-Subject: Fix hlr_auc_gw build with OpenSSL
-
-Commit 983c6a606bc839248ea0c69090e60c095a655bc6 ('OpenSSL: Replace
-internal HMAC-MD5 implementation') forgot to make inclusion of md5.o
-conditional for hlr_auc_gw build.
-
-Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
----
-diff --git a/hostapd/Android.mk b/hostapd/Android.mk
-index 5c69bd1..54b139c 100644
---- a/hostapd/Android.mk
-+++ b/hostapd/Android.mk
-@@ -795,8 +795,10 @@ OBJS += src/crypto/random.c
- HOBJS += src/crypto/random.c
- HOBJS += src/utils/eloop.c
- HOBJS += $(SHA1OBJS)
-+ifneq ($(CONFIG_TLS), openssl)
- HOBJS += src/crypto/md5.c
- endif
-+endif
-
- ifdef CONFIG_RADIUS_SERVER
- L_CFLAGS += -DRADIUS_SERVER
-diff --git a/hostapd/Makefile b/hostapd/Makefile
-index 520ae89..d718c15 100644
---- a/hostapd/Makefile
-+++ b/hostapd/Makefile
-@@ -792,8 +792,10 @@ OBJS += ../src/crypto/random.o
- HOBJS += ../src/crypto/random.o
- HOBJS += ../src/utils/eloop.o
- HOBJS += $(SHA1OBJS)
-+ifneq ($(CONFIG_TLS), openssl)
- HOBJS += ../src/crypto/md5.o
- endif
-+endif
-
- ifdef CONFIG_RADIUS_SERVER
- CFLAGS += -DRADIUS_SERVER
---
-cgit v0.9.2
diff --git a/net-wireless/hostapd/hostapd-2.4-r2.ebuild b/net-wireless/hostapd/hostapd-2.4-r2.ebuild
deleted file mode 100644
index 82d4e65ea8f1..000000000000
--- a/net-wireless/hostapd/hostapd-2.4-r2.ebuild
+++ /dev/null
@@ -1,220 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="4"
-
-inherit toolchain-funcs eutils systemd
-
-DESCRIPTION="IEEE 802.11 wireless LAN Host AP daemon"
-HOMEPAGE="http://hostap.epitest.fi"
-SRC_URI="http://hostap.epitest.fi/releases/${P}.tar.gz"
-
-LICENSE="|| ( GPL-2 BSD )"
-SLOT="0"
-KEYWORDS="amd64 ~arm ~mips ppc x86"
-IUSE="ipv6 logwatch netlink sqlite +ssl +wps +crda"
-
-DEPEND="ssl? ( dev-libs/openssl[-bindist] )
- kernel_linux? (
- dev-libs/libnl:3
- crda? ( net-wireless/crda )
- )
- netlink? ( net-libs/libnfnetlink )
- sqlite? ( >=dev-db/sqlite-3 )"
-
-RDEPEND="${DEPEND}"
-
-S="${S}/${PN}"
-
-src_prepare() {
- cd ..
