From 043dec86e887b0557f7ee7f6e35f7e6e736ea65c Mon Sep 17 00:00:00 2001 From: krion Date: Tue, 21 Mar 2017 17:50:35 +0000 Subject: Update net/hostapd to 2.6 and fix multiple vulnerabilities PR: 217907 Submitted by: maintainer Approved by: mat (mentor) Differential Revision: https://reviews.freebsd.org/D10051 --- net/hostapd/Makefile | 2 +- net/hostapd/distinfo | 6 +- .../files/patch-src-l2_packet-l2_packet_freebsd.c | 14 ----- net/hostapd/files/patch-src_crypto_tls__openssl.c | 65 ---------------------- 4 files changed, 4 insertions(+), 83 deletions(-) delete mode 100644 net/hostapd/files/patch-src-l2_packet-l2_packet_freebsd.c delete mode 100644 net/hostapd/files/patch-src_crypto_tls__openssl.c diff --git a/net/hostapd/Makefile b/net/hostapd/Makefile index d7dbf01e2b3e..d7595fc4de9c 100644 --- a/net/hostapd/Makefile +++ b/net/hostapd/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= hostapd -PORTVERSION= 2.5 +PORTVERSION= 2.6 CATEGORIES= net MASTER_SITES= http://w1.fi/releases/ diff --git a/net/hostapd/distinfo b/net/hostapd/distinfo index 108d93cbced9..0b5b42e63be3 100644 --- a/net/hostapd/distinfo +++ b/net/hostapd/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1467776602 -SHA256 (hostapd-2.5.tar.gz) = 8e272d954dc0d7026c264b79b15389ec2b2c555b32970de39f506b9f463ec74a -SIZE (hostapd-2.5.tar.gz) = 1720783 +TIMESTAMP = 1489911667 +SHA256 (hostapd-2.6.tar.gz) = 01526b90c1d23bec4b0f052039cc4456c2fd19347b4d830d1d58a0a6aea7117d +SIZE (hostapd-2.6.tar.gz) = 1822341 diff --git a/net/hostapd/files/patch-src-l2_packet-l2_packet_freebsd.c b/net/hostapd/files/patch-src-l2_packet-l2_packet_freebsd.c deleted file mode 100644 index 8b34e0fbdd89..000000000000 --- a/net/hostapd/files/patch-src-l2_packet-l2_packet_freebsd.c +++ /dev/null @@ -1,14 +0,0 @@ ---- src/l2_packet/l2_packet_freebsd.c.orig 2014-06-04 13:26:14 UTC -+++ src/l2_packet/l2_packet_freebsd.c -@@ -8,7 +8,10 @@ - */ - - #include "includes.h" --#if defined(__APPLE__) || defined(__GLIBC__) -+#if defined(__FreeBSD__) \ -+ || defined(__DragonFly__) \ -+ || defined(__APPLE__) \ -+ || defined(__GLIBC__) - #include - #endif /* __APPLE__ */ - #include diff --git a/net/hostapd/files/patch-src_crypto_tls__openssl.c b/net/hostapd/files/patch-src_crypto_tls__openssl.c deleted file mode 100644 index 2a6d79f402b2..000000000000 --- a/net/hostapd/files/patch-src_crypto_tls__openssl.c +++ /dev/null @@ -1,65 +0,0 @@ ---- src/crypto/tls_openssl.c.orig 2015-09-27 19:02:05 UTC -+++ src/crypto/tls_openssl.c -@@ -2229,7 +2229,7 @@ static int tls_parse_pkcs12(struct tls_d - } - - if (certs) { --#if OPENSSL_VERSION_NUMBER >= 0x10002000L -+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) - SSL_clear_chain_certs(ssl); - while ((cert = sk_X509_pop(certs)) != NULL) { - X509_NAME_oneline(X509_get_subject_name(cert), buf, -@@ -2247,7 +2247,7 @@ static int tls_parse_pkcs12(struct tls_d - /* Try to continue anyway */ - } - sk_X509_free(certs); --#ifndef OPENSSL_IS_BORINGSSL -+#if !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER) - res = SSL_build_cert_chain(ssl, - SSL_BUILD_CHAIN_FLAG_CHECK | - SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR); -@@ -2812,7 +2812,7 @@ int tls_connection_get_random(void *ssl_ - if (conn == NULL || keys == NULL) - return -1; - ssl = conn->ssl; --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL) - return -1; - -@@ -2841,7 +2841,7 @@ int tls_connection_get_random(void *ssl_ - #ifndef CONFIG_FIPS - static int openssl_get_keyblock_size(SSL *ssl) - { --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - const EVP_CIPHER *c; - const EVP_MD *h; - int md_size; -@@ -2911,7 +2911,7 @@ static int openssl_tls_prf(struct tls_co - "mode"); - return -1; - #else /* CONFIG_FIPS */ --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - SSL *ssl; - u8 *rnd; - int ret = -1; -@@ -3394,7 +3394,7 @@ int tls_connection_set_cipher_list(void - - wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1); - --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) - if (os_strstr(buf, ":ADH-")) { - /* -@@ -3977,7 +3977,7 @@ static int tls_sess_sec_cb(SSL *s, void - struct tls_connection *conn = arg; - int ret; - --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - if (conn == NULL || conn->session_ticket_cb == NULL) - return 0; - -- cgit