diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2013-11-04 17:08:47 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2018-05-31 22:57:36 +0200 |
| commit | 76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (patch) | |
| tree | 9b98e6e193c7870cb27ac861394c1c4592850922 /source/n | |
| parent | 9664bee729d487bcc0a0bc35859f8e13d5421c75 (diff) | |
| download | current-76fc4757ac91ac7947a01fb7b53dddf9a78a01d1.tar.gz current-76fc4757ac91ac7947a01fb7b53dddf9a78a01d1.tar.xz | |
Slackware 14.1slackware-14.1
Mon Nov 4 17:08:47 UTC 2013
Slackware 14.1 x86_64 stable is released!
It's been another interesting release cycle here at Slackware bringing
new features like support for UEFI machines, updated compilers and
development tools, the switch from MySQL to MariaDB, and many more
improvements throughout the system. Thanks to the team, the upstream
developers, the dedicated Slackware community, and everyone else who
pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Diffstat (limited to '')
146 files changed, 8139 insertions, 847 deletions
diff --git a/source/n/ModemManager/ModemManager.SlackBuild b/source/n/ModemManager/ModemManager.SlackBuild index 5089e02d8..6a6e116ef 100755 --- a/source/n/ModemManager/ModemManager.SlackBuild +++ b/source/n/ModemManager/ModemManager.SlackBuild @@ -26,8 +26,7 @@ PKGNAM=ModemManager VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d- | rev)} -BUILD=${BUILD:-1} -TAG=${TAG:-} +BUILD=${BUILD:-2} if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -58,14 +57,12 @@ else LIBDIRSUFFIX="" fi -set -e - rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT cd $TMP rm -rf $PKGNAM-$VERSION -tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* -cd $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +cd $PKGNAM-$VERSION || exit 1 chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -73,6 +70,8 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; +zcat $CWD/WeDoNotHaveSystemD.patch.gz | patch -p1 --verbose || exit 1 + CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ ./configure \ @@ -80,26 +79,27 @@ CXXFLAGS="$SLKCFLAGS" \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --sysconfdir=/etc \ --localstatedir=/var \ + --with-polkit=no \ --mandir=/usr/man \ --docdir=/usr/doc/$PKGNAM-$VERSION \ - --with-pppd-plugin-dir=/usr/lib${LIBDIRSUFFIX}/pppd/2.4.5 \ - --build=$ARCH-slackware-linux + --build=$ARCH-slackware-linux || exit 1 -make $NUMJOBS -make install DESTDIR=$PKG +make $NUMJOBS || exit 1 +make install DESTDIR=$PKG || exit 1 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true +find $PKG/usr/man -type f -exec gzip -9 {} \; + mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION cp -a \ - AUTHORS COPYING ChangeLog INSTALL NEWS README \ + AUTHORS COPYING* ChangeLog INSTALL NEWS README* \ $PKG/usr/doc/$PKGNAM-$VERSION -cat $CWD/$PKGNAM.SlackBuild > $PKG/usr/doc/$PKGNAM-$VERSION/$PKGNAM.SlackBuild mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-txz} +/sbin/makepkg -l y -c n $OUTPUT/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/ModemManager/WeDoNotHaveSystemD.patch b/source/n/ModemManager/WeDoNotHaveSystemD.patch new file mode 100644 index 000000000..ead48c211 --- /dev/null +++ b/source/n/ModemManager/WeDoNotHaveSystemD.patch @@ -0,0 +1,16 @@ +diff -Nur ModemManager-1.0.0.orig/data/org.freedesktop.ModemManager1.service.in ModemManager-1.0.0/data/org.freedesktop.ModemManager1.service.in +--- ModemManager-1.0.0.orig/data/org.freedesktop.ModemManager1.service.in 2013-07-01 01:13:03.000000000 -0500 ++++ ModemManager-1.0.0/data/org.freedesktop.ModemManager1.service.in 2013-09-22 16:09:54.419219920 -0500 +@@ -1,11 +1,4 @@ +-# This D-Bus service activation file is only for systemd support since +-# an auto-activated ModemManager would be quite surprising for those people +-# who have MM installed but turned off. Thus the Exec path available to +-# D-Bus is /bin/false, but systemd knows the real Exec path due to the MM +-# systemd .service file. +- + [D-BUS Service] + Name=org.freedesktop.ModemManager1 +-Exec=@sbindir@/ModemManager ++Exec=/usr/sbin/ModemManager + User=root +-SystemdService=dbus-org.freedesktop.ModemManager1.service diff --git a/source/n/ModemManager/slack-desc b/source/n/ModemManager/slack-desc index 2455ad8ef..87f1ba668 100644 --- a/source/n/ModemManager/slack-desc +++ b/source/n/ModemManager/slack-desc @@ -11,9 +11,9 @@ ModemManager: ModemManager: ModemManager provides a unified high level API for communicating with ModemManager: mobile broadband modems. ModemManager: +ModemManager: For more info, see: +ModemManager: http://cgit.freedesktop.org/ModemManager/ModemManager/ ModemManager: ModemManager: ModemManager: -ModemManager: For more info, see: -ModemManager: http://cgit.freedesktop.org/ModemManager/ModemManager/ ModemManager: diff --git a/source/n/NetworkManager/11-initialize-nm-remote-settings.patch b/source/n/NetworkManager/11-initialize-nm-remote-settings.patch deleted file mode 100644 index fff4194ba..000000000 --- a/source/n/NetworkManager/11-initialize-nm-remote-settings.patch +++ /dev/null @@ -1,27 +0,0 @@ -commit dd0460697c4e281fe277b53916d5251332e1aafc -Author: Jiřà KlimeÅ¡ <jklimes@redhat.com> -Date: Tue Mar 27 22:36:55 2012 +0200 - - libnm-glib: initialize NMRemoteSettings in nm_remote_settings_new() (rh #806664) - - The object was not initialized after creation in nm_remote_settings_new(). This - was a regression caused by 762df85234e7a042a2a5d31053e6cc273ae3e2ec. - -diff --git a/libnm-glib/nm-remote-settings.c b/libnm-glib/nm-remote-settings.c -index 8f213f9..b6b6c18 100644 ---- a/libnm-glib/nm-remote-settings.c -+++ b/libnm-glib/nm-remote-settings.c -@@ -728,7 +728,12 @@ properties_changed_cb (DBusGProxy *proxy, - NMRemoteSettings * - nm_remote_settings_new (DBusGConnection *bus) - { -- return g_object_new (NM_TYPE_REMOTE_SETTINGS, NM_REMOTE_SETTINGS_BUS, bus, NULL); -+ NMRemoteSettings *settings; -+ -+ settings = g_object_new (NM_TYPE_REMOTE_SETTINGS, NM_REMOTE_SETTINGS_BUS, bus, NULL); -+ -+ _nm_remote_settings_ensure_inited (settings); -+ return settings; - } - - static void diff --git a/source/n/NetworkManager/NetworkManager.SlackBuild b/source/n/NetworkManager/NetworkManager.SlackBuild index d7e9d1f8b..41e0d18d0 100755 --- a/source/n/NetworkManager/NetworkManager.SlackBuild +++ b/source/n/NetworkManager/NetworkManager.SlackBuild @@ -1,8 +1,7 @@ #!/bin/sh -# Slackware build script for NetworkManager - -# Copyright 2010,2011 Robby Workman, Northport, Alabama, USA +# Copyright 2010, 2011 Robby Workman, Northport, Alabama, USA +# Copyright 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -26,8 +25,7 @@ PKGNAM=NetworkManager VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} -TAG=${TAG:-} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: MARCH=$( uname -m ) @@ -83,8 +81,6 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -zcat $CWD/11-initialize-nm-remote-settings.patch.gz | patch -p1 --verbose || exit 1 - # Find the version off pppd installed or else assume we are on -current: PPPD=$( basename $(find /usr/lib${LIBDIRSUFFIX}/pppd -type d -maxdepth 1 -mindepth 1) ) [ -z "$PPPD" ] && PPPD=2.4.5 @@ -104,24 +100,38 @@ CXXFLAGS="$SLKCFLAGS" \ --without-resolvconf \ --with-dhcpcd=/sbin/dhcpcd \ --with-dhclient=yes \ + --with-modem-manager-1=yes \ --build=$TARGET || exit 1 make $NUMJOBS || exit 1 make install DESTDIR=$PKG || exit 1 +# For some reason NetworkManager-0.9.8.0 does not install these: +( cd man + mkdir -p $PKG/usr/man/man1 + cp -a *.1 $PKG/usr/man/man1 + mkdir -p $PKG/usr/man/man5 + cp -a *.5 $PKG/usr/man/man5 + mkdir -p $PKG/usr/man/man8 + cp -a *.8 $PKG/usr/man/man8 +) + find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true find $PKG/usr/man -type f -exec gzip -9 {} \; for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +# In case NetworkManager tries to install something here: +rm -f $PKG/etc/rc.d/rc.networkmanager + +# Don't clobber existing rc.networkmanager # Don't run NetworkManager by default just because it got installed. # Instead, the init script will have to be made executable first. # This should avoid nasty surprises on potentially remotely located machines. -chmod 644 $PKG/etc/rc.d/rc.networkmanager - -# Don't clobber existing rc.networkmanager -mv $PKG/etc/rc.d/rc.networkmanager $PKG/etc/rc.d/rc.networkmanager.new +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.networkmanager > $PKG/etc/rc.d/rc.networkmanager.new +chmod 0644 $PKG/etc/rc.d/rc.networkmanager.new # Add a 'starter' NetworkManager.conf file # This sets the hostname (during postinstall) to match the system's name @@ -136,7 +146,6 @@ cp -a \ $PKG/usr/doc/$PKGNAM-$VERSION # In case someone needs this still: cp $CWD/55NetworkManager $PKG/usr/doc/$PKGNAM-$VERSION/ -cat $CWD/$PKGNAM.SlackBuild > $PKG/usr/doc/$PKGNAM-$VERSION/$PKGNAM.SlackBuild # If there's a ChangeLog, installing at least part of the recent history # is useful, but don't let it get totally out of control: @@ -150,5 +159,5 @@ cat $CWD/slack-desc > $PKG/install/slack-desc cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-txz} +/sbin/makepkg --prepend -l y -c n $OUTPUT/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/NetworkManager/doinst.sh b/source/n/NetworkManager/doinst.sh index 2b419b26b..cf091e8da 100644 --- a/source/n/NetworkManager/doinst.sh +++ b/source/n/NetworkManager/doinst.sh @@ -1,3 +1,4 @@ + config() { NEW="$1" OLD="$(dirname $NEW)/$(basename $NEW .new)" @@ -19,7 +20,7 @@ preserve_perms() { cat ${NEW} > ${NEW}.incoming mv ${NEW}.incoming ${NEW} fi - config ${NEW} + mv ${NEW} ${OLD} } if [ -e etc/HOSTNAME ]; then @@ -27,6 +28,13 @@ if [ -e etc/HOSTNAME ]; then etc/NetworkManager/NetworkManager.conf.new fi +# Preserve permissions, but move this into place. Otherwise the net +# connection could be lost at a remote location. preserve_perms etc/rc.d/rc.networkmanager.new config etc/NetworkManager/NetworkManager.conf.new +# If the .pid file is found in the old location, move it to the new one: +if [ -r var/run/NetworkManager.pid ]; then + mv var/run/NetworkManager.pid var/run/NetworkManager/NetworkManager.pid +fi + diff --git a/source/n/NetworkManager/rc.networkmanager b/source/n/NetworkManager/rc.networkmanager new file mode 100644 index 000000000..430e61a45 --- /dev/null +++ b/source/n/NetworkManager/rc.networkmanager @@ -0,0 +1,105 @@ +#!/bin/sh +# +# NetworkManager: NetworkManager daemon +# +# description: This is a daemon for automatically switching network \ +# connections to the best available connection. \ +# +# processname: NetworkManager +# pidfile: /var/run/NetworkManager/NetworkManager.pid +# + +prefix=/usr +exec_prefix=/usr +sbindir=${exec_prefix}/sbin + +NETWORKMANAGER_BIN=${sbindir}/NetworkManager + +# Sanity checks. +[ -x $NETWORKMANAGER_BIN ] || exit 0 + +PIDFILE=/var/run/NetworkManager/NetworkManager.pid + +nm_start() +{ + if [ "`pgrep dbus-daemon`" = "" ]; then + echo "D-BUS must be running to start NetworkManager" + return + fi + + # Just in case the pidfile is still there, we may need to nuke it. + if [ -e "$PIDFILE" ]; then + rm -f $PIDFILE + fi + + echo "Starting NetworkManager daemon: $NETWORKMANAGER_BIN" + $NETWORKMANAGER_BIN +} + +nm_status() +{ + local pidlist=`cat $PIDFILE 2>/dev/null` + if [ -z "$pidlist" ]; then + return 1 + fi + local command=`ps -p $pidlist -o comm=` + if [ "$command" != 'NetworkManager' ]; then + return 1 + fi +} + +nm_stop() +{ + echo -en "Stopping NetworkManager: " + # Shut down any DHCP connections, otherwise the processes will be orphaned + # and the connections will not come up when NetworkManager restarts. + if ps ax | grep /sbin/dhcpcd | grep -q libexec/nm-dhcp ; then + ps ax | grep /sbin/dhcpcd | grep libexec/nm-dhcp | while read line ; do + kill -HUP $(echo $line | cut -b 1-5) + done + fi + if ps ax | grep /sbin/dhclient | grep -q /var/lib/NetworkManager ; then + ps ax | grep /sbin/dhclient | grep /var/lib/NetworkManager | while read line ; do + kill -HUP $(echo $line | cut -b 1-5) + done + fi + local pidlist=`cat $PIDFILE 2>/dev/null` + if [ ! -z "$pidlist" ]; then + kill $pidlist &>/dev/null + sleep 3 + rm -f $PIDFILE &>/dev/null + fi + echo "stopped"; + sleep 3 +} + +nm_restart() +{ + nm_stop + nm_start +} + +case "$1" in +'start') + if ( ! nm_status ); then + nm_start + else + echo "NetworkManager is already running (will not start it twice)." + fi + ;; +'stop') + nm_stop + ;; +'restart') + nm_restart + ;; +'status') + if ( nm_status ); then + echo "NetworkManager is currently running" + else + echo "NetworkManager is not running." + fi + ;; +*) + echo "usage $0 start|stop|status|restart" +esac diff --git a/source/n/NetworkManager/slack-desc b/source/n/NetworkManager/slack-desc index 2a47aaa38..964960480 100644 --- a/source/n/NetworkManager/slack-desc +++ b/source/n/NetworkManager/slack-desc @@ -14,6 +14,6 @@ NetworkManager: addresses, default routes, associating with wireless access poin NetworkManager: or wired LANs, and other network configuration settings in a simple, NetworkManager: automated fashion (manual overrides are still possible). NetworkManager: -NetworkManager: NetworkManager: Home page: http://projects.gnome.org/NetworkManager/ NetworkManager: +NetworkManager: diff --git a/source/n/alpine/alpine.SlackBuild b/source/n/alpine/alpine.SlackBuild index 07961ff2c..5bf3b445d 100755 --- a/source/n/alpine/alpine.SlackBuild +++ b/source/n/alpine/alpine.