-
- # bug (548744)
- epatch "${FILESDIR}/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch"
- epatch "${FILESDIR}/2015-3/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch"
- epatch "${FILESDIR}/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch"
- epatch "${FILESDIR}/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch"
- epatch "${FILESDIR}/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch"
- epatch "${FILESDIR}/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch"
- epatch "${FILESDIR}/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch"
-
- cd "${PN}"
-
- epatch "${FILESDIR}/${PN}-hlr_auc_gw-openssl.patch"
-
- sed -i -e "s:/etc/hostapd:/etc/hostapd/hostapd:g" \
- "${S}/hostapd.conf" || die
-}
-
-src_configure() {
- local CONFIG="${S}/.config"
-
- # toolchain setup
- echo "CC = $(tc-getCC)" > ${CONFIG}
-
- # EAP authentication methods
- echo "CONFIG_EAP=y" >> ${CONFIG}
- echo "CONFIG_ERP=y" >> ${CONFIG}
- echo "CONFIG_EAP_MD5=y" >> ${CONFIG}
-
- if use ssl; then
- # SSL authentication methods
- echo "CONFIG_EAP_FAST=y" >> ${CONFIG}
- echo "CONFIG_EAP_TLS=y" >> ${CONFIG}
- echo "CONFIG_EAP_TTLS=y" >> ${CONFIG}
- echo "CONFIG_EAP_MSCHAPV2=y" >> ${CONFIG}
- echo "CONFIG_EAP_PEAP=y" >> ${CONFIG}
- echo "CONFIG_TLSV11=y" >> ${CONFIG}
- echo "CONFIG_TLSV12=y" >> ${CONFIG}
- fi
-
- if use wps; then
- # Enable Wi-Fi Protected Setup
- echo "CONFIG_WPS=y" >> ${CONFIG}
- echo "CONFIG_WPS2=y" >> ${CONFIG}
- echo "CONFIG_WPS_UPNP=y" >> ${CONFIG}
- echo "CONFIG_WPS_NFC=y" >> ${CONFIG}
- einfo "Enabling Wi-Fi Protected Setup support"
- fi
-
- echo "CONFIG_EAP_IKEV2=y" >> ${CONFIG}
- echo "CONFIG_EAP_TNC=y" >> ${CONFIG}
- echo "CONFIG_EAP_GTC=y" >> ${CONFIG}
- echo "CONFIG_EAP_SIM=y" >> ${CONFIG}
- echo "CONFIG_EAP_AKA=y" >> ${CONFIG}
- echo "CONFIG_EAP_AKA_PRIME=y" >> ${CONFIG}
- echo "CONFIG_EAP_EKE=y" >> ${CONFIG}
- echo "CONFIG_EAP_PAX=y" >> ${CONFIG}
- echo "CONFIG_EAP_PSK=y" >> ${CONFIG}
- echo "CONFIG_EAP_SAKE=y" >> ${CONFIG}
- echo "CONFIG_EAP_GPSK=y" >> ${CONFIG}
- echo "CONFIG_EAP_GPSK_SHA256=y" >> ${CONFIG}
- echo "CONFIG_EAP_PWD=y" >> ${CONFIG}
-
- einfo "Enabling drivers: "
-
- # drivers
- echo "CONFIG_DRIVER_HOSTAP=y" >> ${CONFIG}
- einfo " HostAP driver enabled"
- echo "CONFIG_DRIVER_WIRED=y" >> ${CONFIG}
- einfo " Wired driver enabled"
- echo "CONFIG_DRIVER_PRISM54=y" >> ${CONFIG}
- einfo " Prism54 driver enabled"
- echo "CONFIG_DRIVER_NONE=y" >> ${CONFIG}
- einfo " None driver enabled"
-
- einfo " nl80211 driver enabled"
- echo "CONFIG_DRIVER_NL80211=y" >> ${CONFIG}
-
- # misc
- echo "CONFIG_DEBUG_FILE=y" >> ${CONFIG}
- echo "CONFIG_PKCS12=y" >> ${CONFIG}
- echo "CONFIG_RADIUS_SERVER=y" >> ${CONFIG}
- echo "CONFIG_IAPP=y" >> ${CONFIG}
- echo "CONFIG_IEEE80211R=y" >> ${CONFIG}
- echo "CONFIG_IEEE80211W=y" >> ${CONFIG}
- echo "CONFIG_IEEE80211N=y" >> ${CONFIG}
- echo "CONFIG_IEEE80211AC=y" >> ${CONFIG}
- echo "CONFIG_PEERKEY=y" >> ${CONFIG}
- echo "CONFIG_RSN_PREAUTH=y" >> ${CONFIG}
- echo "CONFIG_INTERWORKING=y" >> ${CONFIG}
- echo "CONFIG_FULL_DYNAMIC_VLAN=y" >> ${CONFIG}
- echo "CONFIG_HS20=y" >> ${CONFIG}
- echo "CONFIG_WNM=y" >> ${CONFIG}
- echo "CONFIG_ACS=y" >> ${CONFIG}
-
- if use netlink; then
- # Netlink support
- echo "CONFIG_VLAN_NETLINK=y" >> ${CONFIG}
- fi
-
- if use ipv6; then
- # IPv6 support
- echo "CONFIG_IPV6=y" >> ${CONFIG}
- fi
-
- if use sqlite; then
- # Sqlite support
- echo "CONFIG_SQLITE=y" >> ${CONFIG}
- fi
-
- # If we are using libnl 2.0 and above, enable support for it
- # Removed for now, since the 3.2 version is broken, and we don't
- # support it.
