From 2771f79232c273bc2a57d23bf335dd81ccf6af28 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 5 Dec 2021 02:47:11 +0000 Subject: gentoo resync : 05.12.2021 --- net-wireless/wpa_supplicant/Manifest | 5 +- net-wireless/wpa_supplicant/metadata.xml | 1 + .../wpa_supplicant/wpa_supplicant-2.9-r8.ebuild | 494 +++++++++++++++++++++ .../wpa_supplicant/wpa_supplicant-9999.ebuild | 74 +-- 4 files changed, 545 insertions(+), 29 deletions(-) create mode 100644 net-wireless/wpa_supplicant/wpa_supplicant-2.9-r8.ebuild (limited to 'net-wireless/wpa_supplicant') diff --git a/net-wireless/wpa_supplicant/Manifest b/net-wireless/wpa_supplicant/Manifest index eb70aa472e47..563e78693e9b 100644 --- a/net-wireless/wpa_supplicant/Manifest +++ b/net-wireless/wpa_supplicant/Manifest @@ -16,5 +16,6 @@ DIST wpa_supplicant-2.9-r3-patches.tar.bz2 5266 BLAKE2B 284fdeaf6328c35b1f5e8807 DIST wpa_supplicant-2.9.tar.gz 3231785 BLAKE2B f1e2a5cb37b02d5c74116b5bc7f67c47d85f916c972cbd6b881d63a317161294a37c8517aabe6c74f9617c762aaa76d869f318af311473160e87bac8ac2a1807 SHA512 37a33f22cab9d27084fbef29856eaea0f692ff339c5b38bd32402dccf293cb849afd4a870cd3b5ca78179f0102f4011ce2f3444a53dc41dc75a5863b0a2226c8 EBUILD wpa_supplicant-2.9-r4.ebuild 12060 BLAKE2B 8843c2e43a7b0dee34d5b5e02488ca23b16a4876f69112fc18f8d46c8c86ecc1cef522fd7e157ab60a93d54a9b5603ea6a65f2ebac9fdcfb5da32b9c45f6ec35 SHA512 ddbdf6269775a13c726f727b0df4f1049f890165bedd4072ab031c00cde051964c62a7e6265acfab439fdf256f968a543bba825359e893bacf1e4d44b6c232b9 EBUILD wpa_supplicant-2.9-r5.ebuild 12434 BLAKE2B 523199b19036417f6bf5ee7062444b85709393470ad03a331f4a47c2150cb463abb6da50d4c3ccef4b78e39ce194778eb00ee312ead5285d8b5be838d61fdbe2 SHA512 51faaa0f6264cb140e609429152fdee361603dbc21abae230e1d24041e58decfda7c6f107d3e9bee8218d75bca979668f70fc379b39397599ac87ae364afe064 -EBUILD wpa_supplicant-9999.ebuild 11937 BLAKE2B 84da7a822329af8fe9ae8450e410afc117e3e1fee0d59fc709099a26ab91c226b23f2f027a0249bede0036cf2c777952b5576e9192c97ab3ad889c1f39cecf9d SHA512 ed05581681fc9616038a737b4b07d89f64e1fd1b776a3c9cfb81baf6e910083dd2a0ff69f925c68598b9e025230111dfbaa17c85154d947637386c6623cce232 -MISC metadata.xml 1677 BLAKE2B 0503bcb48eb0d2378891f1fd5d157ddcb2058f6733136dcae7f7894a3c67198595834f978501e57ca2525182c8a46a1c686a81c4a5c6e13aebab940b2cbd87e3 SHA512 c58212f12bf332e9b64f49638d9bd3a0a0fbc6b82031513504fa6cba9c1c84fc8f2eaf5ab9fa1e8601c97c3a1da82ef053c165225b13f9f3ae15b98a0c932171 +EBUILD wpa_supplicant-2.9-r8.ebuild 13054 BLAKE2B a7fc2107457365ab51c9c9289f2b7f666abcc277e17f34ee9647c30169855082ae203f9f846a4f1eb93f6fd5947ba92b3d99fc4115ee139c8b8bab5ebf08c202 SHA512 2d31c4f67e4a7edbab432525ed814914b6008913fc54cae0515268a7990979e8266ee0339a50f4f4e7bdd3b75fa27abefcb72b2d2b38e05de0c0b32ba90fe8fa +EBUILD wpa_supplicant-9999.ebuild 12656 BLAKE2B f97f6fecfdfc766489cfc9fa9d1d47edaf8b857b8d8c23ea903bd1fb2861b7a2a18c8d3042fe5c763b70ea9b58390e4d309606b070e269dead9a9402e7b3d740 SHA512 c8c389adfee5b84a2cac9fe5cb2163e850df93365e01bdcbc15f6bccbd5329ae296631aa2a4cc6505ea31fe402728caf0d5e4216e415e02c479a4ca13c76dbf2 +MISC metadata.xml 1804 BLAKE2B d8e5383b6ff9511bc0541725d2c6e8b114f4619d27d6d96b09e868925ebf20fa1e63476218c3b42e1c01af695492879c4e428cf2ae34ea139bca21ef46bd4b4f SHA512 1fc0ccf65262195d6f8896fc0414cb5a4203b3b659bff68bac3ad449eec77d3ce071b7453c636eb16d666199770fd2c65d4b45aca20d14f32b9e0874ec676e70 diff --git a/net-wireless/wpa_supplicant/metadata.xml b/net-wireless/wpa_supplicant/metadata.xml index 0209c6198dc8..749b235bf0e5 100644 --- a/net-wireless/wpa_supplicant/metadata.xml +++ b/net-wireless/wpa_supplicant/metadata.xml @@ -8,6 +8,7 @@ Add support for access point mode Flag to help users disable features not supported by broadcom-sta driver + Use net-wireless/crda for regulatory domain loading instead of in-kernel (4.15+) support Add support for EAP-SIM authentication algorithm Build and install eapol_test binary Add support for FAST-EAP authentication algorithm diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-2.9-r8.ebuild b/net-wireless/wpa_supplicant/wpa_supplicant-2.9-r8.ebuild new file mode 100644 index 000000000000..6c1e2d23ae78 --- /dev/null +++ b/net-wireless/wpa_supplicant/wpa_supplicant-2.9-r8.ebuild @@ -0,0 +1,494 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit desktop linux-info qmake-utils readme.gentoo-r1 systemd toolchain-funcs + +DESCRIPTION="IEEE 802.1X/WPA supplicant for secure wireless transfers" +HOMEPAGE="https://w1.fi/wpa_supplicant/" +LICENSE="|| ( GPL-2 BSD )" + +if [ "${PV}" = "9999" ]; then + inherit git-r3 + EGIT_REPO_URI="https://w1.fi/hostap.git" +else + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" + SRC_URI="https://w1.fi/releases/${P}.tar.gz" + SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${PN}-2.9-r3-patches.tar.bz2" +fi + +SLOT="0" +IUSE="ap +crda broadcom-sta dbus eap-sim eapol-test fasteap +fils +hs2-0 macsec +mbo +mesh p2p privsep ps3 qt5 readline selinux smartcard tdls uncommon-eap-types wimax wps kernel_linux kernel_FreeBSD" + +# CONFIG_PRIVSEP=y does not have sufficient support for the new driver +# interface functions used for MACsec, so this combination cannot be used +# at least for now. +REQUIRED_USE=" + macsec? ( !privsep ) + privsep? ( !macsec ) + broadcom-sta? ( !fils !mesh !mbo ) +" + +DEPEND=" + >=dev-libs/openssl-1.0.2k:= + dbus? ( sys-apps/dbus ) + kernel_linux? ( + dev-libs/libnl:3 + eap-sim? ( sys-apps/pcsc-lite ) + ) + !kernel_linux? ( net-libs/libpcap ) + qt5? ( + dev-qt/qtcore:5 + dev-qt/qtgui:5 + dev-qt/qtsvg:5 + dev-qt/qtwidgets:5 + ) + readline? ( + sys-libs/ncurses:0= + sys-libs/readline:0= + ) +" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-networkmanager ) + kernel_linux? ( + net-wireless/wireless-regdb + crda? ( net-wireless/crda ) + ) +" +BDEPEND="virtual/pkgconfig" + +DOC_CONTENTS=" + If this is a clean installation of wpa_supplicant, you + have to create a configuration file named + ${EROOT}/etc/wpa_supplicant/wpa_supplicant.conf + An example configuration file is available for reference in + ${EROOT}/usr/share/doc/${PF}/ +" + +S="${WORKDIR}/${P}/${PN}" + +Kconfig_style_config() { + #param 1 is CONFIG_* item + #param 2 is what to set it = to, defaulting in y + CONFIG_PARAM="${CONFIG_HEADER:-CONFIG_}$1" + setting="${2:-y}" + + if [ ! $setting = n ]; then + #first remove any leading "# " if $2 is not n + sed -i "/^# *$CONFIG_PARAM=/s/^# *//" .config || echo "Kconfig_style_config error uncommenting $CONFIG_PARAM" + #set item = $setting (defaulting to y) + sed -i "/^$CONFIG_PARAM/s/=.