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,7 +22,7 @@ PKGNAM=alpine -VERSION=${VERSION:-2.02} +VERSION=${VERSION:-2.11} ALPINEBUILD=${ALPINEBUILD:-1} IMAPDBUILD=${IMAPDBUILD:-1} PINEPGP=${PINEPGP:-0.18.0} @@ -55,9 +55,9 @@ elif [ "$ARCH" = "x86_64" ]; then fi cd $TMP -rm -rf re-alpine-${VERSION} -tar xvf $CWD/re-alpine-$VERSION.tar.?z* || exit 1 -cd re-alpine-$VERSION +rm -rf alpine-${VERSION} +tar xvf $CWD/alpine-$VERSION.tar.?z* || exit 1 +cd alpine-$VERSION # Make sure ownerships and permissions are sane: chown -R root:root . @@ -166,7 +166,7 @@ PKG2=/tmp/package-imapd cd $TMP rm -rf $PKG2 mkdir -p $PKG2 -cd re-alpine-$VERSION/imap +cd alpine-$VERSION/imap mkdir -p $PKG2/usr/doc/imapd-$VERSION cp -a \ CONTENTS LICENSE.txt NOTICE SUPPORT \ diff --git a/source/n/alpine/slack-desc.alpine b/source/n/alpine/slack-desc.alpine index 79f962da1..ad9f7b6fa 100644 --- a/source/n/alpine/slack-desc.alpine +++ b/source/n/alpine/slack-desc.alpine @@ -16,4 +16,4 @@ alpine: learned by exploration and the use of context-sensitive help. The alpine: user experience is highly customizable through the use of the Alpine alpine: Setup command. alpine: -alpine: The Alpine site may be found here: http://www.washington.edu/alpine +alpine: The Alpine site may be found here: http://patches.freeiz.com/alpine diff --git a/source/n/autofs/autofs-5.0.5-fix-libxml2-workaround-configure.patch b/source/n/autofs/autofs-5.0.5-fix-libxml2-workaround-configure.patch deleted file mode 100644 index 197ac6bd3..000000000 --- a/source/n/autofs/autofs-5.0.5-fix-libxml2-workaround-configure.patch +++ /dev/null @@ -1,61 +0,0 @@ -autofs-5.0.5 - fix libxml2 workaround configure - -From: Ian Kent <raven@themaw.net> - -The configure logic related to work around the libxml2 library -reload issues is not quite right. The xml code is needed if -ldap is used so it is sufficient to require inclusion of the -workaround code if autofs is being built with LDAP support. ---- - -diff --git a/daemon/Makefile b/daemon/Makefile -index 371ec72..9e9d635 100644 ---- a/daemon/Makefile -+++ b/daemon/Makefile -@@ -23,10 +23,8 @@ LDFLAGS += -rdynamic - LIBS = -ldl - - ifeq ($(LDAP), 1) -- ifeq ($(SASL), 1) - CFLAGS += $(XML_FLAGS) - LIBS += $(XML_LIBS) -- endif - endif - - all: automount -diff --git a/daemon/automount.c b/daemon/automount.c -index 979ecd6..7c44d4b 100644 ---- a/daemon/automount.c -+++ b/daemon/automount.c -@@ -38,10 +38,12 @@ - #include <sys/utsname.h> - - #include "automount.h" --#ifdef LIBXML2_WORKAROUND -+#if defined(LIBXML2_WORKAROUND) || defined(TIRPC_WORKAROUND) - #include <dlfcn.h> -+#ifdef WITH_LDAP - #include <libxml/parser.h> - #endif -+#endif - - const char *program; /* Initialized with argv[0] */ - const char *version = VERSION_STRING; /* Program version */ -@@ -2110,7 +2112,7 @@ int main(int argc, char *argv[]) - exit(1); - } - --#ifdef LIBXML2_WORKAROUND -+#if defined(WITH_LDAP) && defined(LIBXML2_WORKAROUND) - void *dh_xml2 = dlopen("libxml2.so", RTLD_NOW); - if (!dh_xml2) - dh_xml2 = dlopen("libxml2.so.2", RTLD_NOW); -@@ -2158,7 +2160,7 @@ int main(int argc, char *argv[]) - if (dh_tirpc) - dlclose(dh_tirpc); - #endif --#ifdef LIBXML2_WORKAROUND -+#if defined(WITH_LDAP) && defined( LIBXML2_WORKAROUND) - if (dh_xml2) { - xmlCleanupParser(); - dlclose(dh_xml2); diff --git a/source/n/autofs/autofs-5.0.7.tar.sign b/source/n/autofs/autofs-5.0.7.tar.sign new file mode 100644 index 000000000..321e4054a --- /dev/null +++ b/source/n/autofs/autofs-5.0.7.tar.sign @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.12 (GNU/Linux) + +iQIcBAABAgAGBQJQD42MAAoJEOdnc4D1T9ipQqgP/Rgv4TZ+THOwK5GzWkpw49cL +Iyy1RgdcHYnPlohOBXQf9q5R4xkCtJ57qUWMnKaImPSDKnYUzvS3Ttg6IkdLdOET +JwO4GrcAKf1Wf+z4eDRjMHd+wrNoau2HkIUSJLSzajExgWQ2127FmYc+GIZv3OAK +IJac9kSqryjfVLFH5vW4TFgxN4rCMUW8dvCynSG3rSvpWT9CbXrVoKbwQCugpoj0 +tB+1nPlq51hwJjYOXNuPwVBkvtnbB9MbUN9QCtax7ORVdd8ptRBJe0K6z6efvU1G +aoXKf/HthW+aP07Qb2D8Kz2NwArsS9b2MZMFnk0fkPW0vw3nhGqlWkHaZ72nRz+f +clY+mv6gjZ0VIQP7/VH8f+8XGOvKipZabMmOx0gR9aEh9DxBqetti5/LHsgJhic3 +8bkXkze8qpLNtMleaPeSV3B4OUUDmGEU1+kdvPsU53eEJQGqqnvYsExhD6SfxT8d +aksdFqvkEIfrxKxmedjEYo72NjJg/Fr4wYInW0RCEOekOunXV0sxYwZwmx/67EQ4 +PYbWxVT3iTKACa1zSyVQVPrONdXXkTwFGUY5IcRPOQ/05KHOJR8slmaOrRfya0de +jilwKzuOxXMJlmhhPwPycoe0AEBWEzuq+pr/SX4pqJ/fnvyVbq30aVDEnJr8xHz4 +VIsuyeTjs3iSIL0UaN2c +=/dIW +-----END PGP SIGNATURE----- diff --git a/source/n/autofs/autofs.SlackBuild b/source/n/autofs/autofs.SlackBuild index 7fb29caeb..5441894fc 100755 --- a/source/n/autofs/autofs.SlackBuild +++ b/source/n/autofs/autofs.SlackBuild @@ -1,7 +1,7 @@ #!/bin/sh -# Copyright 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2010, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,8 +23,8 @@ PKGNAM=autofs -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -61,10 +61,11 @@ mkdir -p $TMP $PKG cd $TMP rm -rf $PKGNAM-$VERSION -tar xf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 cd $PKGNAM-$VERSION || exit 1 -zcat $CWD/autofs-5.0.5-fix-libxml2-workaround-configure.patch.gz | patch -p1 || exit 1 +zcat $CWD/autofs.sasl.diff.gz | patch -p1 -l --verbose || exit 1 + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -87,6 +88,9 @@ CPPFLAGS="$SLKCFLAGS" \ make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 +# Referenced in the auto.master config file, but not created: +mkdir -p $PKG/etc/auto.master.d + mv $PKG/etc/init.d $PKG/etc/rc.d mv $PKG/etc/rc.d/autofs $PKG/etc/rc.d/rc.autofs.new chmod 644 $PKG/etc/rc.d/rc.autofs.new diff --git a/source/n/autofs/autofs.sasl.diff b/source/n/autofs/autofs.sasl.diff new file mode 100644 index 000000000..8b451031c --- /dev/null +++ b/source/n/autofs/autofs.sasl.diff @@ -0,0 +1,29 @@ +diff -Nuar autofs-5.0.7-orig/modules/lookup_ldap.c autofs-5.0.7/modules/lookup_ldap.c +--- autofs-5.0.7-orig/modules/lookup_ldap.c 2012-10-02 11:44:21.000000000 -0400 ++++ autofs-5.0.7/modules/lookup_ldap.c 2012-10-02 11:44:46.000000000 -0400 +@@ -585,10 +585,12 @@ + { + LDAP *ldap; + ++#ifdef WITH_SASL + if (ctxt->extern_cert && ctxt->extern_key) { + set_env(logopt, ENV_LDAPTLS_CERT, ctxt->extern_cert); + set_env(logopt, ENV_LDAPTLS_KEY, ctxt->extern_key); + } ++#endif + + ldap = init_ldap_connection(logopt, uri, ctxt); + if (ldap) { +@@ -1385,10 +1387,12 @@ + defaults_free_searchdns(ctxt->sdns); + if (ctxt->dclist) + free_dclist(ctxt->dclist); ++#ifdef WITH_SASL + if (ctxt->extern_cert) + free(ctxt->extern_cert); + if (ctxt->extern_key) + free(ctxt->extern_key); ++#endif + free(ctxt); + + return; diff --git a/source/n/bind/bind.SlackBuild b/source/n/bind/bind.SlackBuild index eed6f86a3..2f7768db6 100755 --- a/source/n/bind/bind.SlackBuild +++ b/source/n/bind/bind.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,7 +22,7 @@ PKGNAM=bind -VERSION=${VERSION:-9.9.1-P3} +VERSION=${VERSION:-9.9.3-P2} BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: diff --git a/source/n/bind/caching-example/named.root b/source/n/bind/caching-example/named.root index 8fbbb656b..6c1974129 100644 --- a/source/n/bind/caching-example/named.root +++ b/source/n/bind/caching-example/named.root @@ -9,8 +9,8 @@ ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET ; -; last update: Jun 8, 2011 -; related version of root zone: 2011060800 +; last update: Jan 3, 2013 +; related version of root zone: 2013010300 ; ; formerly NS.INTERNIC.NET ; @@ -31,7 +31,7 @@ C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 ; FORMERLY TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. -D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D ; ; FORMERLY NS.NASA.GOV diff --git a/source/n/bluez/bluez-run_udev_helper.patch b/source/n/bluez/bluez-run_udev_helper.patch new file mode 100644 index 000000000..a3a71e6df --- /dev/null +++ b/source/n/bluez/bluez-run_udev_helper.patch @@ -0,0 +1,14 @@ +Instead of automatically starting the bluetooth subsystem when devices +are added, let's invoke a wrapper script in /lib/udev and have that +wrapper check whether /etc/rc.d/rc.bluetooth is executable first. + +diff -Nur bluez-4.99/scripts/bluetooth.rules.in bluez-4.99.orig/scripts/bluetooth.rules.in +--- bluez-4.99.orig/scripts/bluetooth.rules.in 2010-10-02 18:25:27.000000000 -0500 ++++ bluez-4.99/scripts/bluetooth.rules.in 2013-06-27 22:05:55.572332197 -0500 +@@ -1,4 +1,4 @@ + # Run helper every time a Bluetooth device appears + # On remove actions, bluetoothd should go away by itself +-ACTION=="add", SUBSYSTEM=="bluetooth", RUN+="@prefix@/sbin/bluetoothd --udev" +-ACTION=="change", SUBSYSTEM=="bluetooth", RUN+="@prefix@/sbin/bluetoothd --udev" ++ACTION=="add", SUBSYSTEM=="bluetooth", RUN+="/lib/udev/bluetooth.sh" ++ACTION=="change", SUBSYSTEM=="bluetooth", RUN+="/lib/udev/bluetooth.sh" diff --git a/source/n/bluez/bluez.SlackBuild b/source/n/bluez/bluez.SlackBuild index d77c15149..b1f31593e 100755 --- a/source/n/bluez/bluez.SlackBuild +++ b/source/n/bluez/bluez.SlackBuild @@ -2,7 +2,7 @@ # Slackware build script for bluez - http://www.bluez.org -# Copyright 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -24,7 +24,7 @@ PKGNAM=bluez VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -70,6 +70,9 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; +# Start bluetoothd via a wrapper script to check rc.bluetooth's +/-x first +zcat $CWD/bluez-run_udev_helper.patch.gz | patch -p1 --verbose || exit 1 + # Enable the audio socket in audio.conf: zcat $CWD/bluez.enable.audio.socket.diff.gz | patch -p1 --verbose || exit 1 @@ -142,6 +145,10 @@ mv $PKG/usr/share/alsa/bluetooth.conf $PKG/etc/alsa done ) +# Add the wrapper script +cat $CWD/config/bluetooth.sh > $PKG/lib/udev/bluetooth.sh +chmod 0755 $PKG/lib/udev/bluetooth.sh + # Add an init script mkdir -p $PKG/etc/rc.d cat $CWD/config/rc.bluetooth > $PKG/etc/rc.d/rc.bluetooth.new diff --git a/source/n/bluez/config/bluetooth.sh b/source/n/bluez/config/bluetooth.sh new file mode 100644 index 000000000..22034551c --- /dev/null +++ b/source/n/bluez/config/bluetooth.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +# Check whether /etc/rc.d/rc.bluetooth is executable before starting +# the bluetooth subsystem for hotplugged bluetooth devices +[ -x /etc/rc.d/rc.bluetooth ] && exec /usr/sbin/bluetoothd --udev +exit 0 + diff --git a/source/n/ca-certificates/ca-certificates.SlackBuild b/source/n/ca-certificates/ca-certificates.SlackBuild index b3efd180d..83d61a8b1 100755 --- a/source/n/ca-certificates/ca-certificates.SlackBuild +++ b/source/n/ca-certificates/ca-certificates.SlackBuild @@ -3,7 +3,7 @@ # Slackware build script for ca-certificates # Copyright 2009,2011 Robby Workman Northport, AL, USA -# Copyright 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -24,9 +24,9 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=ca-certificates -VERSION=${VERSION:-20120623} +VERSION=${VERSION:-20130906} ARCH=noarch -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} CWD=$(pwd) TMP=${TMP:-/tmp} @@ -35,9 +35,9 @@ PKG=$TMP/package-$PRGNAM rm -rf $PKG mkdir -p $TMP $PKG cd $TMP -rm -rf $PRGNAM-$VERSION -tar xvf $CWD/${PRGNAM}_$VERSION.tar.gz -cd $PRGNAM-$VERSION +rm -rf $PRGNAM +tar xvf $CWD/${PRGNAM}_$VERSION.tar.gz || exit 1 +cd $PRGNAM || exit 1 chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -45,7 +45,6 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -zcat $CWD/patches/remove_debconf.diff.gz | patch -p1 || exit 1 zcat $CWD/patches/fixup_DESTDIR.diff.gz | patch -p1 || exit 1 zcat $CWD/patches/fixup_update-ca-certificates.diff.gz | patch -p1 || exit 1 diff --git a/source/n/ca-certificates/patches/fixup_DESTDIR.diff b/source/n/ca-certificates/patches/fixup_DESTDIR.diff index 291848f69..964064184 100644 --- a/source/n/ca-certificates/patches/fixup_DESTDIR.diff +++ b/source/n/ca-certificates/patches/fixup_DESTDIR.diff @@ -1,39 +1,15 @@ -diff -Nur ca-certificates-20111211.orig/Makefile ca-certificates-20111211/Makefile ---- ca-certificates-20111211.orig/Makefile 2011-12-11 13:54:02.000000000 -0600 -+++ ca-certificates-20111211/Makefile 2011-12-17 23:05:37.590951594 -0600 -@@ -17,7 +17,7 @@ - - install: - for dir in $(SUBDIRS); do \ -- mkdir $(DESTDIR)/$(CERTSDIR)/$$dir; \ -+ mkdir -p $(DESTDIR)/$(CERTSDIR)/$$dir; \ - $(MAKE) -C $$dir install CERTSDIR=$(DESTDIR)/$(CERTSDIR)/$$dir; \ - done - for dir in sbin; do \ -diff -Nur ca-certificates-20111211.orig/cacert.org/Makefile ca-certificates-20111211/cacert.org/Makefile ---- ca-certificates-20111211.orig/cacert.org/Makefile 2011-12-11 13:54:02.000000000 -0600 -+++ ca-certificates-20111211/cacert.org/Makefile 2011-12-17 23:06:16.927521153 -0600 -@@ -9,5 +9,6 @@ - - install: - cat root.crt class3.crt > cacert.org.crt -+ mkdir -p $(CERTSDIR) - install -m 644 cacert.org.crt $(CERTSDIR)/cacert.org.crt - -diff -Nur ca-certificates-20111211.orig/debconf.org/Makefile ca-certificates-20111211/debconf.org/Makefile ---- ca-certificates-20111211.orig/debconf.org/Makefile 2011-12-11 13:54:02.000000000 -0600 -+++ ca-certificates-20111211/debconf.org/Makefile 2011-12-17 23:06:27.118409644 -0600 +--- ./cacert.org/Makefile.orig ++++ ./cacert.org/Makefile @@ -7,6 +7,7 @@ clean: install: + mkdir -p $(CERTSDIR) for p in *.crt; do \ - install -m 644 $$p $(CERTSDIR)/$$p ; \ + install -m 644 $$p $(CERTSDIR)/cacert.org_$$p ; \ done -diff -Nur ca-certificates-20111211.orig/mozilla/Makefile ca-certificates-20111211/mozilla/Makefile ---- ca-certificates-20111211.orig/mozilla/Makefile 2011-12-11 13:54:02.000000000 -0600 -+++ ca-certificates-20111211/mozilla/Makefile 2011-12-17 23:06:34.556328253 -0600 +--- ./mozilla/Makefile.orig ++++ ./mozilla/Makefile @@ -9,6 +9,7 @@ -rm -f *.crt @@ -42,18 +18,27 @@ diff -Nur ca-certificates-20111211.orig/mozilla/Makefile ca-certificates-2011121 for p in *.crt; do \ install -m 644 $$p $(CERTSDIR)/$$p ; \ done -diff -Nur ca-certificates-20111211.orig/sbin/Makefile ca-certificates-20111211/sbin/Makefile ---- ca-certificates-20111211.orig/sbin/Makefile 2011-12-11 13:54:02.000000000 -0600 -+++ ca-certificates-20111211/sbin/Makefile 2011-12-17 23:07:03.841007810 -0600 +--- ./sbin/Makefile.orig ++++ ./sbin/Makefile @@ -8,4 +8,5 @@ clean: install: + mkdir -p $(DESTDIR)/usr/sbin install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/ -diff -Nur ca-certificates-20111211.orig/spi-inc.org/Makefile ca-certificates-20111211/spi-inc.org/Makefile ---- ca-certificates-20111211.orig/spi-inc.org/Makefile 2011-12-11 13:54:02.000000000 -0600 -+++ ca-certificates-20111211/spi-inc.org/Makefile 2011-12-17 23:08:18.499190893 -0600 +--- ./Makefile.orig ++++ ./Makefile +@@ -17,7 +17,7 @@ + + install: + for dir in $(SUBDIRS); do \ +- mkdir $(DESTDIR)/$(CERTSDIR)/$$dir; \ ++ mkdir -p $(DESTDIR)/$(CERTSDIR)/$$dir; \ + $(MAKE) -C $$dir install CERTSDIR=$(DESTDIR)/$(CERTSDIR)/$$dir; \ + done + for dir in sbin; do \ +--- ./spi-inc.org/Makefile.orig ++++ ./spi-inc.org/Makefile @@ -7,6 +7,7 @@ clean: diff --git a/source/n/ca-certificates/patches/remove_debconf.diff b/source/n/ca-certificates/patches/remove_debconf.diff deleted file mode 100644 index 58fce4226..000000000 --- a/source/n/ca-certificates/patches/remove_debconf.diff +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nur ca-certificates-20111211.orig/Makefile ca-certificates-20111211/Makefile ---- ca-certificates-20111211.orig/Makefile 2011-12-17 23:10:21.709842750 -0600 -+++ ca-certificates-20111211/Makefile 2011-12-17 23:10:10.096969815 -0600 -@@ -3,7 +3,7 @@ - # - - CERTSDIR = /usr/share/ca-certificates --SUBDIRS = mozilla cacert.org debconf.org spi-inc.org -+SUBDIRS = mozilla cacert.org spi-inc.org - - all: - for dir in $(SUBDIRS); do \ diff --git a/source/n/conntrack-tools/conntrack-tools.SlackBuild b/source/n/conntrack-tools/conntrack-tools.SlackBuild new file mode 100755 index 000000000..8f40c920f --- /dev/null +++ b/source/n/conntrack-tools/conntrack-tools.SlackBuild @@ -0,0 +1,104 @@ +#!