mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-17 14:33:00 +02:00
6491a92335
For details see: https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog "2022-01-16 - v2.10 * SAE changes - improved protection against side channel attacks [https://w1.fi/security/2022-1/] - added option send SAE Confirm immediately (sae_config_immediate=1) after SAE Commit - added support for the hash-to-element mechanism (sae_pwe=1 or sae_pwe=2) - fixed PMKSA caching with OKC - added support for SAE-PK * EAP-pwd changes - improved protection against side channel attacks [https://w1.fi/security/2022-1/] * fixed WPS UPnP SUBSCRIBE handling of invalid operations [https://w1.fi/security/2020-1/] * fixed PMF disconnection protection bypass [https://w1.fi/security/2019-7/] * added support for using OpenSSL 3.0 * fixed various issues in experimental support for EAP-TEAP server * added configuration (max_auth_rounds, max_auth_rounds_short) to increase the maximum number of EAP message exchanges (mainly to support cases with very large certificates) for the EAP server * added support for DPP release 2 (Wi-Fi Device Provisioning Protocol) * extended HE (IEEE 802.11ax) support, including 6 GHz support * removed obsolete IAPP functionality * fixed EAP-FAST server with TLS GCM/CCM ciphers * dropped support for libnl 1.1 * added support for nl80211 control port for EAPOL frame TX/RX * fixed OWE key derivation with groups 20 and 21; this breaks backwards compatibility for these groups while the default group 19 remains backwards compatible; owe_ptk_workaround=1 can be used to enabled a a workaround for the group 20/21 backwards compatibility * added support for Beacon protection * added support for Extended Key ID for pairwise keys * removed WEP support from the default build (CONFIG_WEP=y can be used to enable it, if really needed) * added a build option to remove TKIP support (CONFIG_NO_TKIP=y) * added support for Transition Disable mechanism to allow the AP to automatically disable transition mode to improve security * added support for PASN * added EAP-TLS server support for TLS 1.3 (disabled by default for now) * a large number of other fixes, cleanup, and extensions" Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
101 lines
3.9 KiB
Plaintext
101 lines
3.9 KiB
Plaintext
###############################################################################
|
|
# #
|
|
# IPFire.org - A linux based firewall #
|
|
# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
|
|
# #
|
|
# This program is free software: you can redistribute it and/or modify #
|
|
# it under the terms of the GNU General Public License as published by #
|
|
# the Free Software Foundation, either version 3 of the License, or #
|
|
# (at your option) any later version. #
|
|
# #
|
|
# This program is distributed in the hope that it will be useful, #
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
|
|
# GNU General Public License for more details. #
|
|
# #
|
|
# You should have received a copy of the GNU General Public License #
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
|
|
# #
|
|
###############################################################################
|
|
|
|
###############################################################################
|
|
# Definitions
|
|
###############################################################################
|
|
|
|
include Config
|
|
|
|
VER = 2_10
|
|
|
|
THISAPP = hostap_$(VER)
|
|
DL_FILE = $(THISAPP).tar.bz2
|
|
DL_FROM = $(URL_IPFIRE)
|
|
DIR_APP = $(DIR_SRC)/$(THISAPP)
|
|
TARGET = $(DIR_INFO)/$(THISAPP)
|
|
PROG = hostapd
|
|
PAK_VER = 59
|
|
|
|
DEPS =
|
|
|
|
###############################################################################
|
|
# Top-level Rules
|
|
###############################################################################
|
|
|
|
objects = $(DL_FILE)
|
|
|
|
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
|
|
|
|
$(DL_FILE)_MD5 = 973639d02c9f6712b3b3da6d6c70ab37
|
|
|
|
install : $(TARGET)
|
|
|
|
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
|
|
|
|
download :$(patsubst %,$(DIR_DL)/%,$(objects))
|
|
|
|
md5 : $(subst %,%_MD5,$(objects))
|
|
|
|
dist:
|
|
@$(PAK)
|
|
|
|
###############################################################################
|
|
# Downloading, checking, md5sum
|
|
###############################################################################
|
|
|
|
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
|
|
@$(CHECK)
|
|
|
|
$(patsubst %,$(DIR_DL)/%,$(objects)) :
|
|
@$(LOAD)
|
|
|
|
$(subst %,%_MD5,$(objects)) :
|
|
@$(MD5)
|
|
|
|
###############################################################################
|
|
# Installation Details
|
|
###############################################################################
|
|
|
|
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
|
|
@$(PREBUILD)
|
|
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
|
|
|
|
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd/hostapd-2.9-increase_EAPOL-timeouts.patch
|
|
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd/hostapd-2.9-noscan.patch
|
|
|
|
cd $(DIR_APP)/hostapd && cp $(DIR_SRC)/config/hostapd/config ./.config
|
|
cd $(DIR_APP)/hostapd && sed -e "s@/usr/local@/usr@g" -i Makefile
|
|
cd $(DIR_APP)/hostapd && make $(MAKETUNING) $(EXTRA_MAKE)
|
|
cd $(DIR_APP)/hostapd && make install
|
|
install -v -m 644 $(DIR_SRC)/config/backup/includes/hostapd /var/ipfire/backup/addons/includes/hostapd
|
|
# install initscript
|
|
$(call INSTALL_INITSCRIPT,hostapd)
|
|
mkdir -p /var/ipfire/wlanap
|
|
touch /var/ipfire/wlanap/settings
|
|
cp -vrf $(DIR_SRC)/config/hostapd/hostapd.conf /var/ipfire/wlanap/hostapd.conf
|
|
touch /var/ipfire/wlanap/hostapd.accept
|
|
touch /var/ipfire/wlanap/hostapd.deny
|
|
cp -vrf /var/ipfire/wlanap/hostapd.* /etc/
|
|
chown nobody:nobody /var/ipfire/wlanap/*
|
|
chmod 644 /var/ipfire/wlanap/*
|
|
@rm -rf $(DIR_APP)
|
|
@$(POSTBUILD)
|