*/=$setting/" .config || echo "Kconfig_style_config error setting $CONFIG_PARAM=$setting" + if [ -z "$( grep ^$CONFIG_PARAM= .config )" ] ; then + echo "$CONFIG_PARAM=$setting" >>.config + fi + else + #ensure item commented out + sed -i "/^$CONFIG_PARAM/s/$CONFIG_PARAM/# $CONFIG_PARAM/" .config || echo "Kconfig_style_config error commenting $CONFIG_PARAM" + fi +} + +pkg_pretend() { + CONFIG_CHECK="" + + if use crda ; then + CONFIG_CHECK="${CONFIG_CHECK} ~CFG80211_CRDA_SUPPORT" + WARNING_CFG80211_CRDA_SUPPORT="REGULATORY DOMAIN PROBLEM: please enable CFG80211_CRDA_SUPPORT for proper regulatory domain support" + fi + + check_extra_config + + if ! use crda ; then + if linux_config_exists && linux_chkconfig_builtin CFG80211 && + [[ $(linux_chkconfig_string EXTRA_FIRMWARE) != *regulatory.db* ]] + then + ewarn "REGULATORY DOMAIN PROBLEM:" + ewarn "With CONFIG_CFG80211=y (built-in), the driver won't be able to load regulatory.db from" + ewarn " /lib/firmware, resulting in broken regulatory domain support. Please set CONFIG_CFG80211=m" + ewarn " or add regulatory.db and regulatory.db.p7s to CONFIG_EXTRA_FIRMWARE." + fi + fi +} + +src_prepare() { + default + + # net/bpf.h needed for net-libs/libpcap on Gentoo/FreeBSD + sed -i \ + -e "s:\(#include \):#include \n\1:" \ + ../src/l2_packet/l2_packet_freebsd.c || die + + # People seem to take the example configuration file too literally (bug #102361) + sed -i \ + -e "s:^\(opensc_engine_path\):#\1:" \ + -e "s:^\(pkcs11_engine_path\):#\1:" \ + -e "s:^\(pkcs11_module_path\):#\1:" \ + wpa_supplicant.conf || die + + # Change configuration to match Gentoo locations (bug #143750) + sed -i \ + -e "s:/usr/lib/opensc:/usr/$(get_libdir):" \ + -e "s:/usr/lib/pkcs11:/usr/$(get_libdir):" \ + wpa_supplicant.conf || die + + # systemd entries to D-Bus service files (bug #372877) + echo 'SystemdService=wpa_supplicant.service' \ + | tee -a dbus/*.service >/dev/null || die + + cd "${WORKDIR}/${P}" || die + + if use wimax; then + # generate-libeap-peer.patch comes before + # fix-undefined-reference-to-random_get_bytes.patch + eapply "${FILESDIR}/${P}-generate-libeap-peer.patch" + + # multilib-strict fix (bug #373685) + sed -e "s/\/usr\/lib/\/usr\/$(get_libdir)/" -i src/eap_peer/Makefile || die + fi + + # bug (320097) + eapply "${FILESDIR}/${PN}-2.6-do-not-call-dbus-functions-with-NULL-path.patch" + + # bug (640492) + sed -i 's#-Werror ##' wpa_supplicant/Makefile || die + + ## Security patches + # CVE-2019-16275 (bug #696030) + eapply "${FILESDIR}/wpa_supplicant-2.9-AP-Silently-ignore-management-frame-from-unexpected.patch" + # 2020-2, 2021-1 security advisories (bug #768759) + eapply "${WORKDIR}"/wpa_supplicant-2.9-r3-patches/security-{2020-2,2021-1}/*.patch + # CVE-2021-30004 (bug #780138) + eapply "${WORKDIR}"/wpa_supplicant-2.9-r3-patches/misc/CVE-2021-30004.patch +} + +src_configure() { + # Toolchain setup + tc-export CC PKG_CONFIG + + cp defconfig .config || die + + # Basic setup + Kconfig_style_config CTRL_IFACE + Kconfig_style_config MATCH_IFACE + Kconfig_style_config BACKEND file + Kconfig_style_config IBSS_RSN + Kconfig_style_config IEEE80211W + Kconfig_style_config IEEE80211R + Kconfig_style_config HT_OVERRIDES + Kconfig_style_config VHT_OVERRIDES + Kconfig_style_config OCV + Kconfig_style_config TLSV11 + Kconfig_style_config TLSV12 + Kconfig_style_config GETRANDOM + + # Basic authentication methods + # NOTE: we don't set GPSK or SAKE as they conflict + # with the below options + Kconfig_style_config EAP_GTC + Kconfig_style_config EAP_MD5 + Kconfig_style_config EAP_OTP + Kconfig_style_config EAP_PAX + Kconfig_style_config EAP_PSK + Kconfig_style_config EAP_TLV + Kconfig_style_config EAP_EXE + Kconfig_style_config IEEE8021X_EAPOL + Kconfig_style_config PKCS12 + Kconfig_style_config PEERKEY + Kconfig_style_config EAP_LEAP + Kconfig_style_config EAP_MSCHAPV2 + Kconfig_style_config EAP_PEAP + Kconfig_style_config EAP_TEAP + Kconfig_style_config EAP_TLS + Kconfig_style_config EAP_TTLS + + # Enabling background scanning. + Kconfig_style_config BGSCAN_SIMPLE + Kconfig_style_config BGSCAN_LEARN + + if use dbus ; then + Kconfig_style_config CTRL_IFACE_DBUS + Kconfig_style_config CTRL_IFACE_DBUS_NEW + Kconfig_style_config CTRL_IFACE_DBUS_INTRO + else + Kconfig_style_config CTRL_IFACE_DBUS n + Kconfig_style_config CTRL_IFACE_DBUS_NEW n + Kconfig_style_config CTRL_IFACE_DBUS_INTRO n + fi + + if use eapol-test ; then + Kconfig_style_config EAPOL_TEST + fi + + # Enable support for writing debug info to a log file and syslog. + Kconfig_style_config DEBUG_FILE + Kconfig_style_config DEBUG_SYSLOG + + if use hs2-0 ; then + Kconfig_style_config INTERWORKING + Kconfig_style_config HS20 + fi + + if use mbo ; then + Kconfig_style_config MBO + else + Kconfig_style_config MBO n + fi + + if use uncommon-eap-types; then + Kconfig_style_config EAP_GPSK + Kconfig_style_config EAP_SAKE + Kconfig_style_config EAP_GPSK_SHA256 + Kconfig_style_config EAP_IKEV2 + Kconfig_style_config EAP_EKE + fi + + if use eap-sim ; then + # Smart card authentication + Kconfig_style_config EAP_SIM + Kconfig_style_config EAP_AKA + Kconfig_style_config EAP_AKA_PRIME + Kconfig_style_config PCSC + fi + + if use fasteap ; then + Kconfig_style_config EAP_FAST + fi + + if use readline ; then + # readline/history support for wpa_cli + Kconfig_style_config READLINE + else + #internal line edit mode for wpa_cli + Kconfig_style_config WPA_CLI_EDIT + fi + + Kconfig_style_config TLS openssl + Kconfig_style_config FST + + Kconfig_style_config EAP_PWD + if use fils; then + Kconfig_style_config FILS + Kconfig_style_config FILS_SK_PFS + fi + if use mesh; then + Kconfig_style_config MESH + else + Kconfig_style_config