/bin/sh + +# Slackware build script for conntrack-tools + +# Copyright 2006-2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=conntrack-tools +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc/conntrackd \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +mkdir -p $PKG/etc/conntrackd +cat doc/stats/conntrackd.conf > $PKG/etc/conntrackd/conntrackd.conf.sample + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +find $PKG/usr/man -type f -exec gzip -9 {} \; + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a AUTHORS COPYING* INSTALL TODO doc/cli doc/sync doc/manual \ + $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/conntrack-tools/slack-desc b/source/n/conntrack-tools/slack-desc new file mode 100644 index 000000000..15726e0ed --- /dev/null +++ b/source/n/conntrack-tools/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +conntrack-tools: conntrack-tools (userspace tools for conntrack) +conntrack-tools: +conntrack-tools: The conntrack-tools are a set of userspace tools that allow system +conntrack-tools: administrators to interact with the Connection Tracking System (the +conntrack-tools: module that provides stateful packet inspection for iptables). +conntrack-tools: +conntrack-tools: The conntrack-tools include the userspace daemon conntrackd +conntrack-tools: and the command line interface conntrack. +conntrack-tools: +conntrack-tools: +conntrack-tools: diff --git a/source/n/curl/cacert.pem b/source/n/curl/cacert.pem index 1fccb3ddc..99b310bce 100644 --- a/source/n/curl/cacert.pem +++ b/source/n/curl/cacert.pem @@ -1,7 +1,7 @@ ## ## ca-bundle.crt -- Bundle of CA Root Certificates ## -## Certificate data from Mozilla as of: Wed Apr 25 15:02:13 2012 +## Certificate data from Mozilla as of: Sat Dec 29 20:03:40 2012 ## ## This is a bundle of X.509 certificates of public Certificate Authorities ## (CA). These were automatically extracted from Mozilla's root certificates @@ -14,7 +14,7 @@ ## Just configure this file as the SSLCACertificateFile. ## -# @(#) $RCSfile: certdata.txt,v $ $Revision: 1.83 $ $Date: 2012/04/25 14:49:29 $ +# @(#) $RCSfile: certdata.txt,v $ $Revision: 1.87 $ $Date: 2012/12/29 16:32:45 $ GTE CyberTrust Global Root ========================== @@ -147,6 +147,44 @@ WM1pF+NEHJwZRDmJXNycAA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2Omuf Tqj/ZA1k -----END CERTIFICATE----- +Verisign Class 1 Public Primary Certification Authority - G2 +============================================================ +-----BEGIN CERTIFICATE----- +MIIDAjCCAmsCEEzH6qqYPnHTkxD4PTqJkZIwDQYJKoZIhvcNAQEFBQAwgcExCzAJBgNVBAYTAlVT +MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMgUHJpbWFy +eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2ln +biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz +dCBOZXR3b3JrMB4XDTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVT +MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMgUHJpbWFy +eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2ln +biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz +dCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCq0Lq+Fi24g9TK0g+8djHKlNgd +k4xWArzZbxpvUjZudVYKVdPfQ4chEWWKfo+9Id5rMj8bhDSVBZ1BNeuS65bdqlk/AVNtmU/t5eIq +WpDBucSmFc/IReumXY6cPvBkJHalzasab7bYe1FhbqZ/h8jit+U03EGI6glAvnOSPWvndQIDAQAB +MA0GCSqGSIb3DQEBBQUAA4GBAKlPww3HZ74sy9mozS11534Vnjty637rXC0Jh9ZrbWB85a7FkCMM +XErQr7Fd88e2CtvgFZMN3QO8x3aKtd1Pw5sTdbgBwObJW2uluIncrKTdcu1OofdPvAbT6shkdHvC +lUGcZXNY8ZCaPGqxmMnEh7zPRW1F4m4iP/68DzFc6PLZ +-----END CERTIFICATE----- + +Verisign Class 2 Public Primary Certification Authority - G2 +============================================================ +-----BEGIN CERTIFICATE----- +MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGljIFByaW1h +cnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNp +Z24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1 +c3QgTmV0d29yazAeFw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGljIFByaW1h +cnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNp +Z24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1 +c3QgTmV0d29yazCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjx +nNuX6Zr8wgQGE75fUsjMHiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRC +wiNPStjwDqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cCAwEA +ATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9jinb3/7aHmZuovCfTK +1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAXrXfMSTWqz9iP0b63GJZHc2pUIjRk +LbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnInjBJ7xUS0rg== +-----END CERTIFICATE----- + Verisign Class 3 Public Primary Certification Authority - G2 ============================================================ -----BEGIN CERTIFICATE----- @@ -266,6 +304,54 @@ V9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/APhmcGcwTTYJBtYze4D1gCCAPRX5r on+jjBXu -----END CERTIFICATE----- +Verisign Class 1 Public Primary Certification Authority - G3 +============================================================ +-----BEGIN CERTIFICATE----- +MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv +cmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl +IG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQsw +CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy +dXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDEgUHVibGljIFByaW1hcnkg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAN2E1Lm0+afY8wR4nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/E +bRrsC+MO8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjVojYJ +rKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjbPG7PoBMAGrgnoeS+ +Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP26KbqxzcSXKMpHgLZ2x87tNcPVkeB +FQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vrn5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA +q2aN17O6x5q25lXQBfGfMY1aqtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/N +y9Sn2WCVhDr4wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3 +ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrspSCAaWihT37h +a88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4E1Z5T21Q6huwtVexN2ZYI/Pc +D98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g== +-----END CERTIFICATE----- + +Verisign Class 2 Public Primary Certification Authority - G3 +============================================================ +-----BEGIN CERTIFICATE----- +MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJBgNVBAYTAlVT +MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y +azE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ug +b25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0 +aW9uIEF1dGhvcml0eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJ +BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1 +c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y +aXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBD +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEArwoNwtUs22e5LeWUJ92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6 +tW8UvxDOJxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUYwZF7 +C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9okoqQHgiBVrKtaaNS +0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjNqWm6o+sdDZykIKbBoMXRRkwXbdKs +Zj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/ESrg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0 +JhU8wI1NQ0kdvekhktdmnLfexbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf +0xwLRtxyID+u7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU +sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RIsH/7NiXaldDx +JBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTPcjnhsUPgKM+351psE2tJs//j +GHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q +-----END CERTIFICATE----- + Verisign Class 3 Public Primary Certification Authority - G3 ============================================================ -----BEGIN CERTIFICATE----- @@ -686,6 +772,31 @@ gn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwXQMAJKOSLakhT2+zNVVXxxvjpoixMptEm X36vWkzaH6byHCx+rgIW0lbQL1dTR+iS -----END CERTIFICATE----- +UTN-USER First-Network Applications +=================================== +-----BEGIN CERTIFICATE----- +MIIEZDCCA0ygAwIBAgIQRL4Mi1AAJLQR0zYwS8AzdzANBgkqhkiG9w0BAQUFADCBozELMAkGA1UE +BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl +IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xKzAp +BgNVBAMTIlVUTi1VU0VSRmlyc3QtTmV0d29yayBBcHBsaWNhdGlvbnMwHhcNOTkwNzA5MTg0ODM5 +WhcNMTkwNzA5MTg1NzQ5WjCBozELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5T +YWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho +dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xKzApBgNVBAMTIlVUTi1VU0VSRmlyc3QtTmV0d29yayBB +cHBsaWNhdGlvbnMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+5Gh5DZVhawGNFug +mliy+LUPBXeDrjKxdpJo7CNKyXY/45y2N3kDuatpjQclthln5LAbGHNhSuh+zdMvZOOmfAz6F4Cj +DUeJT1FxL+78P/m4FoCHiZMlIJpDgmkkdihZNaEdwH+DBmQWICzTSaSFtMBhf1EI+GgVkYDLpdXu +Ozr0hAReYFmnjDRy7rh4xdE7EkpvfmUnuaRVxblvQ6TFHSyZwFKkeEwVs0CYCGtDxgGwenv1axwi +P8vv/6jQOkt2FZ7S0cYu49tXGzKiuG/ohqY/cKvlcJKrRB5AUPuco2LkbG6gyN7igEL66S/ozjIE +j3yNtxyjNTwV3Z7DrpelAgMBAAGjgZEwgY4wCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8w +HQYDVR0OBBYEFPqGydvguul49Uuo1hXf8NPhahQ8ME8GA1UdHwRIMEYwRKBCoECGPmh0dHA6Ly9j +cmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LU5ldHdvcmtBcHBsaWNhdGlvbnMuY3JsMA0G +CSqGSIb3DQEBBQUAA4IBAQCk8yXM0dSRgyLQzDKrm5ZONJFUICU0YV8qAhXhi6r/fWRRzwr/vH3Y +IWp4yy9Rb/hCHTO967V7lMPDqaAt39EpHx3+jz+7qEUqf9FuVSTiuwL7MT++6LzsQCv4AdRWOOTK +RIK1YSAhZ2X28AvnNPilwpyjXEAfhZOVBt5P1CeptqX8Fs1zMT+4ZSfP1FMa8Kxun08FDAOBp4Qp +xFq9ZFdyrTvPNximmMatBrTcCKME1SmklpoSZ0qMYEWd8SOasACcaLWYUNPvji6SZbFIPiG+FTAq +DbUMo2s/rn9X9R+WfN9v3YIwLGUbQErNaLly7HF27FSOH4UMAWr6pjisH8SE +-----END CERTIFICATE----- + America Online Root Certification Authority 1 ============================================= -----BEGIN CERTIFICATE----- @@ -973,6 +1084,26 @@ s58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJUJRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ FL39vmwLAw== -----END CERTIFICATE----- +Sonera Class 1 Root CA +====================== +-----BEGIN CERTIFICATE----- +MIIDIDCCAgigAwIBAgIBJDANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEPMA0GA1UEChMG +U29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MxIENBMB4XDTAxMDQwNjEwNDkxM1oXDTIxMDQw +NjEwNDkxM1owOTELMAkGA1UEBhMCRkkxDzANBgNVBAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJh +IENsYXNzMSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWJHytPZwp5/8Ue+H88 +7dF+2rDNbS82rDTG29lkFwhjMDMiikzujrsPDUJVyZ0upe/3p4zDq7mXy47vPxVnqIJyY1MPQYx9 +EJUkoVqlBvqSV536pQHydekfvFYmUk54GWVYVQNYwBSujHxVX3BbdyMGNpfzJLWaRpXk3w0LBUXl +0fIdgrvGE+D+qnr9aTCU89JFhfzyMlsy3uhsXR/LpCJ0sICOXZT3BgBLqdReLjVQCfOAl/QMF645 +2F/NM8EcyonCIvdFEu1eEpOdY6uCLrnrQkFEy0oaAIINnvmLVz5MxxftLItyM19yejhW1ebZrgUa +HXVFsculJRwSVzb9IjcCAwEAAaMzMDEwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIR+IMi/ZT +iFIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCLGrLJXWG04bkruVPRsoWdd44W7hE9 +28Jj2VuXZfsSZ9gqXLar5V7DtxYvyOirHYr9qxp81V9jz9yw3Xe5qObSIjiHBxTZ/75Wtf0HDjxV +yhbMp6Z3N/vbXB9OWQaHowND9Rart4S9Tu+fMTfwRvFAttEMpWT4Y14h21VOTzF2nBBhjrZTOqMR +vq9tfB69ri3iDGnHhVNoomG6xT60eVR4ngrHAr5i0RGCS2UvkVrCqIexVmiUefkl98HVrhq4uz2P +qYo4Ffdz0Fpg0YCw8NzVUM1O7pJIae2yIx4wzMiUyLb1O4Z/P6Yun/Y+LLWSlj7fLJOK/4GMDw9Z +IRlXvVWa +-----END CERTIFICATE----- + Sonera Class 2 Root CA ====================== -----BEGIN CERTIFICATE----- @@ -1092,6 +1223,32 @@ EZ4du5A/EkdOjtd+D2JzHVImOBwYSf0wdJrE5SIv2MCN7ZF6TACPcn9d2t0bi0Vr591pl6jFVkwP DPafepE39peC4N1xaf92P2BNPM/3mfnGV/TJVTl4uix5yaaIK/QI -----END CERTIFICATE----- +UTN USERFirst Email Root CA +=========================== +-----BEGIN CERTIFICATE----- +MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCBrjELMAkGA1UE +BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl +IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0 +BgNVBAMTLVVUTi1VU0VSRmlyc3QtQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05 +OTA3MDkxNzI4NTBaFw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQx +FzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsx +ITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UEAxMtVVROLVVTRVJGaXJz +dC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3BYHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIx +B8dOtINknS4p1aJkxIW9hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8 +om+rWV6lL8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLmSGHG +TPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM1tZUOt4KpLoDd7Nl +yP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws6wIDAQABo4G5MIG2MAsGA1UdDwQE +AwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNV +HR8EUTBPME2gS6BJhkdodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGll +bnRBdXRoZW50aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH +AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u7mFVbwQ+zzne +xRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0xtcgBEXkzYABurorbs6q15L+ +5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQrfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarV +NZ1yQAOJujEdxRBoUp7fooXFXAimeOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZ +w7JHpsIyYdfHb0gkUSeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ= +-----END CERTIFICATE----- + UTN USERFirst Hardware Root CA ============================== -----BEGIN CERTIFICATE----- @@ -1118,6 +1275,31 @@ iCrVWFCVH/A7HFe7fRQ5YiuayZSSKqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67 nfhmqA== -----END CERTIFICATE----- +UTN USERFirst Object Root CA +============================ +-----BEGIN CERTIFICATE----- +MIIEZjCCA06gAwIBAgIQRL4Mi1AAJLQR0zYt4LNfGzANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UE +BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl +IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAb +BgNVBAMTFFVUTi1VU0VSRmlyc3QtT2JqZWN0MB4XDTk5MDcwOTE4MzEyMFoXDTE5MDcwOTE4NDAz +NlowgZUxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkx +HjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3dy51c2Vy +dHJ1c3QuY29tMR0wGwYDVQQDExRVVE4tVVNFUkZpcnN0LU9iamVjdDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAM6qgT+jo2F4qjEAVZURnicPHxzfOpuCaDDASmEd8S8O+r5596Uj71VR +loTN2+O5bj4x2AogZ8f02b+U60cEPgLOKqJdhwQJ9jCdGIqXsqoc/EHSoTbL+z2RuufZcDX65OeQ +w5ujm9M89RKZd7G3CeBo5hy485RjiGpq/gt2yb70IuRnuasaXnfBhQfdDWy/7gbHd2pBnqcP1/vu +lBe3/IW+pKvEHDHd17bR5PDv3xaPslKT16HUiaEHLr/hARJCHhrh2JU022R5KP+6LhHC5ehbkkj7 +RwvCbNqtMoNB86XlQXD9ZZBt+vpRxPm9lisZBCzTbafc8H9vg2XiaquHhnUCAwEAAaOBrzCBrDAL +BgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU2u1kdBScFDyr3ZmpvVsoTYs8 +ydgwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VUTi1VU0VSRmly +c3QtT2JqZWN0LmNybDApBgNVHSUEIjAgBggrBgEFBQcDAwYIKwYBBQUHAwgGCisGAQQBgjcKAwQw +DQYJKoZIhvcNAQEFBQADggEBAAgfUrE3RHjb/c652pWWmKpVZIC1WkDdIaXFwfNfLEzIR1pp6ujw +NTX00CXzyKakh0q9G7FzCL3Uw8q2NbtZhncxzaeAFK4T7/yxSPlrJSUtUbYsbUXBmMiKVl0+7kNO +PmsnjtA6S4ULX9Ptaqd1y9Fahy85dRNacrACgZ++8A+EVCBibGnU4U3GDZlDAQ0Slox4nb9QorFE +qmrPF3rPbw/U+CRVX/A0FklmPlBGyWNxODFiuGK581OtbLUrohKqGU8J2l7nk8aOFAj+8DCAGKCG +hU3IfdeLA/5u1fedFqySLKAj5ZyRUh+U3xeUc8OzwcFxBSAAeL0TUh2oPs0AH8g= +-----END CERTIFICATE----- + Camerfirma Chambers of Commerce Root ==================================== -----BEGIN CERTIFICATE----- @@ -1172,6 +1354,42 @@ IBHNfTIzSJRUTN3cecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREes t2d/AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== -----END CERTIFICATE----- +NetLock Qualified (Class QA) Root +================================= +-----BEGIN CERTIFICATE----- +MIIG0TCCBbmgAwIBAgIBezANBgkqhkiG9w0BAQUFADCByTELMAkGA1UEBhMCSFUxETAPBgNVBAcT +CEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0b25zYWdpIEtmdC4xGjAYBgNV +BAsTEVRhbnVzaXR2YW55a2lhZG9rMUIwQAYDVQQDEzlOZXRMb2NrIE1pbm9zaXRldHQgS296amVn +eXpvaSAoQ2xhc3MgUUEpIFRhbnVzaXR2YW55a2lhZG8xHjAcBgkqhkiG9w0BCQEWD2luZm9AbmV0 +bG9jay5odTAeFw0wMzAzMzAwMTQ3MTFaFw0yMjEyMTUwMTQ3MTFaMIHJMQswCQYDVQQGEwJIVTER +MA8GA1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNhZ2kgS2Z0 +LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxQjBABgNVBAMTOU5ldExvY2sgTWlub3NpdGV0 +dCBLb3pqZWd5em9pIChDbGFzcyBRQSkgVGFudXNpdHZhbnlraWFkbzEeMBwGCSqGSIb3DQEJARYP +aW5mb0BuZXRsb2NrLmh1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1Ilstg91IRV +CacbvWy5FPSKAtt2/GoqeKvld/Bu4IwjZ9ulZJm53QE+b+8tmjwi8F3JV6BVQX/yQ15YglMxZc4e +8ia6AFQer7C8HORSjKAyr7c3sVNnaHRnUPYtLmTeriZ539+Zhqurf4XsoPuAzPS4DB6TRWO53Lhb +m+1bOdRfYrCnjnxmOCyqsQhjF2d9zL2z8cM/z1A57dEZgxXbhxInlrfa6uWdvLrqOU+L73Sa58XQ +0uqGURzk/mQIKAR5BevKxXEOC++r6uwSEaEYBTJp0QwsGj0lmT+1fMptsK6ZmfoIYOcZwvK9UdPM +0wKswREMgM6r3JSda6M5UzrWhQIDAMV9o4ICwDCCArwwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNV +HQ8BAf8EBAMCAQYwggJ1BglghkgBhvhCAQ0EggJmFoICYkZJR1lFTEVNISBFemVuIHRhbnVzaXR2 +YW55IGEgTmV0TG9jayBLZnQuIE1pbm9zaXRldHQgU3pvbGdhbHRhdGFzaSBTemFiYWx5emF0YWJh +biBsZWlydCBlbGphcmFzb2sgYWxhcGphbiBrZXN6dWx0LiBBIG1pbm9zaXRldHQgZWxla3Ryb25p +a3VzIGFsYWlyYXMgam9naGF0YXMgZXJ2ZW55ZXN1bGVzZW5laywgdmFsYW1pbnQgZWxmb2dhZGFz +YW5hayBmZWx0ZXRlbGUgYSBNaW5vc2l0ZXR0IFN6b2xnYWx0YXRhc2kgU3phYmFseXphdGJhbiwg +YXogQWx0YWxhbm9zIFN6ZXJ6b2Rlc2kgRmVsdGV0ZWxla2JlbiBlbG9pcnQgZWxsZW5vcnplc2kg +ZWxqYXJhcyBtZWd0ZXRlbGUuIEEgZG9rdW1lbnR1bW9rIG1lZ3RhbGFsaGF0b2sgYSBodHRwczov +L3d3dy5uZXRsb2NrLmh1L2RvY3MvIGNpbWVuIHZhZ3kga2VyaGV0b2sgYXogaW5mb0BuZXRsb2Nr +Lm5ldCBlLW1haWwgY2ltZW4uIFdBUk5JTkchIFRoZSBpc3N1YW5jZSBhbmQgdGhlIHVzZSBvZiB0 +aGlzIGNlcnRpZmljYXRlIGFyZSBzdWJqZWN0IHRvIHRoZSBOZXRMb2NrIFF1YWxpZmllZCBDUFMg +YXZhaWxhYmxlIGF0IGh0dHBzOi8vd3d3Lm5ldGxvY2suaHUvZG9jcy8gb3IgYnkgZS1tYWlsIGF0 +IGluZm9AbmV0bG9jay5uZXQwHQYDVR0OBBYEFAlqYhaSsFq7VQ7LdTI6MuWyIckoMA0GCSqGSIb3 +DQEBBQUAA4IBAQCRalCc23iBmz+LQuM7/KbD7kPgz/PigDVJRXYC4uMvBcXxKufAQTPGtpvQMznN +wNuhrWw3AkxYQTvyl5LGSKjN5Yo5iWH5Upfpvfb5lHTocQ68d4bDBsxafEp+NFAwLvt/MpqNPfMg +W/hqyobzMUwsWYACff44yTB1HLdV47yfuqhthCgFdbOLDcCRVCHnpgu0mfVRQdzNo0ci2ccBgcTc +R08m6h/t280NmPSjnLRzMkqWmf68f8glWPhY83ZmiVSkpj7EUFy6iRiCdUgh0k8T6GB+B3bbELVR +5qq5aKrN9p2QdRLqOBrKROi3macqaJVmlaut74nLYKkGEsaUR+ko +-----END CERTIFICATE----- + NetLock Notary (Class A) Root ============================= -----BEGIN CERTIFICATE----- @@ -1668,6 +1886,37 @@ hGIAF728JRhX8tepb1mIvDS3LoV4nZbcFMMsilKbloxSZj2GFotHuFEJjOp9zYhys2AzsfAKRO8P UrbnBEI= -----END CERTIFICATE----- +SwissSign Platinum CA - G2 +========================== +-----BEGIN CERTIFICATE----- +MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UEBhMCQ0gxFTAT +BgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWduIFBsYXRpbnVtIENBIC0gRzIw +HhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAwWjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMM +U3dpc3NTaWduIEFHMSMwIQYDVQQDExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJ +KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu +669yIIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2HtnIuJpX+UF +eNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+6ixuEFGSzH7VozPY1kne +WCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5objM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIo +j5+saCB9bzuohTEJfwvH6GXp43gOCWcwizSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/6 +8++QHkwFix7qepF6w9fl+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34T +aNhxKFrYzt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaPpZjy +domyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtFKwH3HBqi7Ri6Cr2D ++m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuWae5ogObnmLo2t/5u7Su9IPhlGdpV +CX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMBAAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCv +zAeHFUdvOMW0ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW +IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUAA4ICAQAIhab1 +Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0uMoI3LQwnkAHFmtllXcBrqS3 +NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4 +U99REJNi54Av4tHgvI42Rncz7Lj7jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8 +KV2LwUvJ4ooTHbG/u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl +9x8DYSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1puEa+S1B +aYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXaicYwu+uPyyIIoK6q8QNs +OktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbGDI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSY +Mdp08YSTcU1f+2BY0fvEwW2JorsgH51xkcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAci +IfNAChs0B0QTwoRqjt8ZWr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g== +-----END CERTIFICATE----- + SwissSign Gold CA - G2 ====================== -----BEGIN CERTIFICATE----- @@ -2005,6 +2254,32 @@ hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZiFj4A4xylNoEY okxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ/L7fCg0= -----END CERTIFICATE----- +S-TRUST Authentication and Encryption Root CA 2005 PN +===================================================== +-----BEGIN CERTIFICATE----- +MIIEezCCA2OgAwIBAgIQNxkY5lNUfBq1uMtZWts1tzANBgkqhkiG9w0BAQUFADCBrjELMAkGA1UE +BhMCREUxIDAeBgNVBAgTF0JhZGVuLVd1ZXJ0dGVtYmVyZyAoQlcpMRIwEAYDVQQHEwlTdHV0dGdh +cnQxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMT4wPAYDVQQDEzVT +LVRSVVNUIEF1dGhlbnRpY2F0aW9uIGFuZCBFbmNyeXB0aW9uIFJvb3QgQ0EgMjAwNTpQTjAeFw0w +NTA2MjIwMDAwMDBaFw0zMDA2MjEyMzU5NTlaMIGuMQswCQYDVQQGEwJERTEgMB4GA1UECBMXQmFk +ZW4tV3VlcnR0ZW1iZXJnIChCVykxEjAQBgNVBAcTCVN0dXR0Z2FydDEpMCcGA1UEChMgRGV1dHNj +aGVyIFNwYXJrYXNzZW4gVmVybGFnIEdtYkgxPjA8BgNVBAMTNVMtVFJVU1QgQXV0aGVudGljYXRp +b24gYW5kIEVuY3J5cHRpb24gUm9vdCBDQSAyMDA1OlBOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEA2bVKwdMz6tNGs9HiTNL1toPQb9UY6ZOvJ44TzbUlNlA0EmQpoVXhOmCTnijJ4/Ob +4QSwI7+Vio5bG0F/WsPoTUzVJBY+h0jUJ67m91MduwwA7z5hca2/OnpYH5Q9XIHV1W/fuJvS9eXL +g3KSwlOyggLrra1fFi2SU3bxibYs9cEv4KdKb6AwajLrmnQDaHgTncovmwsdvs91DSaXm8f1Xgqf +eN+zvOyauu9VjxuapgdjKRdZYgkqeQd3peDRF2npW932kKvimAoA0SVtnteFhy+S8dF2g08LOlk3 +KC8zpxdQ1iALCvQm+Z845y2kuJuJja2tyWp9iRe79n+Ag3rm7QIDAQABo4GSMIGPMBIGA1UdEwEB +/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFTVFJv +bmxpbmUxLTIwNDgtNTAdBgNVHQ4EFgQUD8oeXHngovMpttKFswtKtWXsa1IwHwYDVR0jBBgwFoAU +D8oeXHngovMpttKFswtKtWXsa1IwDQYJKoZIhvcNAQEFBQADggEBAK8B8O0ZPCjoTVy7pWMciDMD +pwCHpB8gq9Yc4wYfl35UvbfRssnV2oDsF9eK9XvCAPbpEW+EoFolMeKJ+aQAPzFoLtU96G7m1R08 +P7K9n3frndOMusDXtk3sU5wPBG7qNWdX4wple5A64U8+wwCSersFiXOMy6ZNwPv2AtawB6MDwidA +nwzkhYItr5pCHdDHjfhA7p0GVxzZotiAFP7hYy0yh9WUUpY6RsZxlj33mA6ykaqP2vROJAA5Veit +F7nTNCtKqUDMFypVZUF0Qn71wK/Ik63yGFs9iQzbRzkk+OBM8h+wPQrKBU6JIRrjKpms/H+h8Q8b +Hz2eBIPdltkdOpQ= +-----END CERTIFICATE----- + Microsec e-Szigno Root CA ========================= -----BEGIN CERTIFICATE----- @@ -2200,6 +2475,28 @@ dyd1Lx+4ivn+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU Cm26OWMohpLzGITY+9HPBVZkVw== -----END CERTIFICATE----- +ComSign CA +========== +-----BEGIN CERTIFICATE----- +MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0MRMwEQYDVQQD +EwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQGEwJJTDAeFw0wNDAzMjQxMTMy +MThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMTCkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNp +Z24xCzAJBgNVBAYTAklMMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49q +ROR+WCf4C9DklBKK8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTy +P2Q298CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb2CEJKHxN +GGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxCejVb7Us6eva1jsz/D3zk +YDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7KpiXd3DTKaCQeQzC6zJMw9kglcq/QytNuEM +rkvF7zuZ2SOzW120V+x0cAwqTwIDAQABo4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAy +oDCgLoYsaHR0cDovL2ZlZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0P +AQH/BAQDAgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRLAZs+ +VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWdfoPPbrxHbvUanlR2 +QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0McXS6hMTXcpuEfDhOZAYnKuGntewI +mbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb +/627HOkthIDYIb6FUtnUdLlphbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VG +zT2ouvDzuFYkRes3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U +AGegcQCCSA== +-----END CERTIFICATE----- + ComSign Secured CA ================== -----BEGIN CERTIFICATE----- @@ -2748,6 +3045,22 @@ MCwXEGCSn1WHElkQwg9naRHMTh5+Spqtr0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3o tkYNbn5XOmeUwssfnHdKZ05phkOTOPu220+DkdRgfks+KzgHVZhepA== -----END CERTIFICATE----- +Verisign Class 1 Public Primary Certification Authority +======================================================= +-----BEGIN CERTIFICATE----- +MIICPDCCAaUCED9pHoGc8JpK83P/uUii5N0wDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCVVMx +FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5 +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVow +XzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAx +IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0fzGVuDLDQ +VoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHiTkVWaR94AoDa3EeRKbs2 +yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFgVKTk8d6Pa +XCUDfGD67gmZPCcQcMgMCeazh88K4hiWNWLMv5sneYlfycQJ9M61Hd8qveXbhpxoJeUwfLaJFf5n +0a3hUKw8fGJLj7qE1xIVGx/KXQ/BUpQqEZnae88MNhPVNdwQGVnqlMEAv3WP2fr9dgTbYruQagPZ +RjXZ+Hxb +-----END CERTIFICATE----- + Verisign Class 3 Public Primary Certification Authority ======================================================= -----BEGIN CERTIFICATE----- @@ -3329,3 +3642,254 @@ l+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOSAgu+TGbrIP65y7WZf+a2 E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xlnJ2lYJU6Un/10asIbvPuW/mIPX64b24D 5EI= -----END CERTIFICATE----- + +Hellenic Academic and Research Institutions RootCA 2011 +======================================================= +-----BEGIN CERTIFICATE----- +MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1IxRDBCBgNVBAoT +O0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9y +aXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z +IFJvb3RDQSAyMDExMB4XDTExMTIwNjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYT +AkdSMUQwQgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z +IENlcnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNo +IEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPzdYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI +1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJfel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa +71HFK9+WXesyHgLacEnsbgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u +8yBRQlqD75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSPFEDH +3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNVHRMBAf8EBTADAQH/ +MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp5dgTBCPuQSUwRwYDVR0eBEAwPqA8 +MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQub3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQu +b3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVt +XdMiKahsog2p6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 +TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7dIsXRSZMFpGD +/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8AcysNnq/onN694/BtZqhFLKPM58N +7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXIl7WdmplNsDz4SgCbZN2fOUvRJ9e4 +-----END CERTIFICATE----- + +Actalis Authentication Root CA +============================== +-----BEGIN CERTIFICATE----- +MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCSVQxDjAM +BgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UE +AwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDky +MjExMjIwMlowazELMAkGA1UEBhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlz +IFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 +IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNvUTufClrJ +wkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX4ay8IMKx4INRimlNAJZa +by/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9KK3giq0itFZljoZUj5NDKd45RnijMCO6 +zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1f +YVEiVRvjRuPjPdA1YprbrxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2 +oxgkg4YQ51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2Fbe8l +EfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxeKF+w6D9Fz8+vm2/7 +hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4Fv6MGn8i1zeQf1xcGDXqVdFUNaBr8 +EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbnfpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5 +jF66CyCU3nuDuP/jVo23Eek7jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLY +iDrIn3hm7YnzezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt +ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQALe3KHwGCmSUyI +WOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70jsNjLiNmsGe+b7bAEzlgqqI0 +JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDzWochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKx +K3JCaKygvU5a2hi/a5iB0P2avl4VSM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+ +Xlff1ANATIGk0k9jpwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC +4yyXX04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+OkfcvHlXHo +2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7RK4X9p2jIugErsWx0Hbhz +lefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btUZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXem +OR/qnuOf0GZvBeyqdn6/axag67XH/JJULysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9 +vwGYT7JZVEc+NHt4bVaTLnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== +-----END CERTIFICATE----- + +Trustis FPS Root CA +=================== +-----BEGIN CERTIFICATE----- +MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQG +EwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQLExNUcnVzdGlzIEZQUyBSb290 +IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTExMzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNV +BAoTD1RydXN0aXMgTGltaXRlZDEcMBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQ +RUN+AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihHiTHcDnlk +H5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjjvSkCqPoc4Vu5g6hBSLwa +cY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zt +o3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlBOrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEA +AaNTMFEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAd +BgNVHQ4EFgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01GX2c +GE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmWzaD+vkAMXBJV+JOC +yinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP41BIy+Q7DsdwyhEQsb8tGD+pmQQ9P +8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZEf1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHV +l/9D7S3B2l0pKoU/rGXuhg8FjZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYl +iB6XzCGcKQENZetX2fNXlrtIzYE= +-----END CERTIFICATE----- + +StartCom Certification Authority +================================ +-----BEGIN CERTIFICATE----- +MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN +U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu +ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 +NjM3WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk +LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg +U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y +o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ +Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d +eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt +2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z +6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ +osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ +untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc +UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT +37uMdBNSSwIDAQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD +VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFulF2mHMMo0aEPQ +Qa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCCATgwLgYIKwYBBQUHAgEWImh0 +dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu +c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENv +bW1lcmNpYWwgKFN0YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0 +aGUgc2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0aWZpY2F0 +aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93d3cuc3RhcnRzc2wuY29t +L3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBG +cmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5 +fPGFf59Jb2vKXfuM/gTFwWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWm +N3PH/UvSTa0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst0OcN +Org+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNcpRJvkrKTlMeIFw6T +tn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKlCcWw0bdT82AUuoVpaiF8H3VhFyAX +e2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVFP0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA +2MFrLH9ZXF2RsXAiV+uKa0hK1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBs +HvUwyKMQ5bLmKhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE +JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ8dCAWZvLMdib +D4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnmfyWl8kgAwKQB2j8= +-----END CERTIFICATE----- + +StartCom Certification Authority G2 +=================================== +-----BEGIN CERTIFICATE----- +MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMN +U3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg +RzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UE +ChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8O +o1XJJZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsDvfOpL9HG +4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnooD/Uefyf3lLE3PbfHkffi +Aez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/Q0kGi4xDuFby2X8hQxfqp0iVAXV16iul +Q5XqFYSdCI0mblWbq9zSOdIxHWDirMxWRST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbs +O+wmETRIjfaAKxojAuuKHDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8H +vKTlXcxNnw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM0D4L +nMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/iUUjXuG+v+E5+M5iS +FGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9Ha90OrInwMEePnWjFqmveiJdnxMa +z6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHgTuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJ +KoZIhvcNAQELBQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K +2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfXUfEpY9Z1zRbk +J4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl6/2o1PXWT6RbdejF0mCy2wl+ +JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG +/+gyRr61M3Z3qAFdlsHB1b6uJcDJHgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTc +nIhT76IxW1hPkWLIwpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/Xld +blhYXzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5lIxKVCCIc +l85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoohdVddLHRDiBYmxOlsGOm +7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulrso8uBtjRkcfGEvRM/TAXw8HaOFvjqerm +obp573PYtlNXLfbQ4ddI +-----END CERTIFICATE----- + +Buypass Class 2 Root CA +======================= +-----BEGIN CERTIFICATE----- +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU +QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMiBSb290IENBMB4X +DTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1owTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 +eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1 +g1Lr6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPVL4O2fuPn +9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC911K2GScuVr1QGbNgGE41b +/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHxMlAQTn/0hpPshNOOvEu/XAFOBz3cFIqU +CqTqc/sLUegTBxj6DvEr0VQVfTzh97QZQmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeff +awrbD02TTqigzXsu8lkBarcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgI +zRFo1clrUs3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLiFRhn +Bkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRSP/TizPJhk9H9Z2vX +Uq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN9SG9dKpN6nIDSdvHXx1iY8f93ZHs +M+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxPAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD +VR0OBBYEFMmAd+BikoL1RpzzuvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF +AAOCAgEAU18h9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s +A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3tOluwlN5E40EI +osHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo+fsicdl9sz1Gv7SEr5AcD48S +aq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYd +DnkM/crqJIByw5c/8nerQyIKx+u2DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWD +LfJ6v9r9jv6ly0UsH8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0 +oyLQI+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK75t98biGC +wWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h3PFaTWwyI0PurKju7koS +CTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPzY11aWOIv4x3kqdbQCtCev9eBCfHJxyYN +rJgWVqA= +-----END CERTIFICATE----- + +Buypass Class 3 Root CA +======================= +-----BEGIN CERTIFICATE----- +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU +QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMyBSb290IENBMB4X +DTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFowTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 +eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRH +sJ8YZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3EN3coTRiR +5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9tznDDgFHmV0ST9tD+leh +7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX0DJq1l1sDPGzbjniazEuOQAnFN44wOwZ +ZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH +2xc519woe2v1n/MuwU8XKhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV +/afmiSTYzIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvSO1UQ +RwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D34xFMFbG02SrZvPA +Xpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgPK9Dx2hzLabjKSWJtyNBjYt1gD1iq +j6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD +VR0OBBYEFEe4zf/lb+74suwvTg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF +AAOCAgEAACAjQTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV +cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXSIGrs/CIBKM+G +uIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2HJLw5QY33KbmkJs4j1xrG0aG +Q0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsaO5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8 +ZORK15FTAaggiG6cX0S5y2CBNOxv033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2 +KSb12tjE8nVhz36udmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz +6MkEkbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg413OEMXbug +UZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvDu79leNKGef9JOxqDDPDe +eOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq4/g7u9xN12TyUb7mqqta6THuBrxzvxNi +Cp/HuZc= +-----END CERTIFICATE----- + +T-TeleSec GlobalRoot Class 3 +============================ +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoM +IlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBU +cnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgx +MDAxMTAyOTU2WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lz +dGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBD +ZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN8ELg63iIVl6bmlQdTQyK +9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/RLyTPWGrTs0NvvAgJ1gORH8EGoel15YU +NpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZF +iP0Zf3WHHx+xGwpzJFu5ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W +0eDrXltMEnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGjQjBA +MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1A/d2O2GCahKqGFPr +AyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOyWL6ukK2YJ5f+AbGwUgC4TeQbIXQb +fsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzT +ucpH9sry9uetuUg/vBa3wW306gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7h +P0HHRwA11fXT91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml +e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4pTpPDpFQUWw== +-----END CERTIFICATE----- + +EE Certification Centre Root CA +=============================== +-----BEGIN CERTIFICATE----- +MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQG +EwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEoMCYGA1UEAwwfRUUgQ2Vy +dGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYGCSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIw +MTAxMDMwMTAxMDMwWhgPMjAzMDEyMTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlB +UyBTZXJ0aWZpdHNlZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRy +ZSBSb290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUyeuuOF0+W2Ap7kaJjbMeM +TC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvObntl8jixwKIy72KyaOBhU8E2lf/slLo2 +rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIwWFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw +93X2PaRka9ZP585ArQ/dMtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtN +P2MbRMNE1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYDVR0T +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/zQas8fElyalL1BSZ +MEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEF +BQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEFBQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+Rj +xY6hUFaTlrg4wCQiZrxTFGGVv9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqM +lIpPnTX/dqQGE5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u +uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIWiAYLtqZLICjU +3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/vGVCJYMzpJJUPwssd8m92kMfM +dcGWxZ0= +-----END CERTIFICATE----- diff --git a/source/n/curl/curl-7.27.0_curl-config_syntax_fix.diff b/source/n/curl/curl-7.27.0_curl-config_syntax_fix.diff deleted file mode 100644 index 42509c848..000000000 --- a/source/n/curl/curl-7.27.0_curl-config_syntax_fix.diff +++ /dev/null @@ -1,15 +0,0 @@ -diff -ru curl-7.27.0.orig/curl-config.in curl-7.27.0/curl-config.in ---- curl-7.27.0.orig/curl-config.in 2012-05-25 16:56:17.000000000 -0500 -+++ curl-7.27.0/curl-config.in 2012-08-17 12:01:44.000000000 -0500 -@@ -135,9 +135,9 @@ - CPPFLAG_CURL_STATICLIB="" - fi - if test "X@includedir@" = "X/usr/include"; then -- echo "$(CPPFLAG_CURL_STATICLIB)" -+ echo "${CPPFLAG_CURL_STATICLIB}" - else -- echo "$(CPPFLAG_CURL_STATICLIB)-I@includedir@" -+ echo "${CPPFLAG_CURL_STATICLIB}-I@includedir@" - fi - ;; - diff --git a/source/n/curl/curl.SlackBuild b/source/n/curl/curl.SlackBuild index fd67ff4ce..16535a4eb 100755 --- a/source/n/curl/curl.SlackBuild +++ b/source/n/curl/curl.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,8 +22,8 @@ PKGNAM=curl -VERSION=${VERSION:-$(echo curl-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +VERSION=${VERSION:-$(echo curl-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -62,11 +62,9 @@ rm -rf $PKG mkdir -p $PKG cd $TMP rm -rf curl-$VERSION -tar xvf $CWD/curl-$VERSION.tar.?z* || exit 1 +tar xvf $CWD/curl-$VERSION.tar.bz2 || exit 1 cd curl-$VERSION -zcat $CWD/curl-7.27.0_curl-config_syntax_fix.diff.gz | patch -p1 --verbose || exit 1 - chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff b/source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff new file mode 100644 index 000000000..2cbb48605 --- /dev/null +++ b/source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff @@ -0,0 +1,105 @@ +From 0626e86d2e1d0be63a56918371a15d98cfad19d1 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Tue, 9 Jul 2013 +Subject: Handle NULL returns from glibc 2.17+ crypt(). + +Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL +(w/ NULL return) if the salt violates specifications. Additionally, +on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords +passed to crypt() fail with EPERM (w/ NULL return). + +When using glibc's crypt(), check return value to avoid a possible +NULL pointer dereference. +--- + pwcheck/pwcheck_getpwnam.c | 3 ++- + pwcheck/pwcheck_getspnam.c | 3 ++- + saslauthd/auth_getpwent.c | 3 ++- + saslauthd/auth_shadow.c | 7 ++----- + 4 files changed, 8 insertions(+), 8 deletions(-) + +--- a/pwcheck/pwcheck_getpwnam.c ++++ b/pwcheck/pwcheck_getpwnam.c +@@ -32,6 +32,7 @@ extern char *crypt(); + char *password; + { + char* r; ++ char* crpt_passwd; + struct passwd *pwd; + + pwd = getpwnam(userid); +@@ -41,7 +42,7 @@ char *password; + else if (pwd->pw_passwd[0] == '*') { + r = "Account disabled"; + } +- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { ++ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) { + r = "Incorrect password"; + } + else { +--- a/pwcheck/pwcheck_getspnam.c ++++ b/pwcheck/pwcheck_getspnam.c +@@ -30,6 +30,7 @@ extern char *crypt(); + char *pwcheck(userid, password) + char *userid; + char *password; ++char *crpt_passwd; + { + struct spwd *pwd; + +@@ -38,7 +39,7 @@ char *password; + return "Userid not found"; + } + +- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) { ++ if (!(crpt_passwd = crypt(password, pwd->sp_pwdp)) || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) { + return "Incorrect password"; + } + else { +--- a/saslauthd/auth_getpwent.c ++++ b/saslauthd/auth_getpwent.c +@@ -70,6 +70,7 @@ auth_getpwent ( + { + /* VARIABLES */ + struct passwd *pw; /* pointer to passwd file entry */ ++ char *crpt_passwd; /* encrypted password */ + /* END VARIABLES */ + + pw = getpwnam(login); +@@ -79,7 +80,7 @@ auth_getpwent ( + RETURN("NO"); + } + +- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { ++ if (!(crpt_passwd = crypt(password, pw->pw_passwd)) || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) { + RETURN("NO"); + } + +--- a/saslauthd/auth_shadow.c ++++ b/saslauthd/auth_shadow.c +@@ -180,16 +180,13 @@ auth_shadow ( + * not returning any information about a login until we have validated + * the password. + */ +- cpw = strdup((const char *)crypt(password, sp->sp_pwdp)); +- if (strcmp(sp->sp_pwdp, cpw)) { ++ if (!(cpw = crypt(password, sp->sp_pwdp)) || strcmp(sp->sp_pwdp, (const char *)cpw)) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'", + sp->sp_pwdp, cpw); + } +- free(cpw); + RETURN("NO"); + } +- free(cpw); + + /* + * The following fields will be set to -1 if: +@@ -251,7 +250,7 @@ auth_shadow ( + RETURN("NO"); + } + +- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) { ++ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s", + password, upw->upw_passwd); diff --git a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild index eea8e1905..c47821d55 100755 --- a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild +++ b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,7 +22,7 @@ PKGNAM=cyrus-sasl VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-4} +BUILD=${BUILD:-5} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -62,6 +62,9 @@ cd cyrus-sasl-$VERSION || exit 1 # Fix compiling: zcat $CWD/cyrus-sasl.bad_elif.diff.gz | patch -p1 --verbose || exit 1 +# Fix for glibc-2.17 crypt() NULL return: +zcat $CWD/cyrus-sasl-2.1.23-glibc217-crypt.diff.gz | patch -p1 --verbose || exit 1 + chown -R root:root . find . -perm 777 -exec chmod 755 {} \; find . -perm 664 -exec chmod 644 {} \; diff --git a/source/n/cyrus-sasl/rc.saslauthd b/source/n/cyrus-sasl/rc.saslauthd index 8b69a710c..8a01ac65e 100644 --- a/source/n/cyrus-sasl/rc.saslauthd +++ b/source/n/cyrus-sasl/rc.saslauthd @@ -3,7 +3,7 @@ # # saslauthd is a daemon process that handles plaintext authentication # requests on behalf of the SASL library. The CMU Cyrus SASL library -# is a general purpose authentication library for sever and client +# is a general purpose authentication library for server and client # applications. It is mostly used to authenticate to mail servers. # # saslauthd should be started from the system boot scripts when going diff --git a/source/n/dhcpcd/define-SERVICEstuff-for-Slackware.patch b/source/n/dhcpcd/define-SERVICEstuff-for-Slackware.patch deleted file mode 100644 index ca0273f36..000000000 --- a/source/n/dhcpcd/define-SERVICEstuff-for-Slackware.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 293f23ad36f2c84cf67c483d944157834f4417a6 Mon Sep 17 00:00:00 2001 -From: Robby Workman <rworkman@slackware.com> -Date: Wed, 23 May 2012 21:33:30 -0500 -Subject: [PATCH] configure: Define SERVICE* for Slackware - -Slackware uses /etc/rc.d/rc.$service instead of just $service, -so configure doesn't find those. This patch overrides the -defaults for SERVICEEXISTS, SERVICECMD, and SERVICESTATUS. ---- - configure | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/configure b/configure -index b334497..e6554ca 100755 ---- a/configure -+++ b/configure -@@ -413,6 +413,12 @@ if [ -z "$SERVICECMD" ]; then - fi - done - fi -+if [ -e /etc/slackware-version ]; then -+ echo "Overriding service status check for Slackware Linux" -+ SERVICEEXISTS="[ -x /etc/rc.d/rc.