- if has_version ">=dev-libs/libnl-3.2"; then
- echo "CONFIG_LIBNL32=y" >> .config
- fi
-
- # TODO: Add support for BSD drivers
-
- default_src_configure
-}
-
-src_compile() {
- emake V=1
-
- if use ssl; then
- emake V=1 nt_password_hash
- emake V=1 hlr_auc_gw
- fi
-}
-
-src_install() {
- insinto /etc/${PN}
- doins ${PN}.{conf,accept,deny,eap_user,radius_clients,sim_db,wpa_psk}
-
- fperms -R 600 /etc/${PN}
-
- dosbin ${PN}
- dobin ${PN}_cli
-
- use ssl && dobin nt_password_hash hlr_auc_gw
-
- newinitd "${FILESDIR}"/${PN}-init.d ${PN}
- newconfd "${FILESDIR}"/${PN}-conf.d ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
-
- doman ${PN}{.8,_cli.1}
-
- dodoc ChangeLog README
- use wps && dodoc README-WPS
-
- docinto examples
- dodoc wired.conf
-
- if use logwatch; then
- insinto /etc/log.d/conf/services/
- doins logwatch/${PN}.conf
-
- exeinto /etc/log.d/scripts/services/
- doexe logwatch/${PN}
- fi
-}
-
-pkg_postinst() {
- einfo
- einfo "If you are running openRC you need to follow this instructions:"
- einfo "In order to use ${PN} you need to set up your wireless card"
- einfo "for master mode in /etc/conf.d/net and then start"
- einfo "/etc/init.d/${PN}."
- einfo
- einfo "Example configuration:"
- einfo
- einfo "config_wlan0=( \"192.168.1.1/24\" )"
- einfo "channel_wlan0=\"6\""
- einfo "essid_wlan0=\"test\""
- einfo "mode_wlan0=\"master\""
- einfo
- #if [ -e "${KV_DIR}"/net/mac80211 ]; then
- # einfo "This package now compiles against the headers installed by"
- # einfo "the kernel source for the mac80211 driver. You should "
- # einfo "re-emerge ${PN} after upgrading your kernel source."
- #fi
-
- if use wps; then
- einfo "You have enabled Wi-Fi Protected Setup support, please"
- einfo "read the README-WPS file in /usr/share/doc/${P}"
- einfo "for info on how to use WPS"
- fi
-}
diff --git a/net-wireless/hostapd/hostapd-2.4-r3.ebuild b/net-wireless/hostapd/hostapd-2.4-r3.ebuild
deleted file mode 100644
index 82fc20d92a1a..000000000000
--- a/net-wireless/hostapd/hostapd-2.4-r3.ebuild
+++ /dev/null
@@ -1,224 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="4"
-
-inherit toolchain-funcs eutils systemd
-
-DESCRIPTION="IEEE 802.11 wireless LAN Host AP daemon"
-HOMEPAGE="http://hostap.epitest.fi"
-SRC_URI="http://hostap.epitest.fi/releases/${P}.tar.gz"
-
-LICENSE="|| ( GPL-2 BSD )"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~x86"
-IUSE="ipv6 logwatch netlink sqlite +ssl +wps +crda"
-
-DEPEND="ssl? ( dev-libs/openssl[-bindist] )
- kernel_linux? (
- dev-libs/libnl:3
- crda? ( net-wireless/crda )
- )
- netlink? ( net-libs/libnfnetlink )
- sqlite? ( >=dev-db/sqlite-3 )"
-
-RDEPEND="${DEPEND}"
-
-S="${S}/${PN}"
-
-src_prepare() {
- cd ..