MESH n + fi + # WPA3 + Kconfig_style_config OWE + Kconfig_style_config SAE + Kconfig_style_config DPP + Kconfig_style_config SUITEB192 + Kconfig_style_config SUITEB + + if use smartcard ; then + Kconfig_style_config SMARTCARD + else + Kconfig_style_config SMARTCARD n + fi + + if use tdls ; then + Kconfig_style_config TDLS + fi + + if use kernel_linux ; then + # Linux specific drivers + Kconfig_style_config DRIVER_ATMEL + Kconfig_style_config DRIVER_HOSTAP + Kconfig_style_config DRIVER_IPW + Kconfig_style_config DRIVER_NL80211 + Kconfig_style_config DRIVER_RALINK + Kconfig_style_config DRIVER_WEXT + Kconfig_style_config DRIVER_WIRED + + if use macsec ; then + #requires something, no idea what + #Kconfig_style_config DRIVER_MACSEC_QCA + Kconfig_style_config DRIVER_MACSEC_LINUX + Kconfig_style_config MACSEC + fi + + if use ps3 ; then + Kconfig_style_config DRIVER_PS3 + fi + + elif use kernel_FreeBSD ; then + # FreeBSD specific driver + Kconfig_style_config DRIVER_BSD + fi + + # Wi-Fi Protected Setup (WPS) + if use wps ; then + Kconfig_style_config WPS + Kconfig_style_config WPS2 + # USB Flash Drive + Kconfig_style_config WPS_UFD + # External Registrar + Kconfig_style_config WPS_ER + # Universal Plug'n'Play + Kconfig_style_config WPS_UPNP + # Near Field Communication + Kconfig_style_config WPS_NFC + else + Kconfig_style_config WPS n + Kconfig_style_config WPS2 n + Kconfig_style_config WPS_UFD n + Kconfig_style_config WPS_ER n + Kconfig_style_config WPS_UPNP n + Kconfig_style_config WPS_NFC n + fi + + # Wi-Fi Direct (WiDi) + if use p2p ; then + Kconfig_style_config P2P + Kconfig_style_config WIFI_DISPLAY + else + Kconfig_style_config P2P n + Kconfig_style_config WIFI_DISPLAY n + fi + + # Access Point Mode + if use ap ; then + Kconfig_style_config AP + else + Kconfig_style_config AP n + fi + + # Enable essentials for AP/P2P + if use ap || use p2p ; then + # Enabling HT support (802.11n) + Kconfig_style_config IEEE80211N + + # Enabling VHT support (802.11ac) + Kconfig_style_config IEEE80211AC + fi + + # Enable mitigation against certain attacks against TKIP + Kconfig_style_config DELAYED_MIC_ERROR_REPORT + + if use privsep ; then + Kconfig_style_config PRIVSEP + fi + + # If we are using libnl 2.0 and above, enable support for it + # Bug 382159 + # Removed for now, since the 3.2 version is broken, and we don't + # support it. + if has_version ">=dev-libs/libnl-3.2"; then + Kconfig_style_config LIBNL32 + fi + + if use qt5 ; then + pushd "${S}"/wpa_gui-qt4 > /dev/null || die + eqmake5 wpa_gui.pro + popd > /dev/null || die + fi +} + +src_compile() { + einfo "Building wpa_supplicant" + emake V=1 BINDIR=/usr/sbin + + if use wimax; then + emake -C ../src/eap_peer clean + emake -C ../src/eap_peer + fi + + if use qt5; then + einfo "Building wpa_gui" + emake -C "${S}"/wpa_gui-qt4 + fi + + if use eapol-test ; then + emake eapol_test + fi +} + +src_install() { + dosbin wpa_supplicant + use privsep && dosbin wpa_priv + dobin wpa_cli wpa_passphrase + + # baselayout-1 compat + if has_version "=sys-apps/openrc-0.5.0"; then + newinitd "${FILESDIR}/${PN}-init.d" wpa_supplicant + newconfd "${FILESDIR}/${PN}-conf.d" wpa_supplicant + fi + + exeinto /etc/wpa_supplicant/ + newexe "${FILESDIR}/wpa_cli.sh" wpa_cli.sh + + readme.gentoo_create_doc + dodoc ChangeLog {eap_testing,todo}.txt README{,-WPS} \ + wpa_supplicant.conf + + newdoc .config build-config + + if [ "${PV}" != "9999" ]; then + doman doc/docbook/*.