author: Cy Schubert <cy@FreeBSD.org> 2018-12-06 20:11:21 +0000
committer: Cy Schubert <cy@FreeBSD.org> 2018-12-06 20:11:21 +0000
commit: 1271a1a87af7bd9099e9f5072af9c117ae33331d (patch)
tree: 8f4e73a9b5805327355cd6203eaddf008ee511b1 /security/wpa_supplicant
parent: 409a482cecbacae673bade20e7a5d4ceed6db327 (diff)
6 files changed, 17 insertions, 118 deletions
diff --git a/security/wpa_supplicant/Makefile b/security/wpa_supplicant/Makefile
index 6d2f9b41995d..d7a1ec03c3c0 100644
--- a/security/wpa_supplicant/Makefile
+++ b/security/wpa_supplicant/Makefile
@@ -1,24 +1,11 @@
 # $FreeBSD$
 
 PORTNAME=	wpa_supplicant
-PORTVERSION=	2.6
-PORTREVISION=	3
+PORTVERSION=	2.7
 CATEGORIES=	security net
 MASTER_SITES=	https://w1.fi/releases/
 
-PATCH_SITES=	https://w1.fi/security/2017-1/:2017_1 \
-		https://w1.fi/security/2018-1/:2018_1
-
-PATCHFILES=	rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch:2017_1 \
-	rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch:2017_1 \
-	rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch:2017_1 \
-	rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch:2017_1 \
-	rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch:2017_1 \
-	rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch:2017_1 \
-	rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch:2017_1 \
-	rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch:2017_1 \
-	rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch:2018_1
-PATCH_DIST_STRIP=	-p1
+PATCH_SITES=	https://w1.fi/security/2018-1/:2018_1
 