-
- # bug (548744)
- epatch "${FILESDIR}/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch"
- epatch "${FILESDIR}/2015-3/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch"
- epatch "${FILESDIR}/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch"
- epatch "${FILESDIR}/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch"
- epatch "${FILESDIR}/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch"
- epatch "${FILESDIR}/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch"
- epatch "${FILESDIR}/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch"
-
- # bug (554862)
- epatch "${FILESDIR}/2015-5/0001-NFC-Avoid-misaligned-read-of-an-NDEF-field.patch"
- epatch "${FILESDIR}/2015-5/0002-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch"
-
- cd "${PN}"
-
- epatch "${FILESDIR}/${PN}-hlr_auc_gw-openssl.patch"
-
- sed -i -e "s:/etc/hostapd:/etc/hostapd/hostapd:g" \
- "${S}/hostapd.conf" || die
-}
-
-src_configure() {
- local CONFIG="${S}/.config"
-
- # toolchain setup
- echo "CC = $(tc-getCC)" > ${CONFIG}
-
- # EAP authentication methods
- echo "CONFIG_EAP=y" >> ${CONFIG}
- echo "CONFIG_ERP=y" >> ${CONFIG}
- echo "CONFIG_EAP_MD5=y" >> ${CONFIG}
-
- if use ssl; then
- # SSL authentication methods
- echo "CONFIG_EAP_FAST=y" >> ${CONFIG}
- echo "CONFIG_EAP_TLS=y" >> ${CONFIG}
- echo "CONFIG_EAP_TTLS=y" >> ${CONFIG}
- echo "CONFIG_EAP_MSCHAPV2=y" >> ${CONFIG}
- echo "CONFIG_EAP_PEAP=y" >> ${CONFIG}
- echo "CONFIG_TLSV11=y" >> ${CONFIG}
- echo "CONFIG_TLSV12=y" >> ${CONFIG}
- fi
-
- if use wps; then
- # Enable Wi-Fi Protected Setup
- echo "CONFIG_WPS=y" >> ${CONFIG}
- echo "CONFIG_WPS2=y" >> ${CONFIG}
- echo "CONFIG_WPS_UPNP=y" >> ${CONFIG}
- echo "CONFIG_WPS_NFC=y" >> ${CONFIG}
- einfo "Enabling Wi-Fi Protected Setup support"
- fi
-
- echo "CONFIG_EAP_IKEV2=y" >> ${CONFIG}
- echo "CONFIG_EAP_TNC=y" >> ${CONFIG}
- echo "CONFIG_EAP_GTC=y" >> ${CONFIG}
- echo "CONFIG_EAP_SIM=y" >> ${CONFIG}
- echo "CONFIG_EAP_AKA=y" >> ${CONFIG}
- echo "CONFIG_EAP_AKA_PRIME=y" >> ${CONFIG}
- echo "CONFIG_EAP_EKE=y" >> ${CONFIG}
- echo "CONFIG_EAP_PAX=y" >> ${CONFIG}
- echo "CONFIG_EAP_PSK=y" >> ${CONFIG}
- echo "CONFIG_EAP_SAKE=y" >> ${CONFIG}
- echo "CONFIG_EAP_GPSK=y" >> ${CONFIG}
- echo "CONFIG_EAP_GPSK_SHA256=y" >> ${CONFIG}
- echo "CONFIG_EAP_PWD=y" >> ${CONFIG}
-
- einfo "Enabling drivers: "
-
- # drivers
- echo "CONFIG_DRIVER_HOSTAP=y" >> ${CONFIG}
- einfo " HostAP driver enabled"
- echo "CONFIG_DRIVER_WIRED=y" >> ${CONFIG}
- einfo " Wired driver enabled"
- echo "CONFIG_DRIVER_PRISM54=y" >> ${CONFIG}
- einfo " Prism54 driver enabled"
- echo "CONFIG_DRIVER_NONE=y" >> ${CONFIG}
- einfo " None driver enabled"
-
- einfo " nl80211 driver enabled"
- echo "CONFIG_DRIVER_NL80211=y" >> ${CONFIG}
-
- # misc
- echo "CONFIG_DEBUG_FILE=y" >> ${CONFIG}