{5,8} + fi + + if use qt5 ; then + into /usr + dobin wpa_gui-qt4/wpa_gui + doicon wpa_gui-qt4/icons/wpa_gui.svg + domenu wpa_gui-qt4/wpa_gui.desktop + else + rm "${ED}"/usr/share/man/man8/wpa_gui.8 + fi + + use wimax && emake DESTDIR="${D}" -C ../src/eap_peer install + + if use dbus ; then + pushd "${S}"/dbus > /dev/null || die + insinto /etc/dbus-1/system.d + newins dbus-wpa_supplicant.conf wpa_supplicant.conf + insinto /usr/share/dbus-1/system-services + doins fi.w1.wpa_supplicant1.service + popd > /dev/null || die + + # This unit relies on dbus support, bug 538600. + systemd_dounit systemd/wpa_supplicant.service + fi + + if use eapol-test ; then + dobin eapol_test + fi + + systemd_dounit "systemd/wpa_supplicant@.service" + systemd_dounit "systemd/wpa_supplicant-nl80211@.service" + systemd_dounit "systemd/wpa_supplicant-wired@.service" +} + +pkg_postinst() { + readme.gentoo_print_elog + + if [[ -e "${EROOT}"/etc/wpa_supplicant.conf ]] ; then + echo + ewarn "WARNING: your old configuration file ${EROOT}/etc/wpa_supplicant.conf" + ewarn "needs to be moved to ${EROOT}/etc/wpa_supplicant/wpa_supplicant.conf" + fi + + # Mea culpa, feel free to remove that after some time --mgorny. + local fn + for fn in wpa_supplicant{,@wlan0}.service; do + if [[ -e "${EROOT}"/etc/systemd/system/network.target.wants/${fn} ]] + then + ebegin "Moving ${fn} to multi-user.target" + mv "${EROOT}"/etc/systemd/system/network.target.wants/${fn} \ + "${EROOT}"/etc/systemd/system/multi-user.target.wants/ || die + eend ${?} \ + "Please try to re-enable ${fn}" + fi + done + + systemd_reenable wpa_supplicant.service +} diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-9999.ebuild b/net-wireless/wpa_supplicant/wpa_supplicant-9999.ebuild index 97cde554f0db..132825beb46c 100644 --- a/net-wireless/wpa_supplicant/wpa_supplicant-9999.ebuild +++ b/net-wireless/wpa_supplicant/wpa_supplicant-9999.ebuild @@ -3,7 +3,7 @@ EAPI=7 -inherit desktop qmake-utils readme.gentoo-r1 systemd toolchain-funcs +inherit desktop linux-info qmake-utils readme.gentoo-r1 systemd toolchain-funcs DESCRIPTION="IEEE 802.1X/WPA supplicant for secure wireless transfers" HOMEPAGE="https://w1.fi/wpa_supplicant/" @@ -13,12 +13,13 @@ if [ "${PV}" = "9999" ]; then inherit git-r3 EGIT_REPO_URI="https://w1.fi/hostap.git" else - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" SRC_URI="https://w1.fi/releases/${P}.tar.gz" + SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${PN}-2.9-r3-patches.tar.bz2" fi SLOT="0" -IUSE="ap bindist broadcom-sta dbus eap-sim eapol-test fasteap +fils +hs2-0 macsec +mbo +mesh p2p privsep ps3 qt5 readline selinux smartcard tdls