\$1 ]" -+ SERVICECMD="/etc/rc.d/rc.\$1 \$2" -+ SERVICESTATUS="/etc/rc.d/rc.\$1 status 1>/dev/null 2>&1" -+fi - if [ -e /etc/arch-release ]; then - echo "Overriding service status check for Arch Linux" - SERVICESTATUS="[ -e /var/run/daemons/\$1 ]" --- -1.7.10.1 - diff --git a/source/n/dhcpcd/dhcpcd.SlackBuild b/source/n/dhcpcd/dhcpcd.SlackBuild index 15f14e2fb..f91966586 100755 --- a/source/n/dhcpcd/dhcpcd.SlackBuild +++ b/source/n/dhcpcd/dhcpcd.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,7 +22,7 @@ VERSION=${VERSION:-$(echo dhcpcd-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -67,13 +67,14 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; +patch -p1 < $CWD/patches/Actually-validate-the-search-list.patch || exit 1 +patch -p1 < $CWD/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch || exit 1 + # At this point, it should be safe to assume that /var will be mounted by the # time dhcpcd is called, as all non-root local filesystems are mounted from # /etc/rc.d/rc.S, and /var should not be on a network filesystem. As such, # we'll use the FHS layout instead of putting things in /etc/dhcpc -zcat $CWD/define-SERVICEstuff-for-Slackware.patch.gz | patch -p1 || exit 1 - # Yes, /lib/dhcpcd is correct, even on x86_64. CFLAGS="$SLKCFLAGS" \ ./configure \ diff --git a/source/n/dhcpcd/patches/Actually-validate-the-search-list.patch b/source/n/dhcpcd/patches/Actually-validate-the-search-list.patch new file mode 100644 index 000000000..3d84a6d61 --- /dev/null +++ b/source/n/dhcpcd/patches/Actually-validate-the-search-list.patch @@ -0,0 +1,25 @@ +From 118b94bdffca7e33a5e0d6b596eb7e51e7109e68 Mon Sep 17 00:00:00 2001 +From: Roy Marples <roy@marples.name> +Date: Tue, 6 Aug 2013 12:34:08 +0100 +Subject: [PATCH 1/2] Actually validate the search list. Fixes #280 + +--- + dhcpcd-hooks/20-resolv.conf | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/dhcpcd-hooks/20-resolv.conf b/dhcpcd-hooks/20-resolv.conf +index d0dce41..05316c9 100644 +--- a/dhcpcd-hooks/20-resolv.conf ++++ b/dhcpcd-hooks/20-resolv.conf +@@ -115,7 +115,7 @@ add_resolv_conf() + if [ -n "$new_domain_search" -a \ + "$new_domain_search" != "$new_domain_name" ] + then +- if valid_domainname_list; then ++ if valid_domainname_list $new_domain_search; then + conf="${conf}search $new_domain_search$NL" + else + syslog err "Invalid domain name in list: $new_domain_search" +-- +1.8.3.2 + diff --git a/source/n/dhcpcd/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch b/source/n/dhcpcd/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch new file mode 100644 index 000000000..464d54bd9 --- /dev/null +++ b/source/n/dhcpcd/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch @@ -0,0 +1,26 @@ +From d968ff96e1e4354c591e49fe79b4f4ce0e553f61 Mon Sep 17 00:00:00 2001 +From: Robby Workman <rworkman@slackware.com> +Date: Sun, 11 Aug 2013 23:12:57 -0500 +Subject: [PATCH 2/2] dhcpcd.conf: Don't invoke wpa_supplicant by default + +Slackware's network init script (rc.inet1) and/or +NetworkManager itself handles this just fine. +--- + dhcpcd.conf | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/dhcpcd.conf b/dhcpcd.conf +index 349c6f2..30aacca 100644 +--- a/dhcpcd.conf ++++ b/dhcpcd.conf +@@ -30,3 +30,7 @@ require dhcp_server_identifier + # A hook script is provided to lookup the hostname if not set by the DHCP + # server, but it should not be run by default. + nohook lookup-hostname ++ ++# We run wpa_supplicant from rc.inet1 and/or NM handles it on its own ++nohook wpa_supplicant ++ +-- +1.8.3.2 + diff --git a/source/n/ebtables/doinst.sh b/source/n/ebtables/doinst.sh new file mode 100644 index 000000000..092a869b6 --- /dev/null +++ b/source/n/ebtables/doinst.sh @@ -0,0 +1,15 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/ethertypes.new + diff --git a/source/n/ebtables/ebtables.SlackBuild b/source/n/ebtables/ebtables.SlackBuild new file mode 100755 index 000000000..056ad4296 --- /dev/null +++ b/source/n/ebtables/ebtables.SlackBuild @@ -0,0 +1,104 @@ +#!/bin/sh + +# Slackware build script for ebtables + +# Copyright 2011, mario <mario@slackverse.org> +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=ebtables +VERSION=${VERSION:-2.0.10} +BUILD=${BUILD:-1} + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i486 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-v$VERSION-4 +tar xvf $CWD/$PKGNAM-v$VERSION-4.tar.xz || exit 1 +cd $PKGNAM-v$VERSION-4 || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Set our CFLAGS and avoid a "warning-as-error" that breaks build +sed -i \ + -e "s|-fPIC -O3|${SLKCFLAGS}|" \ + -e "s|-Wunused|-Wno-error=unused-but-set-variable|" \ + Makefile + +make -j 4 || exit 1 + +make install \ + DESTDIR=$PKG \ + LIBDIR=/usr/lib${LIBDIRSUFFIX} \ + MANDIR=/usr/man \ + BINDIR=/usr/sbin \ + ETCDIR=/etc \ + INITDIR=/etc/rc.d/init.d \ + SYSCONFIGDIR=/etc/sysconfig || exit 1 + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done + +mv $PKG/etc/ethertypes $PKG/etc/ethertypes.new + +# Remove Red Hat junk: +rm -rf $PKG/etc/rc.d $PKG/etc/sysconfig + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING* ChangeLog INSTALL THANKS $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/ebtables/slack-desc b/source/n/ebtables/slack-desc new file mode 100644 index 000000000..11a036a0e --- /dev/null +++ b/source/n/ebtables/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +ebtables: ebtables (Ethernet frame filtering on a Linux bridge) +ebtables: +ebtables: The ebtables utility enables basic Ethernet frame filtering on a +ebtables: Linux bridge, logging, MAC NAT and brouting. It only provides basic +ebtables: IP filtering, the full-fledged IP filtering on a Linux bridge is +ebtables: done with iptables. +ebtables: +ebtables: Homepage: http://ebtables.sourceforge.net/ +ebtables: +ebtables: +ebtables: diff --git a/source/n/epic5/epic5.SlackBuild b/source/n/epic5/epic5.SlackBuild index b3b483af6..095e8f357 100755 --- a/source/n/epic5/epic5.SlackBuild +++ b/source/n/epic5/epic5.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,7 +20,8 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.1.3 +PKGNAM=epic5 +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} EPICVER=5 HELPFILE=current BUILD=${BUILD:-1} @@ -39,12 +40,16 @@ NUMJOBS=${NUMJOBS:-" -j7 "} if [ "$ARCH" = "i486" ]; then SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" + LIBDIRSUFFIX="" elif [ "$ARCH" = "x86_64" ]; then SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" else SLKCFLAGS="-O2" + LIBDIRSUFFIX="" fi CWD=$(pwd) @@ -55,7 +60,7 @@ rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf epic${EPICVER}-$VERSION -tar xvf $CWD/epic${EPICVER}-$VERSION.tar.?z* || exit 1 +tar xvf $CWD/epic${EPICVER}-$VERSION.tar.xz || exit 1 cd epic${EPICVER}-$VERSION || exit 1 chown -R root:root . find . \ @@ -67,6 +72,7 @@ find . \ CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ + --with-tcl=/usr/lib${LIBDIRSUFFIX}/tclConfig.sh \ --build=$ARCH-slackware-linux make $NUMJOBS || make || exit 1 diff --git a/source/n/ethtool/ethtool-3.10.tar.sign b/source/n/ethtool/ethtool-3.10.tar.sign new file mode 100644 index 000000000..11d803c55 --- /dev/null +++ b/source/n/ethtool/ethtool-3.10.tar.sign @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.13 (GNU/Linux) + +iQEcBAABAgAGBQJR0ayaAAoJEGkILBsOca601+MH/0RBWsj7W+Co1ZC7IdvH+4NB +mQkJsZYxFuaN4hj9uOBnlg1GntOvo1PLEeu1vp1Id+jnak0GQ+a+funNMF1Qplq4 +sfHdKKrPseM3Jhxx+pG0Ai+ANrEvOCaxw5my2huBzvw5IAfCmXVKhXOV4a5xSJfC +4YgfGwFP/x8GV9+AiBxU6I5tfX0BLlg5cZhrKLoeQXTGBdc3uvaiXbef9tW4eG3g +nhei/J+ekHRAfQtvcAUEfVr2VciKhx+G4il6OaZ3JBM94XFuOozzuAxRs23sWNlp +oeS0W9BkENTqiZA6qxUMBCdHrlK046aM1Mt9JdIaWwU0UV5ATvHnVjJDURdUC/w= +=x5fp +-----END PGP SIGNATURE----- diff --git a/source/n/gnupg/gnupg.SlackBuild b/source/n/gnupg/gnupg.SlackBuild index 073106971..8cd3f0254 100755 --- a/source/n/gnupg/gnupg.SlackBuild +++ b/source/n/gnupg/gnupg.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,7 +20,8 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.4.12 +PKGNAM=gnupg +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: diff --git a/source/n/gnutls/gnutls.SlackBuild b/source/n/gnutls/gnutls.SlackBuild index c73dc5745..52acab6dd 100755 --- a/source/n/gnutls/gnutls.SlackBuild +++ b/source/n/gnutls/gnutls.SlackBuild @@ -91,6 +91,7 @@ CXXFLAGS="$SLKCFLAGS" \ --infodir=/usr/info \ --mandir=/usr/man \ --enable-static=no \ + --disable-rpath \ --with-included-libtasn1 \ --build=$ARCH-slackware-linux \ --host=$ARCH-slackware-linux diff --git a/source/n/httpd/httpd.SlackBuild b/source/n/httpd/httpd.SlackBuild index 1d043f743..249d8fc67 100755 --- a/source/n/httpd/httpd.SlackBuild +++ b/source/n/httpd/httpd.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is diff --git a/source/n/httpd/httpd.url b/source/n/httpd/httpd.url index 3fabb916f..dc1231b45 100644 --- a/source/n/httpd/httpd.url +++ b/source/n/httpd/httpd.url @@ -1,2 +1,2 @@ -http://www.apache.org/dist/httpd/httpd-2.4.3.tar.bz2 -http://www.apache.org/dist/httpd/httpd-2.4.3.tar.bz2.asc +http://www.apache.org/dist/httpd/httpd-2.4.6.tar.bz2 +http://www.apache.org/dist/httpd/httpd-2.4.6.tar.bz2.asc diff --git a/source/n/iproute2/fixup-for-x86_64.diff b/source/n/iproute2/fixup-for-x86_64.diff deleted file mode 100644 index 3f5e1a239..000000000 --- a/source/n/iproute2/fixup-for-x86_64.diff +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nur iproute2-3.4.0.orig/configure iproute2-3.4.0/configure ---- iproute2-3.4.0.orig/configure 2012-05-21 16:12:19.000000000 -0500 -+++ iproute2-3.4.0/configure 2012-05-23 19:15:58.548350916 -0500 -@@ -149,7 +149,7 @@ - check_ipt_lib_dir() - { - IPT_LIB_DIR="" -- for dir in /lib /usr/lib /usr/local/lib -+ for dir in /lib64 /usr/lib64 /usr/local/lib64 - do - for file in $dir/{xtables,iptables}/lib*t_*so ; do - if [ -f $file ]; then diff --git a/source/n/iproute2/iproute2-3.10.0.tar.sign b/source/n/iproute2/iproute2-3.10.0.tar.sign Binary files differnew file mode 100644 index 000000000..48ea348cd --- /dev/null +++ b/source/n/iproute2/iproute2-3.10.0.tar.sign diff --git a/source/n/iproute2/iproute2.SlackBuild b/source/n/iproute2/iproute2.SlackBuild index 9854a2d83..40ce12587 100755 --- a/source/n/iproute2/iproute2.SlackBuild +++ b/source/n/iproute2/iproute2.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2005-2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2005-2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,7 +20,7 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=3.4.0 +VERSION=${VERSION:-3.10.0} BUILD=${BUILD:-2} #NUMJOBS=${NUMJOBS:-" -j7 "} @@ -67,9 +67,6 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# Fix up path iptables libs -zcat $CWD/fixup-for-x86_64.diff.gz | patch -p1 || exit 1 - ./configure # This is okay, really :-) make \ @@ -78,7 +75,7 @@ make \ CONFDIR=/etc/iproute2 \ DOCDIR=/usr/doc/iproute2-$VERSION \ MANDIR=/usr/man \ - DBM_INCLUDE=/usr/include/db44 \ + DBM_INCLUDE=/usr/include/db48 \ $NUMJOBS || exit 1 make install \ @@ -86,7 +83,7 @@ make install \ CONFDIR=/etc/iproute2 \ DOCDIR=/usr/doc/iproute2-$VERSION \ MANDIR=/usr/man \ - DBM_INCLUDE=/usr/include/db44 \ + DBM_INCLUDE=/usr/include/db48 \ DESTDIR=$PKG || exit 1 mkdir -p $PKG/usr diff --git a/source/n/ipset/ipset.SlackBuild b/source/n/ipset/ipset.SlackBuild new file mode 100755 index 000000000..438ebe5cc --- /dev/null +++ b/source/n/ipset/ipset.SlackBuild @@ -0,0 +1,117 @@ +#!/bin/sh + +# Slackware build script for ipset + +# Copyright 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=ipset +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + COPYING ChangeLog* INSTALL README UPGRADE \ + $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/ipset/slack-desc b/source/n/ipset/slack-desc new file mode 100644 index 000000000..8a9e83fcc --- /dev/null +++ b/source/n/ipset/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +ipset: ipset (administration tool for kernel IP sets) +ipset: +ipset: IP sets are a Linux kernel framework administered by the ipset +ipset: utility. Depending on the type, currently an IP set may store IP +ipset: addresses, (TCP/UDP) port numbers, or IP addresses with MAC addresses +ipset: in a way which ensures lightning speed when matching an entry against +ipset: a set. +ipset: +ipset: Homepage: http://ipset.netfilter.org/ +ipset: +ipset: diff --git a/source/n/iptables/iptables.SlackBuild b/source/n/iptables/iptables.SlackBuild index 26f3d922e..5f6c4a080 100755 --- a/source/n/iptables/iptables.SlackBuild +++ b/source/n/iptables/iptables.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -58,7 +58,8 @@ mkdir -p $TMP $PKG cd $TMP rm -rf iptables-$VERSION tar xvf $CWD/iptables-$VERSION.tar.?z* || exit 1 -cd iptables-$VERSION +cd iptables-$VERSION || exit 1 + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -74,8 +75,9 @@ CFLAGS="$SLKCFLAGS" \ --docdir=/usr/doc/iptables-$VERSION \ --enable-devel \ --enable-libipq \ + --enable-bpf-compiler \ --disable-static \ - --build=$ARCH-slackware-linux + --build=$ARCH-slackware-linux || exit 1 make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 diff --git a/source/n/iptraf-ng/iptraf-ng.SlackBuild b/source/n/iptraf-ng/iptraf-ng.SlackBuild index c2841c069..65dbe2612 100755 --- a/source/n/iptraf-ng/iptraf-ng.SlackBuild +++ b/source/n/iptraf-ng/iptraf-ng.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,7 +23,7 @@ PKGNAM=iptraf-ng VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -72,6 +72,7 @@ find . \ CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ + --sbindir=/usr/sbin \ --sysconfdir=/etc \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --mandir=/usr/man \ @@ -82,12 +83,22 @@ CFLAGS="$SLKCFLAGS" \ make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 +# Make symlinks to the old names: +( cd $PKG/usr/sbin + ln -sf iptraf-ng iptraf + ln -sf rvnamed-ng rvnamed +) +( cd $PKG/usr/man/man8 + ln -sf iptraf-ng.8 iptraf.8 + ln -sf rvnamed-ng.8 rvnamed.8 +) + find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null -mkdir -p $PKG/var/lib/iptraf -mkdir -p $PKG//var/run/iptraf -mkdir -p $PKG/var/log/iptraf +mkdir -p $PKG/var/lib/iptraf-ng +mkdir -p $PKG/var/run/iptraf-ng +mkdir -p $PKG/var/log/iptraf-ng mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION cp -a \ diff --git a/source/n/iputils/iputils.SlackBuild b/source/n/iputils/iputils.SlackBuild index 2e087afc1..30f4a71ad 100755 --- a/source/n/iputils/iputils.SlackBuild +++ b/source/n/iputils/iputils.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,8 +20,8 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=s20101006 -BUILD=${BUILD:-2} +VERSION=s20121221 +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -54,7 +54,7 @@ mkdir -p $TMP $PKG cd $TMP rm -rf iputils-$VERSION -tar xvf $CWD/iputils-$VERSION.tar.bz2 || exit 1 +tar xvf $CWD/iputils-$VERSION.tar.?z* || exit 1 cd iputils-$VERSION || exit 1 chown -R root:root . @@ -67,13 +67,28 @@ find . \ make VPATH=/usr/lib${LIBDIRSUFFIX} || exit 1 ( cd doc ; make man || exit 1 ) || exit 1 -strip arping clockdiff ping ping6 rarpd rdisc tracepath tracepath6 traceroute6 +( cd ninfod + CFLAGS="$SLKCFLAGS" \ + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --disable-static \ + --build=$ARCH-slackware-linux + make +) + +strip arping clockdiff ninfod/ninfod ping ping6 rarpd rdisc tracepath tracepath6 traceroute6 mkdir -p $PKG/sbin cat arping > $PKG/sbin/arping chmod 755 $PKG/sbin/arping mkdir -p $PKG/usr/sbin cat clockdiff > $PKG/usr/sbin/clockdiff chmod 755 $PKG/usr/sbin/clockdiff +cat ninfod/ninfod > $PKG/usr/sbin/ninfod +chmod 755 $PKG/usr/sbin/ninfod mkdir -p $PKG/bin cat ping > $PKG/bin/ping cat ping6 > $PKG/bin/ping6 @@ -90,7 +105,7 @@ chmod 4711 $PKG/usr/bin/traceroute6 mkdir -p $PKG/usr/man/man8 ( cd doc - for file in arping clockdiff ping rarpd rdisc tracepath traceroute6 ; do + for file in arping clockdiff ninfod ping rarpd rdisc tracepath traceroute6 ; do cat $file.8 | gzip -9c > $PKG/usr/man/man8/$file.8.gz done cd $PKG/usr/man/man8 diff --git a/source/n/irssi/irssi.SlackBuild b/source/n/irssi/irssi.SlackBuild index 454f25833..59be8b1e9 100755 --- a/source/n/irssi/irssi.SlackBuild +++ b/source/n/irssi/irssi.