3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

89 commits

Author SHA1 Message Date
Martin Weinelt 95164dc11b
wpa_supplicant: fix for security advisory 2020-2
A vulnerability was discovered in how wpa_supplicant processing P2P
(Wi-Fi Direct) group information from active group owners. The actual
parsing of that information validates field lengths appropriately, but
processing of the parsed information misses a length check when storing
a copy of the secondary device types. This can result in writing
attacker controlled data into the peer entry after the area assigned for
the secondary device type. The overflow can result in corrupting
pointers for heap allocations. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially arbitrary code execution.

https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt

Fixes: CVE-2021-0326
2021-02-04 00:31:38 +01:00
Martin Weinelt 28f8b5f5f3 wpa_supplicant: backport support for OWE
The wpa_supplicant upstream is slow to push out new releases and has
been asked several times to do so. Support for Opportunistic Wireless
Encryption has been on master since late 2019 and still hasn't made it
into a release yet.

This backports a rather simple patchset to enable OWE key management
and exposes it also via DBus, so it can be used from Network-Manager.
2021-02-01 00:20:07 +01:00
Pavol Rusnak a6ce00c50c
treewide: remove stdenv where not needed 2021-01-25 18:31:47 +01:00
Jonathan Ringer 9bb3fccb5b treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
continuation of #109595

pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.

python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Ben Siraphob 16d91ee628 pkgs/os-specific: stdenv.lib -> lib 2021-01-17 23:26:08 +07:00
Profpatsch 4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Daiderd Jordan 7b3a2963d1
treewide: replace base64 encoded hashes 2020-06-03 18:35:19 +02:00
Jan Tojnar 219382bf28
wpa_supplicant_gui: fix build with Inkscape 1.0 2020-05-17 08:40:30 +02:00
Michael Reilly 84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
c0bw3b 9367367dfd Treewide: fix URL permanent redirects
Permanent redirects on homepages and/or source URLs
as reported by Repology
2019-11-16 01:41:23 +01:00
Florian Klink ac1aeb4fbb
wpa_supplicant: apply patch for CVE-2019-16275 (#70266)
wpa_supplicant: apply patch for CVE-2019-16275
2019-10-14 23:00:05 +02:00
Tor Hedin Brønner 67effde499
wpa_supplicant: install d-bus conf correctly to share/dbus/system.d
Fixes 40dda7383b which inadvertently installed to
a file as the directory didn't exist.

Also blocked up the postInstall script for readability.
2019-10-14 18:57:44 +02:00
Pierre Bourdon 559687498b
wpa_supplicant: apply patch for CVE-2019-16275 2019-10-02 21:24:23 +02:00
worldofpeace 40dda7383b wpa_supplicant: Move D-Bus conf file to share/dbus-1/system.d
Since D-Bus 1.9.18 configuration files installed by third-party should
go in share/dbus-1/system.d. The old location is for sysadmin overrides.
2019-09-16 13:59:46 -04:00
Vladimír Čunát 2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
R. RyanTM a5f2040b0d wpa_supplicant: 2.8 -> 2.9
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/wpa_supplicant/versions
2019-08-20 23:30:06 -07:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Dominik Xaver Hörl 40970f1096 wpa_supplicant/gui: fix qt wrapping
Import mkDerivation explicitly instead of using stdenv.mkDerivation, to
allow proper wrapping.
2019-08-07 11:59:35 +02:00
volth f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Will Dietz 10dde5a1cc wpa_supplicant: patch already applied :) 2019-04-22 15:39:47 -05:00
Will Dietz 1448b0583b wpa_supplicant: 2.7 -> 2.8 2019-04-22 15:34:26 -05:00
Pierre Bourdon 3f0a59314c wpa_supplicant: 2.6 -> 2.7 (#55926) 2019-02-24 00:47:11 +01:00
Jörg Thalheim b5c1deca8a
treewide: remove wkennington as maintainer
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
2019-01-26 10:05:32 +00:00
Linus Heckemann 6845ebbff1 wpa_supplicant: improve manpage
Now points to the store path of the sample config rather than
/usr/share/doc.
2018-11-23 18:01:19 +01:00
Linus Heckemann 1a7f21f398 wpa_supplicant: copy sample config into output 2018-11-23 18:01:19 +01:00
Markus Kowalewski b3d114e6f9
wpa_gui: add license + homepage 2018-08-30 22:03:07 +02:00
Franz Pletz a81b29ac0b
wpa_supplicant: add patch to fix CVE-2018-14526
Fixes #44724.
2018-08-08 22:20:06 +02:00
volth 52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Matthew Bauer 76999cc40e treewide: remove aliases in nixpkgs
This makes the command ‘nix-env -qa -f. --arg config '{skipAliases =
true;}'’ work in Nixpkgs.