uncommon-eap-types wimax wps kernel_linux kernel_FreeBSD" +IUSE="ap +crda broadcom-sta dbus eap-sim eapol-test fasteap +fils +hs2-0 macsec +mbo +mesh p2p privsep ps3 qt5 readline selinux smartcard tdls uncommon-eap-types wimax wps kernel_linux kernel_FreeBSD" # CONFIG_PRIVSEP=y does not have sufficient support for the new driver # interface functions used for MACsec, so this combination cannot be used @@ -30,11 +31,10 @@ REQUIRED_USE=" " DEPEND=" - >=dev-libs/openssl-1.0.2k:0=[bindist(-)=] + >=dev-libs/openssl-1.0.2k:= dbus? ( sys-apps/dbus ) kernel_linux? ( dev-libs/libnl:3 - net-wireless/crda eap-sim? ( sys-apps/pcsc-lite ) ) !kernel_linux? ( net-libs/libpcap ) @@ -51,6 +51,10 @@ DEPEND=" " RDEPEND="${DEPEND} selinux? ( sec-policy/selinux-networkmanager ) + kernel_linux? ( + net-wireless/wireless-regdb + crda? ( net-wireless/crda ) + ) " BDEPEND="virtual/pkgconfig" @@ -84,6 +88,28 @@ Kconfig_style_config() { fi } +pkg_pretend() { + CONFIG_CHECK="" + + if use crda ; then + CONFIG_CHECK="${CONFIG_CHECK} ~CFG80211_CRDA_SUPPORT" + WARNING_CFG80211_CRDA_SUPPORT="REGULATORY DOMAIN PROBLEM: please enable CFG80211_CRDA_SUPPORT for proper regulatory domain support" + fi + + check_extra_config + + if ! use crda ; then + if linux_config_exists && linux_chkconfig_builtin CFG80211 && + [[ $(linux_chkconfig_string EXTRA_FIRMWARE) != *regulatory.db* ]] + then + ewarn "REGULATORY DOMAIN PROBLEM:" + ewarn "With CONFIG_CFG80211=y (built-in), the driver won't be able to load regulatory.db from" + ewarn " /lib/firmware, resulting in broken regulatory domain support. Please set CONFIG_CFG80211=m" + ewarn " or add regulatory.db and regulatory.db.p7s to CONFIG_EXTRA_FIRMWARE." + fi + fi +} + src_prepare() { default @@ -230,24 +256,23 @@ src_configure() { Kconfig_style_config TLS openssl Kconfig_style_config FST - if ! use bindist ; then - Kconfig_style_config EAP_PWD - if use fils; then - Kconfig_style_config FILS - Kconfig_style_config FILS_SK_PFS - fi - if use mesh; then - Kconfig_style_config MESH - else - Kconfig_style_config MESH n - fi - #WPA3 - Kconfig_style_config OWE - Kconfig_style_config SAE - Kconfig_style_config DPP - Kconfig_style_config SUITEB192 - Kconfig_style_config SUITEB + + Kconfig_style_config EAP_PWD + if use fils; then + Kconfig_style_config FILS + Kconfig_style_config FILS_SK_PFS fi + if use mesh; then + Kconfig_style_config MESH + else + Kconfig_style_config MESH n + fi + # WPA3 + Kconfig_style_config OWE + Kconfig_style_config SAE + Kconfig_style_config DPP + Kconfig_style_config SUITEB192 + Kconfig_style_config SUITEB if use smartcard ; then Kconfig_style_config SMARTCARD @@ -444,11 +469,6 @@ pkg_postinst() { ewarn "needs to be moved to ${EROOT}/etc/wpa_supplicant/wpa_supplicant.conf" fi - if use bindist; then - ewarn "Using bindist use flag presently breaks WPA3 (specifically SAE, OWE, DPP, and FILS)." - ewarn "This is incredibly undesirable" - fi - # Mea culpa, feel free to remove that after some time --mgorny. local fn for fn in wpa_supplicant{,@wlan0}.service; do -- cgit v1.2.3