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -27,7 +27,7 @@ PKG=$TMP/package-irssi VERSION=0.8.15 DIRCD=0.8.15 -BUILD=${BUILD:-6} +BUILD=${BUILD:-7} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/n/libmbim/libmbim.SlackBuild b/source/n/libmbim/libmbim.SlackBuild new file mode 100755 index 000000000..ce8661605 --- /dev/null +++ b/source/n/libmbim/libmbim.SlackBuild @@ -0,0 +1,130 @@ +#!/bin/sh + +# Slackware build script for libmbim + +# Copyright 2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libmbim +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --disable-gtk-doc \ + --disable-gtk-doc-html \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +# Since this thing won't listen: +rm -rf $PKG/usr/share/gtk-doc/html +rmdir $PKG/usr/share/gtk-doc 2> /dev/null +rmdir $PKG/usr/share 2> /dev/null + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a AUTHORS COPYING* NEWS README* $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + cat ChangeLog | head -n 1000 > $PKG/usr/doc/$PKGNAM-$VERSION/ChangeLog + touch -r ChangeLog $PKG/usr/doc/$PKGNAM-$VERSION/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libmbim/slack-desc b/source/n/libmbim/slack-desc new file mode 100644 index 000000000..8cbdf63a9 --- /dev/null +++ b/source/n/libmbim/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +libmbim: libmbim (MBIM library and utils) +libmbim: +libmbim: The Mobile Broadband Interface Model (MBIM) is a new standard to +libmbim: communicate with mobile broadband modem devices developed by the +libmbim: USB Implementors Forum. +libmbim: +libmbim: Homepage: http://www.freedesktop.org/software/libmbim/ +libmbim: +libmbim: +libmbim: +libmbim: diff --git a/source/n/libmnl/libmnl.SlackBuild b/source/n/libmnl/libmnl.SlackBuild new file mode 100755 index 000000000..d693bb371 --- /dev/null +++ b/source/n/libmnl/libmnl.SlackBuild @@ -0,0 +1,117 @@ +#!/bin/sh + +# Slackware build script for libmnl + +# Copyright 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libmnl +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING* README* $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libmnl/slack-desc b/source/n/libmnl/slack-desc new file mode 100644 index 000000000..8a96e06b7 --- /dev/null +++ b/source/n/libmnl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +libmnl: libmnl (user-space library oriented to Netlink developers) +libmnl: +libmnl: libmnl is a minimalistic user-space library oriented to Netlink +libmnl: developers. There are a lot of common tasks in parsing, validating, +libmnl: constructing of both the Netlink header and TLVs that are repetitive +libmnl: and easy to get wrong. This library aims to provide simple helpers +libmnl: that allows you to re-use code and to avoid re-inventing the wheel. +libmnl: +libmnl: Homepage: http://www.netfilter.org/projects/libmnl/ +libmnl: +libmnl: diff --git a/source/n/libnetfilter_acct/libnetfilter_acct.SlackBuild b/source/n/libnetfilter_acct/libnetfilter_acct.SlackBuild new file mode 100755 index 000000000..6639271a8 --- /dev/null +++ b/source/n/libnetfilter_acct/libnetfilter_acct.SlackBuild @@ -0,0 +1,96 @@ +#!/bin/sh + +# Slackware build script for libnetfilter_acct + +# Copyright 2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libnetfilter_acct +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING README $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libnetfilter_acct/slack-desc b/source/n/libnetfilter_acct/slack-desc new file mode 100644 index 000000000..e8b8a4371 --- /dev/null +++ b/source/n/libnetfilter_acct/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +libnetfilter_acct: libnetfilter_acct (userspace library for netfilter accounting) +libnetfilter_acct: +libnetfilter_acct: libnetfilter_acct is the userspace library providing interface +libnetfilter_acct: to extended accounting infrastructure. +libnetfilter_acct: +libnetfilter_acct: libnetfilter_acct is used by nfacct. +libnetfilter_acct: +libnetfilter_acct: +libnetfilter_acct: +libnetfilter_acct: +libnetfilter_acct: diff --git a/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild b/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild new file mode 100755 index 000000000..6abe6f1b8 --- /dev/null +++ b/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild @@ -0,0 +1,96 @@ +#!/bin/sh + +# Slackware build script for libnetfilter_conntrack + +# Copyright 2006-2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libnetfilter_conntrack +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING README $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libnetfilter_conntrack/slack-desc b/source/n/libnetfilter_conntrack/slack-desc new file mode 100644 index 000000000..1bd1a5785 --- /dev/null +++ b/source/n/libnetfilter_conntrack/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +libnetfilter_conntrack: libnetfilter_conntrack (netfilter conntrack library) +libnetfilter_conntrack: +libnetfilter_conntrack: libnetfilter_conntrack is a userspace library providing a programming +libnetfilter_conntrack: interface (API) to the in-kernel connection tracking state table. +libnetfilter_conntrack: This library is currently used by conntrack-tools and many other +libnetfilter_conntrack: applications. +libnetfilter_conntrack: +libnetfilter_conntrack: +libnetfilter_conntrack: +libnetfilter_conntrack: +libnetfilter_conntrack: diff --git a/source/n/libnetfilter_cthelper/libnetfilter_cthelper.SlackBuild b/source/n/libnetfilter_cthelper/libnetfilter_cthelper.SlackBuild new file mode 100755 index 000000000..e11413056 --- /dev/null +++ b/source/n/libnetfilter_cthelper/libnetfilter_cthelper.SlackBuild @@ -0,0 +1,96 @@ +#!/bin/sh + +# Slackware build script for libnetfilter_cthelper + +# Copyright 2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libnetfilter_cthelper +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING README $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libnetfilter_cthelper/slack-desc b/source/n/libnetfilter_cthelper/slack-desc new file mode 100644 index 000000000..818240651 --- /dev/null +++ b/source/n/libnetfilter_cthelper/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libnetfilter_cthelper: libnetfilter_cthelper (userspace infrastructure for conntrack helpers) +libnetfilter_cthelper: +libnetfilter_cthelper: Connection tracking helpers allows you to filter multi-flow protocols +libnetfilter_cthelper: that usually separate control and data traffic into different flows. +libnetfilter_cthelper: This is the case of application protocols like FTP, SIP and H.323 that +libnetfilter_cthelper: are already supported by Netfilter. These helpers are implemented in +libnetfilter_cthelper: kernel-space. +libnetfilter_cthelper: +libnetfilter_cthelper: +libnetfilter_cthelper: +libnetfilter_cthelper: diff --git a/source/n/libnetfilter_cttimeout/libnetfilter_cttimeout.SlackBuild b/source/n/libnetfilter_cttimeout/libnetfilter_cttimeout.SlackBuild new file mode 100755 index 000000000..6ab035263 --- /dev/null +++ b/source/n/libnetfilter_cttimeout/libnetfilter_cttimeout.SlackBuild @@ -0,0 +1,96 @@ +#!/bin/sh + +# Slackware build script for libnetfilter_cttimeout + +# Copyright 2006-2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libnetfilter_cttimeout +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING README $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libnetfilter_cttimeout/slack-desc b/source/n/libnetfilter_cttimeout/slack-desc new file mode 100644 index 000000000..cd7ab0dcc --- /dev/null +++ b/source/n/libnetfilter_cttimeout/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libnetfilter_cttimeout: libnetfilter_cttimeout (connection tracking timeout library) +libnetfilter_cttimeout: +libnetfilter_cttimeout: libnetfilter_cttimeout is the userspace library that provides the +libnetfilter_cttimeout: programming interface to the fine-grain connection tracking timeout +libnetfilter_cttimeout: infrastructure. With this library, you can create, update and delete +libnetfilter_cttimeout: timeout policies that can be attached to traffic flows. +libnetfilter_cttimeout: +libnetfilter_cttimeout: +libnetfilter_cttimeout: +libnetfilter_cttimeout: +libnetfilter_cttimeout: diff --git a/source/n/libnetfilter_log/libnetfilter_log.SlackBuild b/source/n/libnetfilter_log/libnetfilter_log.SlackBuild new file mode 100755 index 000000000..6b91e21bb --- /dev/null +++ b/source/n/libnetfilter_log/libnetfilter_log.SlackBuild @@ -0,0 +1,96 @@ +#!/bin/sh + +# Slackware build script for libnetfilter_log + +# Copyright 2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libnetfilter_log +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING* $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libnetfilter_log/slack-desc b/source/n/libnetfilter_log/slack-desc new file mode 100644 index 000000000..6af9c7541 --- /dev/null +++ b/source/n/libnetfilter_log/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libnetfilter_log: libnetfilter_log (userspace packet logging library) +libnetfilter_log: +libnetfilter_log: libnetfilter_log is a userspace library providing interface to +libnetfilter_log: packets that have been logged by the kernel packet filter. It is +libnetfilter_log: part of a system that deprecates the old syslog/dmesg based packet +libnetfilter_log: logging. This library has been previously known as libnfnetlink_log. +libnetfilter_log: +libnetfilter_log: Homepage: http://www.netfilter.org/projects/libnetfilter_log/ +libnetfilter_log: +libnetfilter_log: +libnetfilter_log: diff --git a/source/n/libnetfilter_queue/libnetfilter_queue.SlackBuild b/source/n/libnetfilter_queue/libnetfilter_queue.SlackBuild new file mode 100755 index 000000000..1e64432b5 --- /dev/null +++ b/source/n/libnetfilter_queue/libnetfilter_queue.SlackBuild @@ -0,0 +1,96 @@ +#!/bin/sh + +# Slackware build script for libnetfilter_queue + +# Copyright 2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libnetfilter_queue +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING* $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libnetfilter_queue/slack-desc b/source/n/libnetfilter_queue/slack-desc new file mode 100644 index 000000000..b43b8fe5f --- /dev/null +++ b/source/n/libnetfilter_queue/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +libnetfilter_queue: libnetfilter_queue (userspace API for netfilter packet queueing) +libnetfilter_queue: +libnetfilter_queue: libnetfilter_queue is a userspace library providing an API to packets +libnetfilter_queue: that have been queued by the kernel packet filter. It is part of a +libnetfilter_queue: system that deprecates the old ip_queue / libipq mechanism. +libnetfilter_queue: +libnetfilter_queue: libnetfilter_queue has been previously known as libnfnetlink_queue. +libnetfilter_queue: +libnetfilter_queue: +libnetfilter_queue: +libnetfilter_queue: diff --git a/source/n/libnfnetlink/libnfnetlink.SlackBuild b/source/n/libnfnetlink/libnfnetlink.SlackBuild new file mode 100755 index 000000000..8aa62de44 --- /dev/null +++ b/source/n/libnfnetlink/libnfnetlink.SlackBuild @@ -0,0 +1,96 @@ +#!/bin/sh + +# Slackware build script for libnfnetlink + +# Copyright 2006-2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libnfnetlink +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING* README* $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libnfnetlink/slack-desc b/source/n/libnfnetlink/slack-desc new file mode 100644 index 000000000..35dbc7459 --- /dev/null +++ b/source/n/libnfnetlink/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +libnfnetlink: libnfnetlink (library for netfilter kernel/userspace comm) +libnfnetlink: +libnfnetlink: libnfnetlink is the low-level library for netfilter related +libnfnetlink: kernel/userspace communication. It provides a generic messaging +libnfnetlink: infrastructure for in-kernel netfilter subsystems (such as +libnfnetlink: nfnetlink_log, nfnetlink_queue, nfnetlink_conntrack) and their +libnfnetlink: respective users and/or management tools in userspace. +libnfnetlink: +libnfnetlink: +libnfnetlink: +libnfnetlink: diff --git a/source/n/libqmi/libqmi.SlackBuild b/source/n/libqmi/libqmi.SlackBuild new file mode 100755 index 000000000..826fc32b1 --- /dev/null +++ b/source/n/libqmi/libqmi.SlackBuild @@ -0,0 +1,130 @@ +#!/bin/sh + +# Slackware build script for libqmi + +# Copyright 2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libqmi +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --disable-gtk-doc \ + --disable-gtk-doc-html \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +# Since this thing won't listen: +rm -rf $PKG/usr/share/gtk-doc/html +rmdir $PKG/usr/share/gtk-doc 2> /dev/null +rmdir $PKG/usr/share 2> /dev/null + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a AUTHORS COPYING NEWS README TODO $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + cat ChangeLog | head -n 1000 > $PKG/usr/doc/$PKGNAM-$VERSION/ChangeLog + touch -r ChangeLog $PKG/usr/doc/$PKGNAM-$VERSION/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libqmi/slack-desc b/source/n/libqmi/slack-desc new file mode 100644 index 000000000..bdbc0eb71 --- /dev/null +++ b/source/n/libqmi/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +libqmi: libqmi (QMI library and utils) +libqmi: +libqmi: libqmi is a glib-based library for talking to WWAN modems and devices +libqmi: which speak the Qualcomm MSM Interface (QMI) protocol. +libqmi: +libqmi: Homepage: http://www.freedesktop.org/software/libqmi/ +libqmi: +libqmi: +libqmi: +libqmi: +libqmi: diff --git a/source/n/links/links.SlackBuild b/source/n/links/links.SlackBuild index 241cc6627..0131bdd67 100755 --- a/source/n/links/links.SlackBuild +++ b/source/n/links/links.