 MAINTAINER=	cy@FreeBSD.org
 COMMENT=	Supplicant (client) for WPA/802.1x protocols
diff --git a/security/wpa_supplicant/distinfo b/security/wpa_supplicant/distinfo
index 2cdf749f726d..d6789b468943 100644
--- a/security/wpa_supplicant/distinfo
+++ b/security/wpa_supplicant/distinfo
@@ -1,21 +1,3 @@
-TIMESTAMP = 1533786430
-SHA256 (wpa_supplicant-2.6.tar.gz) = b4936d34c4e6cdd44954beba74296d964bc2c9668ecaa5255e499636fe2b1450
-SIZE (wpa_supplicant-2.6.tar.gz) = 2753524
-SHA256 (rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch) = 529113cc81256c6178f3c1cf25dd8d3f33e6d770e4a180bd31c6ab7e4917f40b
-SIZE (rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch) = 6218
-SHA256 (rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch) = d86d47ab74170f3648b45b91bce780949ca92b09ab43df065178850ec0c335d7
-SIZE (rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch) = 7883
-SHA256 (rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch) = d4535e36739a0cc7f3585e6bcba3c0bb8fc67cb3e729844e448c5dc751f47e81
-SIZE (rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch) = 6861
-SHA256 (rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch) = 793a54748161b5af430dd9de4a1988d19cb8e85ab29bc2340f886b0297cee20b
-SIZE (rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch) = 2566
-SHA256 (rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch) = 147c8abe07606905d16404fb2d2c8849796ca7c85ed8673c09bb50038bcdeb9e
-SIZE (rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch) = 1949
-SHA256 (rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch) = 596d4d3b63ea859ed7ea9791b3a21cb11b6173b04c0a14a2afa47edf1666afa6
-SIZE (rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch) = 4309
-SHA256 (rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch) = c5a17af84aec2d88c56ce0da2d6945be398fe7cab5c0c340deb30973900c2736
-SIZE (rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch) = 1649
-SHA256 (rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch) = c8840d857b9432f3b488113c85c1ff5d4a4b8d81078b7033388dae1e990843b1
-SIZE (rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch) = 2750
-SHA256 (rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch) = 960c3cf2a514479b0b4cf09665186a1a9f5d28e8b05dec23db75c6cc13eb1f7c
-SIZE (rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch) = 1999
+TIMESTAMP = 1544072988
+SHA256 (wpa_supplicant-2.7.tar.gz) = 76ea6b06b7a2ea8e6d9eb1a9166166f1656e6d48c7508914f592100c95c73074
+SIZE (wpa_supplicant-2.7.tar.gz) = 3093713
diff --git a/security/wpa_supplicant/files/patch-src-l2_packet-l2_packet_freebsd.c b/security/wpa_supplicant/files/patch-src-l2_packet-l2_packet_freebsd.c
deleted file mode 100644
index c09efb89401b..000000000000
--- a/security/wpa_supplicant/files/patch-src-l2_packet-l2_packet_freebsd.c
+++ /dev/null
@@ -1,14 +0,0 @@
---- src/l2_packet/l2_packet_freebsd.c.orig	2015-03-15 17:30:39 UTC
-+++ src/l2_packet/l2_packet_freebsd.c
-@@ -8,7 +8,10 @@
-  */
- 
- #include "includes.h"
--#if defined(__APPLE__) || defined(__GLIBC__)
-+#if defined(__FreeBSD__) \
-+ || defined(__DragonFly__) \
-+ || defined(__APPLE__) \
-+ || defined(__GLIBC__)
- #include <net/bpf.h>
- #endif /* __APPLE__ */
- #include <pcap.h>
diff --git a/security/wpa_supplicant/files/patch-src_crypto_crypto__openssl.c b/security/wpa_supplicant/files/patch-src_crypto_crypto__openssl.c
deleted file mode 100644
index 3f972450916e..000000000000
--- a/security/wpa_supplicant/files/patch-src_crypto_crypto__openssl.c
+++ /dev/null
@@ -1,30 +0,0 @@
---- src/crypto/crypto_openssl.c.orig	2016-10-02 18:51:11 UTC
-+++ src/crypto/crypto_openssl.c
-@@ -33,7 +33,8 @@
- #include "aes_wrap.h"
- #include "crypto.h"
- 
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-+	(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
- /* Compatibility wrappers for older versions. */
- 
- static HMAC_CTX * HMAC_CTX_new(void)
-@@ -611,7 +612,7 @@ void crypto_cipher_deinit(struct crypto_
- 
- void * dh5_init(struct wpabuf **priv, struct wpabuf **publ)
- {
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 	DH *dh;
- 	struct wpabuf *pubkey = NULL, *privkey = NULL;
- 	size_t publen, privlen;
-@@ -712,7 +713,7 @@ err:
- 
- void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ)
- {
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 	DH *dh;
- 
- 	dh = DH_new();
diff --git a/security/wpa_supplicant/files/patch-src_crypto_tls__openssl.c b/security/wpa_supplicant/files/patch-src_crypto_tls__openssl.c
deleted file mode 100644
index 1d6b51a65102..000000000000
--- a/security/wpa_supplicant/files/patch-src_crypto_tls__openssl.c
+++ /dev/null
@@ -1,38 +0,0 @@
---- src/crypto/tls_openssl.c.orig	2016-10-02 18:51:11 UTC
-+++ src/crypto/tls_openssl.c
-@@ -59,7 +59,7 @@ typedef int stack_index_t;
- #endif /* SSL_set_tlsext_status_type */
- 
- #if (OPENSSL_VERSION_NUMBER < 0x10100000L || \
--     defined(LIBRESSL_VERSION_NUMBER)) &&    \
-+     (defined(LIBRESSL_VERSION_NUMBER)) && LIBRESSL_VERSION_NUMBER < 0x20700000L) && \
-     !defined(BORINGSSL_API_VERSION)
- /*
-  * SSL_get_client_random() and SSL_get_server_random() were added in OpenSSL
-@@ -919,7 +919,7 @@ void * tls_init(const struct tls_config 
- 		}
- #endif /* OPENSSL_FIPS */
- #endif /* CONFIG_FIPS */
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 		SSL_load_error_strings();
- 		SSL_library_init();
- #ifndef OPENSSL_NO_SHA256
-@@ -1043,7 +1043,7 @@ void tls_deinit(void *ssl_ctx)
- 
- 	tls_openssl_ref_count--;
- 	if (tls_openssl_ref_count == 0) {
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- #ifndef OPENSSL_NO_ENGINE
- 		ENGINE_cleanup();
- #endif /* OPENSSL_NO_ENGINE */
-@@ -3976,7 +3976,7 @@ int tls_connection_set_params(void *tls_
- 		engine_id = "pkcs11";
- 
- #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 	if (params->flags & TLS_CONN_EAP_FAST) {
- 		wpa_printf(MSG_DEBUG,
- 			   "OpenSSL: Use TLSv1_method() for EAP-FAST");
diff --git a/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c b/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c
new file mode 100644
index 000000000000..5bce58b36950
--- /dev/null
+++ b/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c
@@ -0,0 +1,12 @@
+--- src/l2_packet/l2_packet_freebsd.c.orig	2018-12-02 11:34:59.000000000 -0800
++++ src/l2_packet/l2_packet_freebsd.c	2018-12-05 23:18:27.612433000 -0800
+@@ -8,7 +8,8 @@
+  */
+ 
+ #include "includes.h"
+-#if defined(__APPLE__) || defined(__GLIBC__)
++#include <sys/param.h>
++#if defined(__APPLE__) || defined(__GLIBC__) || defined(__FreeBSD_version)
+ #include <net/bpf.h>
+ #endif /* __APPLE__ */
+ #include <pcap.h>
author	Cy Schubert <cy@FreeBSD.org>	2018-12-06 20:11:21 +0000
committer	Cy Schubert <cy@FreeBSD.org>	2018-12-06 20:11:21 +0000
commit	1271a1a87af7bd9099e9f5072af9c117ae33331d (patch)
tree	8f4e73a9b5805327355cd6203eaddf008ee511b1 /security/wpa_supplicant
parent	409a482cecbacae673bade20e7a5d4ceed6db327 (diff)