Commit graph

26 commits

Author SHA1 Message Date
Florian Klink
c36b8c57c2
Merge pull request #75140 from tomfitzhenry/hostapd-getrandom
hostapd: use getrandom(2)
2019-12-07 23:01:06 +01:00
Félix Baylac-Jacqué
abc9b32fc6 hostapd: 2.8 -> 2.9
Associated release note:
https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt

Note: we are building hostapd with the CONFIG_EAP_PWD=y flag by
default, we might be impacted by a EAP_PWD side-channel attach on
hostapd 2.8.
2019-12-07 12:02:10 +01:00
Tom Fitzhenry
fd1c0db18c hostapd: use getrandom(2)
Motivation: Devices with few entropy sources on boot hang/block if many services try to
read from /dev/random.

https://w1.fi/cgit/hostap/commit/?id=89a7cdd690b48a0c56380cf4609442ed13527f44
states getrandom() is recommended, but not enabled by default since it
relies on:

* Linux kernel 3.17 (NixOS 19.09 has 4.19; master presumably later)
* glibc 2.25 (NixOS master has 2.27
  https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/libraries/glibc/common.nix#L37 )
2019-12-07 19:31:35 +11:00
c0bw3b
9367367dfd Treewide: fix URL permanent redirects
Permanent redirects on homepages and/or source URLs
as reported by Repology
2019-11-16 01:41:23 +01:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Florian Klink
1e5a8f9dd7 hostapd: remove global with stdenv.lib 2019-06-26 09:26:29 +02:00
Félix Baylac-Jacqué
f3b94dee34
hostapd: fix hostapd noscan patch url.
Something somehow got wrong in #63699; some adjustments made after the
review have been discarded :/
2019-06-26 08:20:39 +02:00
Félix Baylac-Jacqué
98deb87354
hostapd: Add noscan mode.
Applies OpenWRT's noscan patch to hostapd and the relevant option to
the hostapd module.

This noscan patch adds a new `noscan` option allowing us to create
some overlapping BSSs in HT40+/- mode.

Note: this option is disabled by default, we leave this up to the end
user whether it should be enabled or not.

Not being able to create those overlapping BSSs is basically
preventing us to use 802.11n in any urban area where chances to
overlap with another SSID are extremely high.

The patch we are using is a courtesy of the openwrt team and is
applied to the defaul hostapd package in both OpenWRT and Archlinux.
2019-06-24 00:26:20 +02:00
Will Dietz
bc069315cb hostapd: 2.7 -> 2.8 2019-04-22 15:25:06 -05:00
Clemens Fruhwirth
3e7af59243 hostapd: 2.6 -> 2.7 2019-02-20 10:48:00 +01:00
Jörg Thalheim
b5c1deca8a
treewide: remove wkennington as maintainer
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
2019-01-26 10:05:32 +00:00
Robin Gloster
04a2885dbf
hostapd: install man pages 2018-05-22 14:30:54 +02:00
Graham Christensen
629965a532
hostapd: patch for KRACKAttack
CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
    CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
    CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
    CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
    CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
    CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
    CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
    CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
    CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
    CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
2017-10-16 07:33:43 -04:00
Maximilian Güntner
daf07c9d62
hostapd/wpa_supplicant: update urls 2017-09-17 13:46:11 +02:00
Matthew Robbetts
b9418091f4 hostapd: libressl patches. 2017-02-25 10:15:53 +01:00
Robin Gloster
df58ed2f13
hostapd: 2.5 -> 2.6 2017-02-17 00:11:37 +01:00
Franz Pletz
2fa9bd5059 hostapd: add patch to fix build with libressl
Fixes #17315.
2016-07-29 12:03:08 +02:00
Matthew Robbetts
e434ce8f49 hostapd: 2.4 -> v2.5, fixes #17164 2016-07-23 00:56:53 +02:00
William A. Kennington III
076dff2f58 hostapd: Refactoring 2015-04-24 15:12:55 -07:00
William A. Kennington III
09ca343089 hostapd: 2.3 -> 2.4 2015-03-26 12:30:51 -07:00
Michael Raskin
1602f9b90a Update hostapd 2014-10-12 12:34:16 +04:00
Evgeny Egorochkin
9f957d054f hostapd: update from 2.0 to 2.1 2014-04-03 07:05:07 +03:00
Krofek
2b6c07f5a8 hostapd update: 1.0 -> 2.0 2013-09-16 23:06:51 +02:00
Jack Cummings
3ac299934d enable 802.11n by default. 2013-03-11 02:31:51 -07:00
Mathijs Kwik
3de1a56a73 hostapd: upgrade to 1.0 2012-09-09 13:04:14 +02:00
Evgeny Egorochkin
e873eebeb6 hostapd: packaged.
svn path=/nixpkgs/trunk/; revision=27501
2011-06-19 23:30:57 +00:00