commit: ee2f492c617ac4cc8f8c1d4b01563cc170a803c8
Author: Ben Kohler <bkohler <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 8 01:01:58 2021 +0000
Commit: Ben Kohler <bkohler <AT> gentoo <DOT> org>
CommitDate: Fri Jan 8 01:02:34 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ee2f492c
net-wireless/iwd: drop old
Package-Manager: Portage-3.0.12, Repoman-3.0.2
Signed-off-by: Ben Kohler <bkohler <AT> gentoo.org>
net-wireless/iwd/Manifest | 2 -
.../iwd-1.8-eapol-prevent-key-reinstallation.patch | 73 ---------
net-wireless/iwd/iwd-1.8-r3.ebuild | 160 ------------------
net-wireless/iwd/iwd-1.9-r1.ebuild | 180 ---------------------
4 files changed, 415 deletions(-)
diff --git a/net-wireless/iwd/Manifest b/net-wireless/iwd/Manifest
index 69ff7417b70..c483850244a 100644
--- a/net-wireless/iwd/Manifest
+++ b/net-wireless/iwd/Manifest
@@ -1,4 +1,2 @@
DIST iwd-1.10.tar.xz 897928 BLAKE2B
1589300201c835b2b14c34a9adefb525173cc2f9c8154f0a5f12da64a1da3d383acf328c5138bb8d4903ff08f339b7d55f02e215896af90aa75d244f61c3de1f
SHA512
c128ec764e9d727b4ae1157717826b3219c5d368746f7709a01cb816f077afaa32083052ee2a4ecd09a7fbd36c03ea9ba6bd1a84c2a33210398dd060e9020db5
DIST iwd-1.11.tar.xz 907020 BLAKE2B
3b2c0922745c699ba01a2f46061246fbad6e2c7ea1a2f58cd13b5bf2169e9517652740f2dd872b5a274d74a5b8f1962c8e4696eabe5481a0c4783f202217599e
SHA512
09c5e5e105b6107d88eff4238bf023f7bf1a408f522b9f84fac890c123bff2e124b937b81e1559db7fe0720f0ac423dc7d37c1b6d502fc4a7b7403fcd798e01d
-DIST iwd-1.8.tar.xz 865668 BLAKE2B
ba1be5c1658df950fe28deca6b8c3c9482eda260fbd05f721cb34cadcb2852768086e65e7c74940bc6ddd345d1438624b59bdfe4b6a5323dd122a0cd397008d7
SHA512
f1caa330b3ff18b4598efec596a4b9a22887833218a90d19d59717503679eff71fdb990cb63bd74b8f1523197a366cd803d799259e8002e5cde2745b03d51d8e
-DIST iwd-1.9.tar.xz 883616 BLAKE2B
57dd4a6e00d73bcfb752e1bd3661e97251d1dab4c05638d148ae7031bff35d606063f79e575ed4d3d3a60ff5514eb3fc340e1eec4c2e7074bf8d6d4b79832f6d
SHA512
d8762495f7f5a342476653c0cf64c31b3b41a3064a05c4fcf49b9faf4394b0d7a5db6aae6324896bdc8f7b104697fb4c4315f7073a4fde4fc87f8f55d932538b
diff --git
a/net-wireless/iwd/files/iwd-1.8-eapol-prevent-key-reinstallation.patch
b/net-wireless/iwd/files/iwd-1.8-eapol-prevent-key-reinstallation.patch
deleted file mode 100644
index dceb808297e..00000000000
--- a/net-wireless/iwd/files/iwd-1.8-eapol-prevent-key-reinstallation.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From f22ba5aebb569ca54521afd2babdc1f67e3904ea Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef <mathy.vanh...@kuleuven.be>
-Date: Wed, 12 Aug 2020 15:17:21 +0400
-Subject: eapol: prevent key reinstallation on retransmitted Msg4/4
-
-Currently an adversary can retransmit EAPOL Msg4/4 to make the AP
-reinstall the PTK. Against older Linux kernels this can subsequently
-be used to decrypt, replay, and possibly decrypt frames. See the
-KRACK attacks research at krackattacks.com for attack scenarios.
-In this case no machine-in-the-middle position is needed to trigger
-the key reinstallation.
-
-Fix this by using the ptk_complete boolean to track when the 4-way
-handshake has completed (similar to its usage for clients). When
-receiving a retransmitted Msg4/4 accept this frame but do not reinstall
-the PTK.
