wpa_supplicant: Update to 2.10

For details see:
https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog

"2022-01-16 - v2.10
	* SAE changes
	  - improved protection against side channel attacks
	    [https://w1.fi/security/2022-1/]
	  - added support for the hash-to-element mechanism (sae_pwe=1 or
	    sae_pwe=2); this is currently disabled by default, but will likely
	    get enabled by default in the future
	  - fixed PMKSA caching with OKC
	  - added support for SAE-PK
	* EAP-pwd changes
	  - improved protection against side channel attacks
	  [https://w1.fi/security/2022-1/]
	* fixed P2P provision discovery processing of a specially constructed
	  invalid frame
	  [https://w1.fi/security/2021-1/]
	* fixed P2P group information processing of a specially constructed
	  invalid frame
	  [https://w1.fi/security/2020-2/]
	* fixed PMF disconnection protection bypass in AP mode
	  [https://w1.fi/security/2019-7/]
	* added support for using OpenSSL 3.0
	* increased the maximum number of EAP message exchanges (mainly to
	  support cases with very large certificates)
	* fixed various issues in experimental support for EAP-TEAP peer
	* added support for DPP release 2 (Wi-Fi Device Provisioning Protocol)
	* a number of MKA/MACsec fixes and extensions
	* added support for SAE (WPA3-Personal) AP mode configuration
	* added P2P support for EDMG (IEEE 802.11ay) channels
	* fixed EAP-FAST peer with TLS GCM/CCM ciphers
	* improved throughput estimation and BSS selection
	* dropped support for libnl 1.1
	* added support for nl80211 control port for EAPOL frame TX/RX
	* fixed OWE key derivation with groups 20 and 21; this breaks backwards
	  compatibility for these groups while the default group 19 remains
	  backwards compatible
	* added support for Beacon protection
	* added support for Extended Key ID for pairwise keys
	* removed WEP support from the default build (CONFIG_WEP=y can be used
	  to enable it, if really needed)
	* added a build option to remove TKIP support (CONFIG_NO_TKIP=y)
	* added support for Transition Disable mechanism to allow the AP to
	  automatically disable transition mode to improve security
	* extended D-Bus interface
	* added support for PASN
	* added a file-based backend for external password storage to allow
	  secret information to be moved away from the main configuration file
	  without requiring external tools
	* added EAP-TLS peer support for TLS 1.3 (disabled by default for now)
	* added support for SCS, MSCS, DSCP policy
	* changed driver interface selection to default to automatic fallback
	  to other compiled in options
	* a large number of other fixes, cleanup, and extensions"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>

diff --git a/lfs/wpa_supplicant b/lfs/wpa_supplicant
index c64b6aab47d9524e37f915a8b3d0eb0e72b6e8fa..ad91506119bc8d5d5667ffe0632aee9c9978032e 100644 (file)
--- a/lfs/wpa_supplicant
+++ b/lfs/wpa_supplicant
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2019  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2022  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,13 +24,14 @@
 
 include Config
 
-VER        = 581dfcc
+VER        = 2.10
 
 THISAPP    = wpa_supplicant-$(VER)
-DL_FILE    = hostapd-$(VER).tar.gz
+DL_FILE    = $(THISAPP).tar.gz
 DL_FROM    = $(URL_IPFIRE)
-DIR_APP    = $(DIR_SRC)/hostap-$(VER)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
+PROG       = wpa_supplicant
 
 ###############################################################################
 # Top-level Rules
@@ -40,7 +41,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = eed922f2daabe16d74adf2b23455d8bd
+$(DL_FILE)_MD5 = d26797fcb002898d4ee989179346e1cc
 
 install : $(TARGET)
 
@@ -73,10 +74,10 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+
        cd $(DIR_APP)/wpa_supplicant && cp $(DIR_SRC)/config/wpa_supplicant/config ./.config
        cd $(DIR_APP)/wpa_supplicant && sed -e "s/wpa_cli\ dynamic_eap_methods/wpa_cli\ #dynamic_eap_methods/" -i Makefile
        cd $(DIR_APP)/wpa_supplicant && sed -e "s@/usr/local@/usr@g" -i Makefile
-       cd $(DIR_APP)/wpa_supplicant && make $(MAKETUNING)
-       cd $(DIR_APP)/wpa_supplicant && make install
+       cd $(DIR_APP)/wpa_supplicant && make && make install
        @rm -rf $(DIR_APP)
        @$(POSTBUILD)