X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=lfs%2Fhostapd;h=a8302ccddbe6cad335de2f84bb5f8f636a1a07d8;hb=b15b70bc6b6b5f6d8b62e5b730b68d86f59810e6;hp=a4fe99a92e01bb57b59f3a68daec5e0f3a9e629c;hpb=e2f8251726f7b4b567021a8631f153e014442f0c;p=people%2Fpmueller%2Fipfire-2.x.git diff --git a/lfs/hostapd b/lfs/hostapd index a4fe99a92e..a8302ccddb 100644 --- a/lfs/hostapd +++ b/lfs/hostapd @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2016 IPFire Team # +# Copyright (C) 2007-2018 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 2.5 +VER = 2.6 THISAPP = hostapd-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = hostapd -PAK_VER = 37 +PAK_VER = 43 DEPS = "" @@ -44,7 +44,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 69f9cec3f76d74f402864a43e4f8624f +$(DL_FILE)_MD5 = eaa56dce9bd8f1d195eb62596eab34c7 install : $(TARGET) @@ -54,7 +54,7 @@ download :$(patsubst %,$(DIR_DL)/%,$(objects)) md5 : $(subst %,%_MD5,$(objects)) -dist: +dist: @$(PAK) ############################################################################### @@ -77,12 +77,26 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + + # Security Patches https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt + cd $(DIR_APP) && patch -p1 < $(DIR_SRC)/src/patches/wpa_supplicant/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch + cd $(DIR_APP) && patch -p1 < $(DIR_SRC)/src/patches/wpa_supplicant/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch + cd $(DIR_APP) && patch -p1 < $(DIR_SRC)/src/patches/wpa_supplicant/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch + cd $(DIR_APP) && patch -p1 < $(DIR_SRC)/src/patches/wpa_supplicant/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch + cd $(DIR_APP) && patch -p1 < $(DIR_SRC)/src/patches/wpa_supplicant/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch + cd $(DIR_APP) && patch -p1 < $(DIR_SRC)/src/patches/wpa_supplicant/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch + cd $(DIR_APP) && patch -p1 < $(DIR_SRC)/src/patches/wpa_supplicant/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd-2.3_increase_EAPOL-timeouts.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd/hostapd-2.6-noscan.patch + cd $(DIR_APP)/hostapd && cp $(DIR_SRC)/config/hostapd/config ./.config cd $(DIR_APP)/hostapd && sed -e "s@/usr/local@/usr@g" -i Makefile cd $(DIR_APP)/hostapd && make $(MAKETUNING) $(EXTRA_MAKE) cd $(DIR_APP)/hostapd && make install install -v -m 644 $(DIR_SRC)/config/backup/includes/hostapd /var/ipfire/backup/addons/includes/hostapd + # install initscript + $(call INSTALL_INITSCRIPT,hostapd) mkdir -p /var/ipfire/wlanap touch /var/ipfire/wlanap/settings cp -vrf $(DIR_SRC)/config/hostapd/hostapd.conf /var/ipfire/wlanap/hostapd.conf