diff options
Diffstat (limited to 'network/hostapd')
-rw-r--r-- | network/hostapd/README | 10 | ||||
-rw-r--r-- | network/hostapd/hostapd.SlackBuild | 29 | ||||
-rw-r--r-- | network/hostapd/hostapd.defconfig | 14 | ||||
-rw-r--r-- | network/hostapd/hostapd.info | 6 | ||||
-rw-r--r-- | network/hostapd/patches/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch | 73 |
5 files changed, 33 insertions, 99 deletions
diff --git a/network/hostapd/README b/network/hostapd/README index 24cfefe967..258a947ed8 100644 --- a/network/hostapd/README +++ b/network/hostapd/README @@ -1,7 +1,7 @@ hostapd - IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator -hostapd is a user space daemon for access point and authentication servers. -It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP -Authenticators, RADIUS client, EAP server, and RADIUS authentication server. -The current version supports Linux (Host AP, madwifi, Prism54 drivers) and -FreeBSD (net80211). +hostapd is a user space daemon for access point and authentication +servers. It implements IEEE 802.11 access point management, IEEE +802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and +RADIUS authentication server. The current version supports Linux (Host +AP, madwifi, Prism54 drivers) and FreeBSD (net80211). diff --git a/network/hostapd/hostapd.SlackBuild b/network/hostapd/hostapd.SlackBuild index 8dd14ed682..ace2dcf921 100644 --- a/network/hostapd/hostapd.SlackBuild +++ b/network/hostapd/hostapd.SlackBuild @@ -1,10 +1,10 @@ -#!/bin/sh +#!/bin/bash # Slackware build script for hostapd # Copyright 2008-2013 Murat D. Kadirov <banderols@gmail.com> # Copyright 2014-2016 LukenShiro, Italy -# Copyright 2018, 2019 Brenton Earl <brent@exitstatusone.com> +# Copyright 2018-2020 Brenton Earl <brent@exitstatusone.com> # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -26,10 +26,13 @@ # Fixed doinst.sh by Mario Preksavec <mario@slackware.hr> +cd $(dirname $0) ; CWD=$(pwd) + PRGNAM=hostapd -VERSION=${VERSION:-2.7} +VERSION=${VERSION:-2.10} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} +PKGTYPE=${PKGTYPE:-tgz} if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -39,7 +42,11 @@ if [ -z "$ARCH" ]; then esac fi -CWD=$(pwd) +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" + exit 0 +fi + TMP=${TMP:-/tmp/SBo} PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} @@ -53,6 +60,9 @@ elif [ "$ARCH" = "i686" ]; then elif [ "$ARCH" = "x86_64" ]; then SLKCFLAGS="-O2 -fPIC" LIBDIRSUFFIX="64" +elif [ "$ARCH" = "aarch64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" else SLKCFLAGS="-O2" LIBDIRSUFFIX="" @@ -75,14 +85,11 @@ find -L . \ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; -(cd ../src/ -for i in $CWD/patches/*.patch; do - patch -p2 < "$i" -done) - +# Edit the defconfig to enable additional features cat $CWD/hostapd.defconfig > .config -CFLAGS+="$SLKCFLAGS" make +export CFLAGS+="$SLKCFLAGS" +make mkdir -p \ $PKG/usr/sbin/ \ @@ -118,4 +125,4 @@ cat $CWD/doinst.sh $DOINST_TMP > $PKG/install/doinst.sh rm -f $DOINST_TMP cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE diff --git a/network/hostapd/hostapd.defconfig b/network/hostapd/hostapd.defconfig index 08005f26b4..e1bfff1f83 100644 --- a/network/hostapd/hostapd.defconfig +++ b/network/hostapd/hostapd.defconfig @@ -19,7 +19,7 @@ CONFIG_DRIVER_WIRED=y CONFIG_DRIVER_NL80211=y # QCA vendor extensions to nl80211 -#CONFIG_DRIVER_NL80211_QCA=y +CONFIG_DRIVER_NL80211_QCA=y # driver_nl80211.c requires libnl. If you are compiling it yourself # you may need to point hostapd to your version of libnl. @@ -97,7 +97,7 @@ CONFIG_EAP_PAX=y CONFIG_EAP_PSK=y # EAP-pwd for the integrated EAP server (secure authentication with a password) -#CONFIG_EAP_PWD=y +CONFIG_EAP_PWD=y # EAP-SAKE for the integrated EAP server CONFIG_EAP_SAKE=y @@ -142,13 +142,13 @@ CONFIG_PKCS12=y # RADIUS authentication server. This provides access to the integrated EAP # server from external hosts using RADIUS. -CONFIG_RADIUS_SERVER=y +#CONFIG_RADIUS_SERVER=y # Build IPv6 support for RADIUS operations CONFIG_IPV6=y # IEEE Std 802.11r-2008 (Fast BSS Transition) -CONFIG_IEEE80211R=y +#CONFIG_IEEE80211R=y # Use the hostapd's IEEE 802.11 authentication (ACL), but without # the IEEE 802.11 Management capability (e.g., FreeBSD/net80211) @@ -162,7 +162,7 @@ CONFIG_IEEE80211N=y #CONFIG_WNM=y # IEEE 802.11ac (Very High Throughput) support -CONFIG_IEEE80211AC=y +#CONFIG_IEEE80211AC=y # IEEE 802.11ax HE support # Note: This is experimental and work in progress. The definitions are still @@ -319,7 +319,7 @@ CONFIG_IEEE80211AC=y #CONFIG_HS20=y # Enable SQLite database support in hlr_auc_gw, EAP-SIM DB, and eap_user_file -CONFIG_SQLITE=y +#CONFIG_SQLITE=y # Enable Fast Session Transfer (FST) #CONFIG_FST=y @@ -390,7 +390,7 @@ CONFIG_ACS=y # parameter. See that parameter in hostapd.conf for more details. #CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1 -# custom configuration options +# Additional Options CONFIG_MESH=y CONFIG_SAE=y CONFIG_WPS2=y diff --git a/network/hostapd/hostapd.info b/network/hostapd/hostapd.info index c4e87e1a2d..bd009fff35 100644 --- a/network/hostapd/hostapd.info +++ b/network/hostapd/hostapd.info @@ -1,8 +1,8 @@ PRGNAM="hostapd" -VERSION="2.7" +VERSION="2.10" HOMEPAGE="https://w1.fi/hostapd/" -DOWNLOAD="https://w1.fi/releases/hostapd-2.7.tar.gz" -MD5SUM="8d3799f3a3c247cff47d41503698721b" +DOWNLOAD="https://w1.fi/releases/hostapd-2.10.tar.gz" +MD5SUM="0be43e9e09ab94a7ebf82de0d1c57761" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" diff --git a/network/hostapd/patches/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch b/network/hostapd/patches/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch deleted file mode 100644 index d764a9db01..0000000000 --- a/network/hostapd/patches/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 8c07fa9eda13e835f3f968b2e1c9a8be3a851ff9 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Thu, 29 Aug 2019 11:52:04 +0300 -Subject: [PATCH] AP: Silently ignore management frame from unexpected source - address - -Do not process any received Management frames with unexpected/invalid SA -so that we do not add any state for unexpected STA addresses or end up -sending out frames to unexpected destination. This prevents unexpected -sequences where an unprotected frame might end up causing the AP to send -out a response to another device and that other device processing the -unexpected response. - -In particular, this prevents some potential denial of service cases -where the unexpected response frame from the AP might result in a -connected station dropping its association. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/ap/drv_callbacks.c | 13 +++++++++++++ - src/ap/ieee802_11.c | 12 ++++++++++++ - 2 files changed, 25 insertions(+) - -diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c -index 31587685fe3b..34ca379edc3d 100644 ---- a/src/ap/drv_callbacks.c -+++ b/src/ap/drv_callbacks.c -@@ -131,6 +131,19 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, - "hostapd_notif_assoc: Skip event with no address"); - return -1; - } -+ -+ if (is_multicast_ether_addr(addr) || -+ is_zero_ether_addr(addr) || -+ os_memcmp(addr, hapd->own_addr, ETH_ALEN) == 0) { -+ /* Do not process any frames with unexpected/invalid SA so that -+ * we do not add any state for unexpected STA addresses or end -+ * up sending out frames to unexpected destination. */ -+ wpa_printf(MSG_DEBUG, "%s: Invalid SA=" MACSTR -+ " in received indication - ignore this indication silently", -+ __func__, MAC2STR(addr)); -+ return 0; -+ } -+ - random_add_randomness(addr, ETH_ALEN); - - hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, -diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c -index c85a28db44b7..e7065372e158 100644 ---- a/src/ap/ieee802_11.c -+++ b/src/ap/ieee802_11.c -@@ -4626,6 +4626,18 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, - fc = le_to_host16(mgmt->frame_control); - stype = WLAN_FC_GET_STYPE(fc); - -+ if (is_multicast_ether_addr(mgmt->sa) || -+ is_zero_ether_addr(mgmt->sa) || -+ os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) { -+ /* Do not process any frames with unexpected/invalid SA so that -+ * we do not add any state for unexpected STA addresses or end -+ * up sending out frames to unexpected destination. */ -+ wpa_printf(MSG_DEBUG, "MGMT: Invalid SA=" MACSTR -+ " in received frame - ignore this frame silently", -+ MAC2STR(mgmt->sa)); -+ return 0; -+ } -+ - if (stype == WLAN_FC_STYPE_BEACON) { - handle_beacon(hapd, mgmt, len, fi); - return 1; --- -2.20.1 - |