| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Removed upstream patches included in the new version.
Added upstream patch to fix build error.
Updated license hash after commit
http://w1.fi/cgit/hostap/commit/README?id=c2c6c01bb8b6fafc2074b46a53c4eab2c145ac6f
updated the copyright year.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes CVE-2018-14526:
http://w1.fi/security/2018-1/unauthenticated-eapol-key-decryption.txt
Added license hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This commit fixes the warnings reported by check-package on the help
text of all package Config.in files, related to the formatting of the
help text: should start with a tab, then 2 spaces, then at most 62
characters.
The vast majority of warnings fixed were caused by too long lines. A
few warnings were related to spaces being used instead of a tab to
indent the help text.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING is enabeld,
wpa_supplicant currently fails to build with:
../src/common/sae.o: In function `sae_cn_confirm.isra.2':
sae.c:(.text+0x168): undefined reference to `crypto_bignum_to_bin'
sae.c:(.text+0x198): undefined reference to `crypto_bignum_to_bin'
../src/common/sae.o: In function `sae_cn_confirm_ffc':
sae.c:(.text+0x214): undefined reference to `crypto_bignum_to_bin'
sae.c:(.text+0x22c): undefined reference to `crypto_bignum_to_bin'
../src/common/sae.o: In function `sae_cn_confirm_ecc':
sae.c:(.text+0x2a4): undefined reference to `crypto_ec_point_to_bin'
sae.c:(.text+0x2c0): undefined reference to `crypto_ec_point_to_bin'
[...]
This is due to the fact that the SAE code, used for the mesh network
support, needs OpenSSL support. Therefore, we ensure that
BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING selects OpenSSL. Only
OpenSSL is supported, which is why
BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL is selected as well.
No changes to the .mk files are needed, because we were already
handling OpenSSL as an optional dependency.
This problem was not yet caught by the autobuilders.
Reported-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Cc: Maxime Ripard <maxime.ripard@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
| |
wpa_supplicant will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
| |
wpa_supplicant project URL has been changed to w1.fi/wpa_supplicant.
The old domain epitest.fi has expired.
Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,
CVE-2017-13087, CVE-2017-13088:
http://lists.infradead.org/pipermail/hostap/2017-October/037989.html
[Peter: also add patch 0001 as suggested by Jörg Krause]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The check-package script when ran gives warnings on ordering issues
on all of these Config files. This patch cleans up all warnings
related to the ordering in the Config files for packages starting with
the letter w in the package directory.
The appropriate ordering is: type, default, depends on, select, help
See http://nightly.buildroot.org/#_config_files for more information.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
| |
The check-package script when ran gave warnings on only using
one space before backslashes on all of these makefiles.
This patch cleans up all warnings related to the one space before
backslashes rule in the make files in the package directory.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for BSD-3c is BSD-3-Clause.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/BSD-3c/BSD-3-Clause/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
| |
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
| |
Fixes:
http://autobuild.buildroot.net/results/427/4275ea6e9f5a18d2ed42c93bdafbe6cbd50126a9/
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
| |
The new wpa_supplicant command line argument -M can be used to describe
matching rules with a wildcard interface name (e.g., "wlan*").
This is very useful for systems without udev.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
| |
Remove all patches as they are applied to or were fetched from upstream.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
| |
BR2_PACKAGE_WPA_SUPPLICANT_WIFI_DISPLAY depends on
BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT because CONFIG_WIFI_DISPLAY needs
CONFIG_P2P.
Signed-off-by: Georges Savoundararadj <savoundg@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
| |
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CONFIG_BGSCAN_SIMPLE is missing from the defconfig included with
wpa_supplicant. Many programs that depend on wpa_supplicant assume
bgscan is enabled, for example connman will try to set bgscan by default.
It is safe to always enable CONFIG_BGSCAN_SIMPLE since it is only used if
wpa_supplicant is configured to do so.
Signed-off-by: Martin Bark <martin@barkynet.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add upstream patching fixing CVE-2016-2447: psk configuration parameter update
allowing arbitrary data to be written.
See http://w1.fi/security/2016-1/psk-parameter-config-update.txt for details.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd service files were supplied with old DBus bus name. After
service activation systemd was waiting for appearance of specified bus
name to consider it started successfully. However, if wpa_supplicant was
compiled only with new dbus interface name, then systemd didn't notice
configured (old) DBus bus name appearance. In the end service was
considered malfunctioning and it was deactivated.
Add upstreamable patch [1], which updates systemd service BusName
property according to configured DBus interface version.
[1] http://lists.infradead.org/pipermail/hostap/2016-April/035599.html
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wpa_supplicant is licensed under BSD-3c only and not dual licensed.
Quoting from COPYING file
This software was previously distributed under BSD/GPL v2 dual license
terms that allowed either of those license alternatives to be
selected. As of February 11, 2012, the project has chosen to use only
the BSD license option for future distribution. As such, the GPL v2
license option is no longer used.
Reviewed-by: Abhimanyu Vishwakarma <Abhimanyu.Vishwakarma@imgtec.com>
Signed-off-by: Rahul Bedarkar <rahul.bedarkar@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Version 2.5 of wpa_supplicant introduces the config option
CONFIG_BUILD_WPA_CLIENT_SO to enable building wpa_client as shared library.
We need to add a patch from upstream to fix a runtime error with
libwpa_client.so:
Error relocating /usr/lib/libwpa_client.so: bin_clear_free: symbol not found
[Thomas: renumber patch.]