-
-Credits to Chris M. Stone, Sam Thomas, and Tom Chothia of Birmingham
-University to help discover this issue.
----
- src/eapol.c | 15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/src/eapol.c b/src/eapol.c
-index b0036c10..e3581cfe 100644
---- a/src/eapol.c
-+++ b/src/eapol.c
-@@ -1462,7 +1462,6 @@ static void eapol_handle_ptk_2_of_4(struct eapol_sm *sm,
- memcpy(sm->handshake->snonce, ek->key_nonce,
- sizeof(sm->handshake->snonce));
- sm->handshake->have_snonce = true;
-- sm->handshake->ptk_complete = true;
-
- sm->frame_retry = 0;
-
-@@ -1782,7 +1781,15 @@ static void eapol_handle_ptk_4_of_4(struct eapol_sm *sm,
- l_timeout_remove(sm->timeout);
- sm->timeout = NULL;
-
-- handshake_state_install_ptk(sm->handshake);
-+ /*
-+ * If ptk_complete is set, then we are receiving Message 4 again.
-+ * This might be a retransmission, so accept but don't install
-+ * the keys again.
-+ */
-+ if (!sm->handshake->ptk_complete)
-+ handshake_state_install_ptk(sm->handshake);
-+
-+ sm->handshake->ptk_complete = true;
- }
-
- static void eapol_handle_gtk_1_of_2(struct eapol_sm *sm,
-@@ -2185,6 +2192,7 @@ static void eapol_auth_key_handle(struct eapol_sm *sm,
- size_t frame_len = 4 + L_BE16_TO_CPU(frame->header.packet_len);
- const struct eapol_key *ek = eapol_key_validate((const void *) frame,
- frame_len, sm->mic_len);
-+ uint16_t key_data_len;
-
- if (!ek)
- return;
-@@ -2199,7 +2207,8 @@ static void eapol_auth_key_handle(struct eapol_sm *sm,
- if (!sm->handshake->have_anonce)
- return; /* Not expecting an EAPoL-Key yet */
-
-- if (!sm->handshake->ptk_complete)
-+ key_data_len = EAPOL_KEY_DATA_LEN(ek, sm->mic_len);
-+ if (key_data_len != 0)
- eapol_handle_ptk_2_of_4(sm, ek);
- else
- eapol_handle_ptk_4_of_4(sm, ek);
---
-cgit 1.2.3-1.el7
-
diff --git a/net-wireless/iwd/iwd-1.8-r3.ebuild
b/net-wireless/iwd/iwd-1.8-r3.ebuild
deleted file mode 100644
index a8c6fbd6ae4..00000000000
--- a/net-wireless/iwd/iwd-1.8-r3.ebuild
+++ /dev/null
@@ -1,160 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-inherit flag-o-matic linux-info systemd
-
-#Set this variable to the required external ell version
-ELL_REQ="0.32"
-
-if [[ ${PV} == *9999* ]]; then
- inherit autotools git-r3
-
IWD_EGIT_REPO_URI="https://git.kernel.org/pub/scm/network/wireless/iwd.git";
- ELL_EGIT_REPO_URI="https://git.kernel.org/pub/scm/libs/ell/ell.git";
-else
- SRC_URI="https://www.kernel.org/pub/linux/network/wireless/${P}.tar.xz";
- KEYWORDS="~alpha amd64 arm arm64 ~ia64 ppc ppc64 ~sparc x86"
-fi
-
-DESCRIPTION="Wireless daemon for linux"
-HOMEPAGE="https://git.kernel.org/pub/scm/network/wireless/iwd.git/";
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="+client +crda +monitor ofono wired cpu_flags_x86_aes cpu_flags_x86_ssse3"
