Commit graph

89 commits

Author SHA1 Message Date
Martin Weinelt
95164dc11b
wpa_supplicant: fix for security advisory 2020-2
A vulnerability was discovered in how wpa_supplicant processing P2P
(Wi-Fi Direct) group information from active group owners. The actual
parsing of that information validates field lengths appropriately, but
processing of the parsed information misses a length check when storing
a copy of the secondary device types. This can result in writing
attacker controlled data into the peer entry after the area assigned for
the secondary device type. The overflow can result in corrupting
pointers for heap allocations. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially arbitrary code execution.

https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt

Fixes: CVE-2021-0326
2021-02-04 00:31:38 +01:00
Martin Weinelt
28f8b5f5f3 wpa_supplicant: backport support for OWE
The wpa_supplicant upstream is slow to push out new releases and has
been asked several times to do so. Support for Opportunistic Wireless
Encryption has been on master since late 2019 and still hasn't made it
into a release yet.

This backports a rather simple patchset to enable OWE key management
and exposes it also via DBus, so it can be used from Network-Manager.
2021-02-01 00:20:07 +01:00
Pavol Rusnak
a6ce00c50c
treewide: remove stdenv where not needed 2021-01-25 18:31:47 +01:00
Jonathan Ringer
9bb3fccb5b treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
continuation of #109595

pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.

python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Ben Siraphob
16d91ee628 pkgs/os-specific: stdenv.lib -> lib 2021-01-17 23:26:08 +07:00
Profpatsch
4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Daiderd Jordan
7b3a2963d1
treewide: replace base64 encoded hashes 2020-06-03 18:35:19 +02:00
Jan Tojnar
219382bf28
wpa_supplicant_gui: fix build with Inkscape 1.0 2020-05-17 08:40:30 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
c0bw3b
9367367dfd Treewide: fix URL permanent redirects
Permanent redirects on homepages and/or source URLs
as reported by Repology
2019-11-16 01:41:23 +01:00
Florian Klink
ac1aeb4fbb
wpa_supplicant: apply patch for CVE-2019-16275 (#70266)
wpa_supplicant: apply patch for CVE-2019-16275
2019-10-14 23:00:05 +02:00
Tor Hedin Brønner
67effde499
wpa_supplicant: install d-bus conf correctly to share/dbus/system.d
Fixes 40dda7383b which inadvertently installed to
a file as the directory didn't exist.

Also blocked up the postInstall script for readability.
2019-10-14 18:57:44 +02:00
Pierre Bourdon
559687498b
wpa_supplicant: apply patch for CVE-2019-16275 2019-10-02 21:24:23 +02:00
worldofpeace
40dda7383b wpa_supplicant: Move D-Bus conf file to share/dbus-1/system.d
Since D-Bus 1.9.18 configuration files installed by third-party should
go in share/dbus-1/system.d. The old location is for sysadmin overrides.
2019-09-16 13:59:46 -04:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
R. RyanTM
a5f2040b0d wpa_supplicant: 2.8 -> 2.9
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/wpa_supplicant/versions
2019-08-20 23:30:06 -07:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Dominik Xaver Hörl
40970f1096 wpa_supplicant/gui: fix qt wrapping
Import mkDerivation explicitly instead of using stdenv.mkDerivation, to
allow proper wrapping.
2019-08-07 11:59:35 +02:00
volth
f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Will Dietz
10dde5a1cc wpa_supplicant: patch already applied :) 2019-04-22 15:39:47 -05:00
Will Dietz
1448b0583b wpa_supplicant: 2.7 -> 2.8 2019-04-22 15:34:26 -05:00
Pierre Bourdon
3f0a59314c wpa_supplicant: 2.6 -> 2.7 (#55926) 2019-02-24 00:47:11 +01:00
Jörg Thalheim
b5c1deca8a
treewide: remove wkennington as maintainer
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
2019-01-26 10:05:32 +00:00
Linus Heckemann
6845ebbff1 wpa_supplicant: improve manpage
Now points to the store path of the sample config rather than
/usr/share/doc.
2018-11-23 18:01:19 +01:00
Linus Heckemann
1a7f21f398 wpa_supplicant: copy sample config into output 2018-11-23 18:01:19 +01:00
Markus Kowalewski
b3d114e6f9
wpa_gui: add license + homepage 2018-08-30 22:03:07 +02:00
Franz Pletz
a81b29ac0b
wpa_supplicant: add patch to fix CVE-2018-14526
Fixes #44724.
2018-08-08 22:20:06 +02:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Matthew Bauer
76999cc40e treewide: remove aliases in nixpkgs
This makes the command ‘nix-env -qa -f. --arg config '{skipAliases =
true;}'’ work in Nixpkgs.