- echo "CONFIG_PKCS12=y" >> ${CONFIG}
- echo "CONFIG_RADIUS_SERVER=y" >> ${CONFIG}
- echo "CONFIG_IAPP=y" >> ${CONFIG}
- echo "CONFIG_IEEE80211R=y" >> ${CONFIG}
- echo "CONFIG_IEEE80211W=y" >> ${CONFIG}
- echo "CONFIG_IEEE80211N=y" >> ${CONFIG}
- echo "CONFIG_IEEE80211AC=y" >> ${CONFIG}
- echo "CONFIG_PEERKEY=y" >> ${CONFIG}
- echo "CONFIG_RSN_PREAUTH=y" >> ${CONFIG}
- echo "CONFIG_INTERWORKING=y" >> ${CONFIG}
- echo "CONFIG_FULL_DYNAMIC_VLAN=y" >> ${CONFIG}
- echo "CONFIG_HS20=y" >> ${CONFIG}
- echo "CONFIG_WNM=y" >> ${CONFIG}
- echo "CONFIG_ACS=y" >> ${CONFIG}
-
- if use netlink; then
- # Netlink support
- echo "CONFIG_VLAN_NETLINK=y" >> ${CONFIG}
- fi
-
- if use ipv6; then
- # IPv6 support
- echo "CONFIG_IPV6=y" >> ${CONFIG}
- fi
-
- if use sqlite; then
- # Sqlite support
- echo "CONFIG_SQLITE=y" >> ${CONFIG}
- fi
-
- # If we are using libnl 2.0 and above, enable support for it
- # Removed for now, since the 3.2 version is broken, and we don't
- # support it.
- if has_version ">=dev-libs/libnl-3.2"; then
- echo "CONFIG_LIBNL32=y" >> .config
- fi
-
- # TODO: Add support for BSD drivers
-
- default_src_configure
-}
-
-src_compile() {
- emake V=1
-
- if use ssl; then
- emake V=1 nt_password_hash
- emake V=1 hlr_auc_gw
- fi
-}
-
-src_install() {
- insinto /etc/${PN}
- doins ${PN}.{conf,accept,deny,eap_user,radius_clients,sim_db,wpa_psk}
-
- fperms -R 600 /etc/${PN}
-
- dosbin ${PN}
- dobin ${PN}_cli
-
- use ssl && dobin nt_password_hash hlr_auc_gw
-
- newinitd "${FILESDIR}"/${PN}-init.d ${PN}
- newconfd "${FILESDIR}"/${PN}-conf.d ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
-
- doman ${PN}{.8,_cli.1}
-
- dodoc ChangeLog README
- use wps && dodoc README-WPS
-
- docinto examples
- dodoc wired.conf
-
- if use logwatch; then
- insinto /etc/log.d/conf/services/
- doins logwatch/${PN}.conf
-
- exeinto /etc/log.d/scripts/services/
- doexe logwatch/${PN}
- fi
-}
-
-pkg_postinst() {
- einfo
- einfo "If you are running openRC you need to follow this instructions:"
- einfo "In order to use ${PN} you need to set up your wireless card"
- einfo "for master mode in /etc/conf.d/net and then start"
- einfo "/etc/init.d/${PN}."
- einfo
- einfo "Example configuration:"
- einfo
- einfo "config_wlan0=( \"192.168.1.1/24\" )"
- einfo "channel_wlan0=\"6\""
- einfo "essid_wlan0=\"test\""
- einfo "mode_wlan0=\"master\""
- einfo
- #if [ -e "${KV_DIR}"/net/mac80211 ]; then
- # einfo "This package now compiles against the headers installed by"
- # einfo "the kernel source for the mac80211 driver. You should "
- # einfo "re-emerge ${PN} after upgrading your kernel source."
- #fi
-
- if use wps; then
- einfo "You have enabled Wi-Fi Protected Setup support, please"
- einfo "read the README-WPS file in /usr/share/doc/${P}"
- einfo "for info on how to use WPS"
- fi
-}