-
-COMMON_DEPEND="sys-apps/dbus
- client? ( sys-libs/readline:0= )"
-
-[[ -z "${ELL_REQ}" ]] || COMMON_DEPEND+=" ~dev-libs/ell-${ELL_REQ}"
-
-RDEPEND="${COMMON_DEPEND}
- net-wireless/wireless-regdb
- crda? ( net-wireless/crda )"
-
-DEPEND="${COMMON_DEPEND}
- virtual/pkgconfig"
-
-[[ ${PV} == *9999* ]] && DEPEND+=" dev-python/docutils"
-
-PATCHES=( "${FILESDIR}"/iwd-1.8-eapol-prevent-key-reinstallation.patch )
-
-pkg_setup() {
- CONFIG_CHECK="
- ~ASYMMETRIC_KEY_TYPE
- ~ASYMMETRIC_PUBLIC_KEY_SUBTYPE
- ~CFG80211
- ~CRYPTO_AES
- ~CRYPTO_ARC4
- ~CRYPTO_CBC
- ~CRYPTO_CMAC
- ~CRYPTO_DES
- ~CRYPTO_ECB
- ~CRYPTO_HMAC
- ~CRYPTO_MD4
- ~CRYPTO_MD5
- ~CRYPTO_RSA
- ~CRYPTO_SHA1
- ~CRYPTO_SHA256
- ~CRYPTO_SHA512
- ~CRYPTO_USER_API_HASH
- ~CRYPTO_USER_API_SKCIPHER
- ~KEY_DH_OPERATIONS
- ~PKCS7_MESSAGE_PARSER
- ~RFKILL
- ~X509_CERTIFICATE_PARSER
- "
- if use crda;then
- CONFIG_CHECK="${CONFIG_CHECK} ~CFG80211_CRDA_SUPPORT"
- WARNING_CFG80211_CRDA_SUPPORT="REGULATORY DOMAIN PROBLEM:
please enable CFG80211_CRDA_SUPPORT for proper regulatory domain support"
- fi
-
- if use amd64;then
- CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_DES3_EDE_X86_64"
- WARNING_CRYPTO_DES3_EDE_X86_64="CRYPTO_DES3_EDE_X86_64: enable
for increased performance"
- fi
-
- if use cpu_flags_x86_aes;then
- CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_AES_NI_INTEL"
- WARNING_CRYPTO_AES_NI_INTEL="CRYPTO_AES_NI_INTEL: enable for
increased performance"
- fi
-
- if use cpu_flags_x86_ssse3 && use amd64; then
- CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_SHA1_SSSE3
~CRYPTO_SHA256_SSSE3 ~CRYPTO_SHA512_SSSE3"
- WARNING_CRYPTO_SHA1_SSSE3="CRYPTO_SHA1_SSSE3: enable for
increased performance"
- WARNING_CRYPTO_SHA256_SSSE3="CRYPTO_SHA256_SSSE3: enable for
increased performance"
- WARNING_CRYPTO_SHA512_SSSE3="CRYPTO_SHA512_SSSE3: enable for
increased performance"
- fi
-
- if use kernel_linux && kernel_is -ge 4 20; then
- CONFIG_CHECK="${CONFIG_CHECK} ~PKCS8_PRIVATE_KEY_PARSER"
- fi
-
- check_extra_config
-
- if ! use crda; then
- if use kernel_linux && kernel_is -lt 4 15; then
- ewarn "POSSIBLE REGULATORY DOMAIN PROBLEM:"
- ewarn "Regulatory domain support for kernels older than
4.15 requires crda."
- fi
- if linux_config_exists && linux_chkconfig_builtin CFG80211 &&
- [[ $(linux_chkconfig_string EXTRA_FIRMWARE) !=
*regulatory.db* ]]
- then
- ewarn ""
- ewarn "REGULATORY DOMAIN PROBLEM:"
- ewarn "With CONFIG_CFG80211=y (built-in), the driver
won't be able to load regulatory.db from"
- ewarn " /lib/firmware, resulting in broken regulatory
domain support. Please set CONFIG_CFG80211=m"
- ewarn " or add regulatory.db and regulatory.db.p7s to
CONFIG_EXTRA_FIRMWARE."