Misc...

- qtikz: use libsForQt5.callPackage

  This ensures we get the right poppler.

- rewrites:

  docbook5_xsl -> docbook_xsl_ns
  docbook_xml_xslt -> docbook_xsl

diffpdf: fixup
2018-07-18 23:25:20 -04:00
Jan Tojnar
3784fd5e46
pcsclite: split package 2018-06-29 04:40:54 +02:00
Graham Christensen
ea50efcc67
wpa_supplicant: patch for KRACKAttack
CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
    CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
    CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
    CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
    CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
    CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
    CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
    CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
    CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
    CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
2017-10-16 07:33:44 -04:00
Maximilian Güntner
daf07c9d62
hostapd/wpa_supplicant: update urls 2017-09-17 13:46:11 +02:00
Carl Sverre
6b62b566a1 wpa_supplicant: Enable BGSCAN module
Compile wpa_supplicant with the BGSCAN module enabled. This allows the
user to configure an SSID to use the bgscan module.  This module causes
wpa_supplicant to periodically perform a background scan for additional
access points and switch to the one with the highest signal.  This scan
can be kicked off when the current connection drops below a target
threshold signal strength.
2017-08-03 21:37:24 -07:00
Thomas Tuegel
210f688802
qt5: rename qmakeHook to qmake 2017-06-18 08:41:57 -05:00
Jörg Thalheim
95f6bece88
wpa_supplicant: upgrade to qt5
also inkscape removal patch, as it introduced a bug: #25320
fixes #25320 #25325
2017-05-01 21:23:22 +02:00
Vladimír Čunát
96d41e393d
treewide: purge maintainers.urkud
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
2017-03-27 19:52:29 +02:00
Moritz Ulrich
7e4c7d6af0 wpa_supplicant_gui: Add forgotten patch. 2016-10-30 22:29:44 +01:00
Moritz Ulrich
19bdc31ed6 wpa_supplicant_gui: Replace inkscape with imagemagick in build process. 2016-10-30 22:28:08 +01:00
Tim Steinbach
b86310fccf wpa_supplicant: 2.5 -> 2.6 (#19913) 2016-10-27 13:57:56 +02:00
Tuomas Tynkkynen
603dcd6263 treewide: Make explicit that 'dev' output of libnl is used 2016-05-19 10:00:43 +02:00
Nikolay Amiantov
e282d36143 wpa_supplicant_gui: move to qmake4Hook 2016-04-20 18:55:54 +03:00
Tobias Geerinckx-Rice
32d40f0f98 Remove no longer (or never) referenced patches
55 files changed, 6041 deletions. Tested with `nix-build -A tarball`.
2016-01-24 02:02:21 +01:00
Robin Gloster
501d49ebc4 wpa_supplicant: add patch to build with libressl 2.3 2015-12-23 22:08:33 +00:00
Domen Kožar
07405ee187 Merge pull request #9463 from khumba/nm-connection-sharing
Fix NetworkManager connection sharing
2015-11-06 11:16:50 +01:00
Lengyel Balázs
c67efeb616 wpa_supplicant: 2.4 -> 2.5 2015-09-28 13:29:01 +02:00
Bryan Gardiner
3d93890c7e
wpa_supplicant: enable AP mode for NetworkManager connection sharing 2015-09-07 14:04:34 -07:00
William A. Kennington III
282d03befa Merge branch 'master.upstream' into staging.upstream 2015-06-22 10:57:36 -07:00
Vladimír Čunát
783af9a960 wpa_supplicant: disable TLS-1.2 for now (fixes #8332) 2015-06-22 17:33:49 +02:00
Vladimír Čunát
61596bf405 Merge #8363: pure-darwin stdenv 2015-06-18 22:38:08 +02:00
Pascal Wittmann
7c4a0eaa53 wpa_supplicant: fix CVE-2015-4143
see http://www.openwall.com/lists/oss-security/2015/05/09/6
2015-06-16 17:28:35 +02:00