Misc...

- qtikz: use libsForQt5.callPackage

  This ensures we get the right poppler.

- rewrites:

  docbook5_xsl -> docbook_xsl_ns
  docbook_xml_xslt -> docbook_xsl

diffpdf: fixup
2018-07-18 23:25:20 -04:00
Jan Tojnar 3784fd5e46
pcsclite: split package 2018-06-29 04:40:54 +02:00
Graham Christensen ea50efcc67
wpa_supplicant: patch for KRACKAttack
CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
    CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
    CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
    CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
    CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
    CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
    CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
    CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
    CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
    CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
2017-10-16 07:33:44 -04:00
Maximilian Güntner daf07c9d62
hostapd/wpa_supplicant: update urls 2017-09-17 13:46:11 +02:00
Carl Sverre 6b62b566a1 wpa_supplicant: Enable BGSCAN module
Compile wpa_supplicant with the BGSCAN module enabled. This allows the
user to configure an SSID to use the bgscan module.  This module causes
wpa_supplicant to periodically perform a background scan for additional
access points and switch to the one with the highest signal.  This scan
can be kicked off when the current connection drops below a target
threshold signal strength.
2017-08-03 21:37:24 -07:00
Thomas Tuegel 210f688802
qt5: rename qmakeHook to qmake 2017-06-18 08:41:57 -05:00
Jörg Thalheim 95f6bece88
wpa_supplicant: upgrade to qt5
also inkscape removal patch, as it introduced a bug: #25320
fixes #25320 #25325
2017-05-01 21:23:22 +02:00
Vladimír Čunát 96d41e393d
treewide: purge maintainers.urkud
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
2017-03-27 19:52:29 +02:00
Moritz Ulrich 7e4c7d6af0 wpa_supplicant_gui: Add forgotten patch. 2016-10-30 22:29:44 +01:00
Moritz Ulrich 19bdc31ed6 wpa_supplicant_gui: Replace inkscape with imagemagick in build process. 2016-10-30 22:28:08 +01:00
Tim Steinbach b86310fccf wpa_supplicant: 2.5 -> 2.6 (#19913) 2016-10-27 13:57:56 +02:00
Tuomas Tynkkynen 603dcd6263 treewide: Make explicit that 'dev' output of libnl is used 2016-05-19 10:00:43 +02:00
Nikolay Amiantov e282d36143 wpa_supplicant_gui: move to qmake4Hook 2016-04-20 18:55:54 +03:00
Tobias Geerinckx-Rice 32d40f0f98 Remove no longer (or never) referenced patches
55 files changed, 6041 deletions. Tested with `nix-build -A tarball`.
2016-01-24 02:02:21 +01:00
Robin Gloster 501d49ebc4 wpa_supplicant: add patch to build with libressl 2.3 2015-12-23 22:08:33 +00:00
Domen Kožar 07405ee187 Merge pull request #9463 from khumba/nm-connection-sharing
Fix NetworkManager connection sharing
2015-11-06 11:16:50 +01:00
Lengyel Balázs c67efeb616 wpa_supplicant: 2.4 -> 2.5 2015-09-28 13:29:01 +02:00
Bryan Gardiner 3d93890c7e
wpa_supplicant: enable AP mode for NetworkManager connection sharing 2015-09-07 14:04:34 -07:00
William A. Kennington III 282d03befa Merge branch 'master.upstream' into staging.upstream 2015-06-22 10:57:36 -07:00
Vladimír Čunát 783af9a960 wpa_supplicant: disable TLS-1.2 for now (fixes #8332) 2015-06-22 17:33:49 +02:00
Vladimír Čunát 61596bf405 Merge #8363: pure-darwin stdenv 2015-06-18 22:38:08 +02:00
Pascal Wittmann 7c4a0eaa53 wpa_supplicant: fix CVE-2015-4143
see http://www.openwall.com/lists/oss-security/2015/05/09/6
2015-06-16 17:28:35 +02:00