- ewarn ""
- fi
- fi
-}
-
-src_unpack() {
- if [[ ${PV} == *9999* ]] ; then
- EGIT_REPO_URI=${IWD_EGIT_REPO_URI} git-r3_src_unpack
- EGIT_REPO_URI=${ELL_EGIT_REPO_URI}
EGIT_CHECKOUT_DIR=${WORKDIR}/ell git-r3_src_unpack
- else
- default
- fi
-}
-
-src_prepare() {
- default
- if [[ ${PV} == *9999* ]] ; then
- eautoreconf
- fi
-}
-
-src_configure() {
- append-cflags "-fsigned-char"
- local myeconfargs=(
- --sysconfdir="${EPREFIX}"/etc/iwd
--localstatedir="${EPREFIX}"/var
- $(use_enable client)
- $(use_enable monitor)
- $(use_enable ofono)
- $(use_enable wired)
- --enable-systemd-service
- --with-systemd-unitdir="$(systemd_get_systemunitdir)"
- --with-systemd-modloaddir="${EPREFIX}/usr/lib/modules-load.d"
- --with-systemd-networkdir="$(systemd_get_utildir)/network"
- )
- [[ ${PV} == *9999* ]] || myeconfargs+=(--enable-external-ell)
- econf "${myeconfargs[@]}"
-}
-
-src_install() {
- default
- keepdir /var/lib/${PN}
-
- newinitd "${FILESDIR}/iwd.initd-r1" iwd
-
- if use wired;then
- newinitd "${FILESDIR}/ead.initd" ead
- fi
-
- if [[ ${PV} == *9999* ]] ; then
- exeinto /usr/share/iwd/scripts/
- doexe test/*
- fi
-}
diff --git a/net-wireless/iwd/iwd-1.9-r1.ebuild
b/net-wireless/iwd/iwd-1.9-r1.ebuild
deleted file mode 100644
index c170b16a7f3..00000000000
--- a/net-wireless/iwd/iwd-1.9-r1.ebuild
+++ /dev/null
@@ -1,180 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-inherit flag-o-matic linux-info systemd
-
-#Set this variable to the required external ell version
-ELL_REQ="0.33"
-
-if [[ ${PV} == *9999* ]]; then
- inherit autotools git-r3
-
IWD_EGIT_REPO_URI="https://git.kernel.org/pub/scm/network/wireless/iwd.git";
- ELL_EGIT_REPO_URI="https://git.kernel.org/pub/scm/libs/ell/ell.git";
-else
- SRC_URI="https://www.kernel.org/pub/linux/network/wireless/${P}.tar.xz";
- KEYWORDS="~alpha amd64 arm arm64 ~ia64 ppc ~ppc64 ~sparc x86"
-fi
-
-DESCRIPTION="Wireless daemon for linux"
-HOMEPAGE="https://git.kernel.org/pub/scm/network/wireless/iwd.git/";
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="+client +crda +monitor ofono wired cpu_flags_x86_aes cpu_flags_x86_ssse3
-standalone systemd"
-
-COMMON_DEPEND="
- sys-apps/dbus
- client? ( sys-libs/readline:0= )
-"
-
-[[ -z "${ELL_REQ}" ]] || COMMON_DEPEND+=" ~dev-libs/ell-${ELL_REQ}"
-
-RDEPEND="
- ${COMMON_DEPEND}
- net-wireless/wireless-regdb
- crda? ( net-wireless/crda )
- standalone? (
- systemd? ( sys-apps/systemd )
- !systemd? ( virtual/resolvconf )
- )
-"
-
-DEPEND="
- ${COMMON_DEPEND}
- virtual/pkgconfig
-"
-
-[[ ${PV} == *9999* ]] && DEPEND+=" dev-python/docutils"
-
-pkg_setup() {
- CONFIG_CHECK="
- ~ASYMMETRIC_KEY_TYPE
- ~ASYMMETRIC_PUBLIC_KEY_SUBTYPE
- ~CFG80211
- ~CRYPTO_AES
- ~CRYPTO_ARC4
- ~CRYPTO_CBC
- ~CRYPTO_CMAC
- ~CRYPTO_DES
- ~CRYPTO_ECB
- ~CRYPTO_HMAC
- ~CRYPTO_MD4
- ~CRYPTO_MD5
- ~CRYPTO_RSA
- ~CRYPTO_SHA1
- ~CRYPTO_SHA256
- ~CRYPTO_SHA512
- ~CRYPTO_USER_API_HASH
- ~CRYPTO_USER_API_SKCIPHER
- ~KEY_DH_OPERATIONS
- ~PKCS7_MESSAGE_PARSER
- ~RFKILL
- ~X509_CERTIFICATE_PARSER
- "
- if use crda;then
- CONFIG_CHECK="${CONFIG_CHECK} ~CFG80211_CRDA_SUPPORT"
- WARNING_CFG80211_CRDA_SUPPORT="REGULATORY DOMAIN PROBLEM:
please enable CFG80211_CRDA_SUPPORT for proper regulatory domain support"
- fi
-
- if use amd64;then
- CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_DES3_EDE_X86_64"
- WARNING_CRYPTO_DES3_EDE_X86_64="CRYPTO_DES3_EDE_X86_64: enable
for increased performance"
- fi
-
- if use cpu_flags_x86_aes;then
- CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_AES_NI_INTEL"
- WARNING_CRYPTO_AES_NI_INTEL="CRYPTO_AES_NI_INTEL: enable for
increased performance"
- fi
-
- if use cpu_flags_x86_ssse3 && use amd64; then
- CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_SHA1_SSSE3
~CRYPTO_SHA256_SSSE3 ~CRYPTO_SHA512_SSSE3"
- WARNING_CRYPTO_SHA1_SSSE3="CRYPTO_SHA1_SSSE3: enable for
increased performance"
- WARNING_CRYPTO_SHA256_SSSE3="CRYPTO_SHA256_SSSE3: enable for
increased performance"
- WARNING_CRYPTO_SHA512_SSSE3="CRYPTO_SHA512_SSSE3: enable for
increased performance"
- fi
-
- if use kernel_linux && kernel_is -ge 4 20; then
- CONFIG_CHECK="${CONFIG_CHECK} ~PKCS8_PRIVATE_KEY_PARSER"
- fi
-
- check_extra_config
-
- if ! use crda; then
- if use kernel_linux && kernel_is -lt 4 15; then
- ewarn "POSSIBLE REGULATORY DOMAIN PROBLEM:"
- ewarn "Regulatory domain support for kernels older than
4.15 requires crda."
- fi
- if linux_config_exists && linux_chkconfig_builtin CFG80211 &&
- [[ $(linux_chkconfig_string EXTRA_FIRMWARE) !=
*regulatory.db* ]]
- then
- ewarn ""
- ewarn "REGULATORY DOMAIN PROBLEM:"
- ewarn "With CONFIG_CFG80211=y (built-in), the driver
won't be able to load regulatory.db from"
- ewarn " /lib/firmware, resulting in broken regulatory
domain support. Please set CONFIG_CFG80211=m"
- ewarn " or add regulatory.db and regulatory.db.p7s to
CONFIG_EXTRA_FIRMWARE."
- ewarn ""
- fi
- fi
-}
-
-src_unpack() {
- if [[ ${PV} == *9999* ]] ; then
- EGIT_REPO_URI=${IWD_EGIT_REPO_URI} git-r3_src_unpack
- EGIT_REPO_URI=${ELL_EGIT_REPO_URI}
EGIT_CHECKOUT_DIR=${WORKDIR}/ell git-r3_src_unpack
- else
- default
- fi
-}
-
-src_prepare() {
- default
- if [[ ${PV} == *9999* ]] ; then
- eautoreconf
- fi
-}
-
-src_configure() {
- append-cflags "-fsigned-char"
- local myeconfargs=(
- --sysconfdir="${EPREFIX}"/etc/iwd
--localstatedir="${EPREFIX}"/var
- $(use_enable client)
- $(use_enable monitor)
- $(use_enable ofono)
- $(use_enable wired)
- --enable-systemd-service
- --with-systemd-unitdir="$(systemd_get_systemunitdir)"
- --with-systemd-modloaddir="${EPREFIX}/usr/lib/modules-load.d"
- --with-systemd-networkdir="$(systemd_get_utildir)/network"
- )
- [[ ${PV} == *9999* ]] || myeconfargs+=(--enable-external-ell)
- econf "${myeconfargs[@]}"
-}
-
-src_install() {
- default
- keepdir /var/lib/${PN}
-
- newinitd "${FILESDIR}/iwd.initd-r1" iwd
-
- if use wired;then
- newinitd "${FILESDIR}/ead.initd" ead
- fi
-
- if [[ ${PV} == *9999* ]] ; then
- exeinto /usr/share/iwd/scripts/
- doexe test/*
- fi
-
- if use standalone ; then
- local iwdconf="${ED}/etc/iwd/main.conf"
- dodir /etc/iwd
- echo "[General]" > "${iwdconf}"
- echo "EnableNetworkConfiguration=true" >> "${iwdconf}"
- echo "[Network]" >> "${iwdconf}"
- echo "NameResolvingService=$(usex systemd systemd resolvconf)"
>> "${iwdconf}"
- dodir /etc/conf.d
- echo "rc_provide=\"net\"" > ${ED}/etc/conf.d/iwd
- fi
-}