Cc: Martin Bark <martin@barkynet.com>
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Reviewed-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
CVE-2015-5310 - wpa_supplicant unauthorized WNM Sleep Mode GTK control
CVE-2015-5315 - wpa_supplicant: EAP-pwd missing last fragment length
validation
CVE-2015-5316 - EAP-pwd peer error path failure on unexpected Confirm
message
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Disable EAP-TNC for static build because its implementation uses dlopen().
Fixes:
http://autobuild.buildroot.net/results/e21/e21705ae690ab899b6f00e4a15833abef5e54e0e/
[Peter: add comment explaining why]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, nl80211 support is conditionnal with libnl being enabled,
using implicit dependencies. This causes problems since it is not
obvious and wpa_supplicant without nl80211 isn't what most user expects.
If nl80211 isn't enabled, then buildroot only enables the wext driver,
which will only work if some deprecated kernel feature isn't left
disabled, or if using a outdated out-of-tree linux driver which doesn't
use the cfg80211 infrastructure.
This makes nl80211 support an explicit option, which
"select BR2_PACKAGE_LIBNL" accordingly. To handle upgrades nicely, it
would have been nice to have "default y if BR2_PACKAGE_LIBNL", but
Kconfig treats this as a circular dependency. So instead, this enables
the option by default, which is less worse than not enabling nl80211
when it was previously implicitely enabled.
[Thomas:
- rewrap Config.in help text
- add comment about thread dependency.]
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Tested-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
| |
Remove upstream patches. Renumber the remaining patch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
| |
When linking statically, the order of libraries on the
linker command matters, since readline depends on ncurses.
Signed-off-by: David du Colombier <0intro@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This commit adds patches for three different upstream security advisories. No
CVE numbers stated.
http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt
http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt
http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
| |
Add upstream patch fixing CVE-2015-1863: buffer overflow of SSID buffer within
struct p2p_device that is allocated from heap.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
| |
This commit doesn't touch infra packages.
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
| |
Unlike other systemd services, these are not enabled by default, as the
most likely configuration is that they will be managed by something like
NetworkManager.
Signed-off-by: Mike Williams <mike@mikebwilliams.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
| |
Enable the '-f' option (log output to debug file instead of stdout). Force
enable it, binary size +963 bytes for an ARM target.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
| |
Also:
- remove patches: merged upstream
- update hash
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
| |
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
| |
Autogenerated from rename-patch.py (http://patchwork.ozlabs.org/patch/403345)
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
| |
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
ERROR: unsafe header/library path used in cross-compilation: '/usr/include/libnl3'
Add a dependancy on host-pkgconf when BR2_PACKAGE_LIBNL is enabled.
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Reported-by: Jörg Krause <jkrause@posteo.de>
Cc: Jörg Krause <jkrause@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.
As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.
This also helps preparing the addition of other options to select
shared, shared+static or just static.
Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a patch to allow building wpa_supplicant with the musl C library.
Building wpa_supplicant with the musl C library fails since musl does not
define type names such as '__uint32_t'. To support building wpa_supplicant
with the musl C library use the integer types declared in the ISO C standard
header file <stdint.h>.
Patch is sent upstream:
http://lists.shmoo.com/pipermail/hostap/2014-December/031464.html
Signed-off-by: Jörg Krause <jkrause@posteo.de>
Tested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
| |
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The only package selecting wpa_supplicant is connman, and it is
already depends on BR2_USE_MMU.
Fixes:
http://autobuild.buildroot.org/results/9ac/9ac3c0de573f5266a889f1ceb6d43aa92f715c55/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
| |
Fix CVE-2014-3686: wpa_cli and hostapd_cli action script execution vulnerability
(http://w1.fi/security/2014-1/wpacli-action-scripts.txt)
Signed-off-by: Jörg Krause <jkrause@posteo.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
| |
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
As discussed with Gustavo on the mailing-list, remove EPOLL flag.
wpa_supplicant isn't able to answer DBUS message as events are
never delivered.
Signed-off-by: Eric Limpens <limpens@gmail.com>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
| |
Fixes:
http://autobuild.buildroot.net/results/209/20908f479b33c1e2952622f5e8ad6b60d58af693/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
| |
Signed-off-by: Sven Neumann <neumann@teufel.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Patches are now upstream.
Enable epoll support since any modern kernel/toolchain supports it.
Interworking requires Hotspot functionality which we didn't enable
before so introduce a new option for them.
While at it group and sort the options in a more lean and friendly way.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
| |
Add upstream patches fixing internal TLS validation of X.509 certificates. See
http://lists.shmoo.com/pipermail/hostap/2014-May/030273.html for details.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
| |
Signed-off-by: Oscar Hellström <oscar.hellstrom@vinnter.se>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
| |
WPS NFC support wouldn't build properly unless AP mode was enabled.
Add upstream fix to correct this and enable NFC support.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wpa_supplicant doesn't use pkg-config and upstream likely wouldn't take
a patch to do so (hostapd/wpa_supplicant are used in android builds, and
it doesn't use any auto* stuff either) so pass it in LIBS* since we
always build openssl with libz support.
Made ugly by the fact that wpa_supplicant uses LIBS for the
wpa_supplicant binary, LIBS_c for the wpa_cli binary and LIBS_p for the
wpa_passphrase binary.
Also do f62a1d887aee642593b3f9507d6f3ebcd82219d0 here too since it
applies when libnl is used.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