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,7 +20,7 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=2.7 +VERSION=2.8 BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: diff --git a/source/n/mtr/mtr.SlackBuild b/source/n/mtr/mtr.SlackBuild index 23a9c707b..203af85c8 100755 --- a/source/n/mtr/mtr.SlackBuild +++ b/source/n/mtr/mtr.SlackBuild @@ -73,8 +73,6 @@ CFLAGS="$SLKCFLAGS" \ --localstatedir=/var \ --sysconfdir=/etc \ --without-gtk \ - --without-gtk2 \ - --without-gtk3 \ --build=$ARCH-slackware-linux make $NUMJOBS || make || exit 1 diff --git a/source/n/mutt/mutt.SlackBuild b/source/n/mutt/mutt.SlackBuild index 9484bc27a..e75749808 100755 --- a/source/n/mutt/mutt.SlackBuild +++ b/source/n/mutt/mutt.SlackBuild @@ -21,7 +21,7 @@ PKGNAM=mutt VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -58,10 +58,6 @@ tar xvf $CWD/mutt-$VERSION.tar.?z* || exit 1 cd mutt-$VERSION || exit 1 chown -R root:root . -# "error creating gpgme context: Not operational?" bugfix -# http://dev.mutt.org/trac/ticket/3300 -zcat $CWD/mutt.gpgme.diff.gz | patch -p1 --verbose || exit 1 - CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ @@ -77,8 +73,6 @@ CFLAGS="$SLKCFLAGS" \ --enable-smtp \ --enable-gpgme \ --enable-hcache \ - --enable-locales-fix \ - --without-wc-funcs \ --build=$ARCH-slackware-linux make $NUMJOBS || make || exit 1 diff --git a/source/n/mutt/mutt.gpgme.diff b/source/n/mutt/mutt.gpgme.diff deleted file mode 100644 index 8f8c40a4f..000000000 --- a/source/n/mutt/mutt.gpgme.diff +++ /dev/null @@ -1,34 +0,0 @@ ---- mutt-1.5.20/init.c.orig 2009-07-21 17:54:59 +0200 -+++ mutt-1.5.20/init.c 2009-07-21 17:59:47 +0200 -@@ -37,7 +37,6 @@ - #endif - - -- - #include "mx.h" - #include "init.h" - #include "mailbox.h" -@@ -50,6 +49,10 @@ - #include <errno.h> - #include <sys/wait.h> - -+#if defined(CRYPT_BACKEND_GPGME) -+#include <gpgme.h> -+#endif -+ - #define CHECK_PAGER \ - if ((CurrentMenu == MENU_PAGER) && (idx >= 0) && \ - (MuttVars[idx].flags & R_RESORT)) \ -@@ -3262,6 +3265,11 @@ - - mutt_read_histfile (); - -+#ifdef CRYPT_BACKEND_GPGME -+ /* needed since version 1.2.0, ticket #3300 */ -+ gpgme_check_version (NULL); -+#endif -+ - #if 0 - set_option (OPTWEED); /* turn weeding on by default */ - #endif - diff --git a/source/n/net-snmp/net-snmp.SlackBuild b/source/n/net-snmp/net-snmp.SlackBuild index 2f2a3ead5..3214d47d2 100755 --- a/source/n/net-snmp/net-snmp.SlackBuild +++ b/source/n/net-snmp/net-snmp.SlackBuild @@ -23,7 +23,7 @@ PKGNAM=net-snmp VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-5} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -90,11 +90,12 @@ CFLAGS="$SLKCFLAGS" \ --without-rpm \ --program-suffix= \ --program-prefix= \ + --with-mib-modules="ucd-snmp/lmsensorsMib" \ --build=$ARCH-slackware-linux # This appears to require additional third-party python modules? # Maybe something for later. -# --with-python-modules +# --with-python-modules # Build and install: # This seems to not play well with "-j N"... diff --git a/source/n/netkit-ftp/netkit-ftp.SlackBuild b/source/n/netkit-ftp/netkit-ftp.SlackBuild index 5ad8a1610..cb3deecde 100755 --- a/source/n/netkit-ftp/netkit-ftp.SlackBuild +++ b/source/n/netkit-ftp/netkit-ftp.SlackBuild @@ -22,7 +22,7 @@ VERSION=0.17 -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/n/network-scripts/network-scripts.SlackBuild b/source/n/network-scripts/network-scripts.SlackBuild index 78aa577e6..7b4b06e0d 100755 --- a/source/n/network-scripts/network-scripts.SlackBuild +++ b/source/n/network-scripts/network-scripts.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,9 +22,9 @@ PKGNAM=network-scripts -VERSION=${VERSION:-14.00} +VERSION=${VERSION:-14.1} ARCH=noarch -BUILD=${BUILD:-3} +BUILD=${BUILD:-2} CWD=$(pwd) TMP=${TMP:-/tmp} diff --git a/source/n/network-scripts/scripts/netconfig b/source/n/network-scripts/scripts/netconfig index 1e1151484..3bd483dea 100644 --- a/source/n/network-scripts/scripts/netconfig +++ b/source/n/network-scripts/scripts/netconfig @@ -101,12 +101,12 @@ DEBUG_ETH_UP="no" ## Some examples of additional network parameters that you can use. ## Config information for wlan0: -#IFNAME[4]="wlan0" # Use a different interface name nstead of +#IFNAME[4]="wlan0" # Use a different interface name instead of # the default 'eth4' #HWADDR[4]="00:01:23:45:67:89" # Overrule the card's hardware MAC address #MTU[4]="" # The default MTU is 1500, but you might need # 1360 when you use NAT'ed IPSec traffic. -#DHCP_KEEPRESOLV[4]="yes" # If you dont want /etc/resolv.conf overwritten +#DHCP_KEEPRESOLV[4]="yes" # If you don't want /etc/resolv.conf overwritten #DHCP_KEEPNTP[4]="yes" # If you don't want ntp.conf overwritten #DHCP_KEEPGW[4]="yes" # If you don't want the DHCP server to change # your default gateway @@ -326,7 +326,7 @@ if [ -w etc/NetworkManager/NetworkManager.conf ]; then sed -i "s/^hostname=.*$/hostname=$HOSTNM/g" etc/NetworkManager/NetworkManager.conf fi -dialog --title "CONFIGUATION TYPE FOR '$HOSTNM.$DOMAIN'" \ +dialog --title "CONFIGURATION TYPE FOR '$HOSTNM.$DOMAIN'" \ --default-item DHCP \ --menu \ "Now we need to know how your machine connects to the network.\n\ diff --git a/source/n/network-scripts/scripts/rc.inet1.conf b/source/n/network-scripts/scripts/rc.inet1.conf index d3798d8bf..85a8041ba 100644 --- a/source/n/network-scripts/scripts/rc.inet1.conf +++ b/source/n/network-scripts/scripts/rc.inet1.conf @@ -87,7 +87,7 @@ DEBUG_ETH_UP="no" #DHCP_TIMEOUT[4]=15 # The default timeout for the DHCP client to # wait for server resonse is 10 seconds, but # you might want a shorter or longer wait. -#DHCP_KEEPRESOLV[4]="yes" # If you dont want /etc/resolv.conf overwritten +#DHCP_KEEPRESOLV[4]="yes" # If you don't want /etc/resolv.conf overwritten #DHCP_KEEPNTP[4]="yes" # If you don't want ntp.conf overwritten #DHCP_KEEPGW[4]="yes" # If you don't want the DHCP server to change # your default gateway diff --git a/source/n/network-scripts/scripts/rc.ip_forward b/source/n/network-scripts/scripts/rc.ip_forward index 8940dc2cc..1fa6b57cd 100644 --- a/source/n/network-scripts/scripts/rc.ip_forward +++ b/source/n/network-scripts/scripts/rc.ip_forward @@ -24,6 +24,17 @@ ip_forward_start() { /bin/grep ipv4 /etc/sysctl.conf | sysctl -p - 1> /dev/null 2> /dev/null fi fi + if [ -f /proc/sys/net/ipv6/conf/all/forwarding ]; then + echo "Activating IPv6 packet forwarding." + echo 1 > /proc/sys/net/ipv6/conf/all/forwarding + # Changing /proc/sys/net/ipv6/conf/all/forwarding results in resetting + # all non-default ipv6 parameters for the interface as mentioned in + # /usr/src/linux/Documentation/networking/ip-sysctl.txt. So, we + # will reapply any ipv6 sysctl parameters now: + if [ -r /etc/sysctl.conf ]; then + /bin/grep ipv6 /etc/sysctl.conf | sysctl -p - 1> /dev/null 2> /dev/null + fi + fi # When using IPv4 packet forwarding, you will also get the # rp_filter, which automatically rejects incoming packets if the # routing table entry for their source address doesn't match the @@ -53,6 +64,17 @@ ip_forward_stop() { /bin/grep ipv4 /etc/sysctl.conf | sysctl -p - 1> /dev/null 2> /dev/null fi fi + if [ -f /proc/sys/net/ipv6/conf/all/forwarding ]; then + echo "Disabling IPv6 packet forwarding." + echo 0 > /proc/sys/net/ipv6/conf/all/forwarding + # Changing /proc/sys/net/ipv6/conf/all/forwarding results in resetting + # all non-default ipv6 parameters for the interface as mentioned in + # /usr/src/linux/Documentation/networking/ip-sysctl.txt. So, we + # will reapply any ipv6 sysctl parameters now: + if [ -r /etc/sysctl.conf ]; then + /bin/grep ipv6 /etc/sysctl.conf | sysctl -p - 1> /dev/null 2> /dev/null + fi + fi } # Restart IP packet forwarding: diff --git a/source/n/nfacct/nfacct.SlackBuild b/source/n/nfacct/nfacct.SlackBuild new file mode 100755 index 000000000..96d9d2da3 --- /dev/null +++ b/source/n/nfacct/nfacct.SlackBuild @@ -0,0 +1,98 @@ +#!/bin/sh + +# Slackware build script for nfacct + +# Copyright 2006-2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=nfacct +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc/conntrackd \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object"| grep ELF | \ + cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +find $PKG/usr/man -type f -exec gzip -9 {} \; + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING* $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/nfacct/slack-desc b/source/n/nfacct/slack-desc new file mode 100644 index 000000000..18bd3df38 --- /dev/null +++ b/source/n/nfacct/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +nfacct: nfacct (tool to create/retrieve/delete accounting objects) +nfacct: +nfacct: nfacct is the command line tool to create/retrieve/delete accounting +nfacct: objects. +nfacct: +nfacct: The main features of nfacct are: +nfacct: - listing the objects of the nfacct table in plain text/XML +nfacct: - atomically get and reset objects of the nfacct table +nfacct: - adding new objects to the nfacct table +nfacct: - deleting objects from the nfacct table +nfacct: diff --git a/source/n/nfs-utils/doinst.sh b/source/n/nfs-utils/doinst.sh index 214ff1b9e..0523f4e7e 100644 --- a/source/n/nfs-utils/doinst.sh +++ b/source/n/nfs-utils/doinst.sh @@ -15,6 +15,7 @@ config var/lib/nfs/rmtab.new config var/lib/nfs/state.new config var/lib/nfs/xtab.new rm -f var/lib/nfs/*.new +chown -R rpc:rpc var/lib/nfs if [ -x etc/rc.d/rc.nfsd ]; then chmod 755 etc/rc.d/rc.nfsd.new else diff --git a/source/n/nfs-utils/nfs-utils-1.2.3.tar.sign b/source/n/nfs-utils/nfs-utils-1.2.3.tar.sign deleted file mode 100644 index f159e0b64..000000000 --- a/source/n/nfs-utils/nfs-utils-1.2.3.tar.sign +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.9 (GNU/Linux) -Comment: See http://www.kernel.org/signature.html for info - -iD8DBQBMoeJcyGugalF9Dw4RApKyAJ91WfvKRivOd7XKaUXrNaIDlhwozACfacf5 -b0Maa5t3jk5Pnj+IQqvic+g= -=cnNE ------END PGP SIGNATURE----- diff --git a/source/n/nfs-utils/nfs-utils-1.2.8.tar.sign b/source/n/nfs-utils/nfs-utils-1.2.8.tar.sign Binary files differnew file mode 100644 index 000000000..c2cde4995 --- /dev/null +++ b/source/n/nfs-utils/nfs-utils-1.2.8.tar.sign diff --git a/source/n/nfs-utils/nfs-utils.SlackBuild b/source/n/nfs-utils/nfs-utils.SlackBuild index 2cf5a150c..d3305c12f 100755 --- a/source/n/nfs-utils/nfs-utils.SlackBuild +++ b/source/n/nfs-utils/nfs-utils.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,8 +21,8 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.2.3 -BUILD=${BUILD:-3} +VERSION=1.2.8 +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -112,11 +112,14 @@ sed -i "s/# Defaultvers=4/Defaultvers=3/g" $PKG/etc/nfsmount.conf.new # No NFSv4 yet, so remove these: rm -f $PKG/sbin/*nfs4 -# Why were we doing this? +# This should move to support /usr on NFS: mkdir -p $PKG/sbin mv $PKG/usr/sbin/rpc.statd $PKG/sbin ( cd $PKG/usr/sbin ; ln -sf ../../sbin/rpc.statd . ) +# Chown /var/lib/nfs so that rpc.statd runs as rpc:rpc: +chown -R rpc:rpc $PKG/var/lib/nfs + find $PKG | xargs file | grep -e "executable" -e "shared object" \ | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null diff --git a/source/n/nmap/nmap.SlackBuild b/source/n/nmap/nmap.SlackBuild index a513a93e7..0f331516d 100755 --- a/source/n/nmap/nmap.SlackBuild +++ b/source/n/nmap/nmap.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,8 +20,8 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=${VERSION:-6.01} -BUILD=${BUILD:-2} +VERSION=${VERSION:-6.40} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -74,11 +74,13 @@ find . \ # --without-nmap-update is needed below to avoid depending on apr and subversion libraries. # It's not worth the feature IMHO. +LIBS="-lnl" \ CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --with-liblua=included \ + --with-libpcap=included \ --mandir=/usr/man \ --docdir=/usr/doc/nmap-$VERSION \ --without-nmap-update \ diff --git a/source/n/ntp/doinst.sh b/source/n/ntp/doinst.sh index 1e74ce442..bc5429909 100644 --- a/source/n/ntp/doinst.sh +++ b/source/n/ntp/doinst.sh @@ -9,10 +9,20 @@ config() { fi # Otherwise, we leave the .new copy for the admin to consider... } +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} config etc/ntp.conf.new config etc/ntp/ntp.keys.new if [ -r etc/rc.d/rc.ntpd -a -r etc/rc.d/rc.ntpd.new ]; then chmod --reference=etc/rc.d/rc.ntpd etc/rc.d/rc.ntpd.new fi -config etc/rc.d/rc.ntpd.new +mv etc/rc.d/rc.ntpd.new etc/rc.d/rc.ntpd diff --git a/source/n/ntp/ntp.SlackBuild b/source/n/ntp/ntp.SlackBuild index d89863e73..f514aa6c3 100755 --- a/source/n/ntp/ntp.SlackBuild +++ b/source/n/ntp/ntp.SlackBuild @@ -22,7 +22,7 @@ PKGNAM=ntp VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-4} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/n/ntp/rc.ntpd b/source/n/ntp/rc.ntpd index 7cf3d50b0..c1d1411ca 100644 --- a/source/n/ntp/rc.ntpd +++ b/source/n/ntp/rc.ntpd @@ -7,6 +7,21 @@ ntpd_start() { echo -n "Starting NTP daemon: $CMDLINE" $CMDLINE -p /var/run/ntpd.pid echo + # The kernel is now mocking around with the the hardware clock if + # ntpd is running, so if the hardware clock (wall clock) is set to + # 'localtime' execute hwclock --localtime --systohc to disable the + # 11 minute mode kernel function: + if [ -x /sbin/hwclock ]; then + # Check for a broken motherboard RTC clock (where ioports for rtc are + # unknown) to prevent hwclock causing a hang: + if ! grep -q -w rtc /proc/ioports ; then + CLOCK_OPT="--directisa" + fi + if ! grep -q "^UTC" /etc/hardwareclock 2> /dev/null ; then + echo "Saving system time to the hardware clock (localtime)." + /sbin/hwclock $CLOCK_OPT --localtime --systohc + fi + fi } # Stop ntpd: diff --git a/source/n/obex-data-server/obex-data-server.SlackBuild b/source/n/obex-data-server/obex-data-server.SlackBuild index 030fffc7d..0f8aed137 100755 --- a/source/n/obex-data-server/obex-data-server.SlackBuild +++ b/source/n/obex-data-server/obex-data-server.SlackBuild @@ -26,7 +26,7 @@ PKGNAM=obex-data-server VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j7 "} diff --git a/source/n/obexftp/obexftp.SlackBuild b/source/n/obexftp/obexftp.SlackBuild index f7b045220..e8edb1c0a 100755 --- a/source/n/obexftp/obexftp.SlackBuild +++ b/source/n/obexftp/obexftp.SlackBuild @@ -22,7 +22,7 @@ PKGNAM=obexftp VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-8} +BUILD=${BUILD:-9} NUMJOBS=${NUMJOBS:-" -j7 "} diff --git a/source/n/openssh/openssh.SlackBuild b/source/n/openssh/openssh.SlackBuild index 79109e47e..07ea16156 100755 --- a/source/n/openssh/openssh.SlackBuild +++ b/source/n/openssh/openssh.SlackBuild @@ -2,7 +2,7 @@ # Copyright 2000 BSDi, Inc. Concord, CA, USA # Copyright 2001, 2002, 2003, 2004 Slackware Linux, Inc. Concord, CA, USA -# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is diff --git a/source/n/openssl/openssl.SlackBuild b/source/n/openssl/openssl.SlackBuild index 8d5c4a096..7af513524 100755 --- a/source/n/openssl/openssl.SlackBuild +++ b/source/n/openssl/openssl.SlackBuild @@ -2,7 +2,7 @@ # Copyright 2000 BSDi, Inc. Concord, CA, USA # Copyright 2001, 2002 Slackware Linux, Inc. Concord, CA, USA -# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -28,7 +28,7 @@ CWD=$(pwd) TMP=${TMP:-/tmp} VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-3} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/n/openvpn/openvpn.SlackBuild b/source/n/openvpn/openvpn.SlackBuild index 8477c453d..7293806c3 100755 --- a/source/n/openvpn/openvpn.SlackBuild +++ b/source/n/openvpn/openvpn.SlackBuild @@ -1,7 +1,7 @@ #!/bin/sh # Copyright 2006, Alan Hicks, Lizella, GA -# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,7 +23,7 @@ PKGNAM=openvpn -VERSION=2.2.2 +VERSION=2.3.2 BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: @@ -60,7 +60,7 @@ rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf $PKGNAM-$VERSION -tar xvf $CWD/$PKGNAM-$VERSION.tar.gz || exit 1 +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 cd $PKGNAM-$VERSION || exit 1 # Fix ownership and permissions inside the source tarball. @@ -84,6 +84,8 @@ CXXFLAGS="$SLKCFLAGS" \ --docdir=/usr/doc/openvpn-${VERSION} \ --enable-lzo \ --enable-iproute2 \ + --enable-password-save \ + --disable-plugin-auth-pam \ --build=$ARCH-slackware-linux make $NUMJOBS || make || exit 1 diff --git a/source/n/p11-kit/p11-kit.SlackBuild b/source/n/p11-kit/p11-kit.SlackBuild index f7e9efb39..cee35a1f9 100755 --- a/source/n/p11-kit/p11-kit.SlackBuild +++ b/source/n/p11-kit/p11-kit.SlackBuild @@ -23,7 +23,7 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PKGNAM=p11-kit -VERSION=${VERSION:-0.12} +VERSION=${VERSION:-0.16.4} BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:--j6} diff --git a/source/n/php/doinst.sh b/source/n/php/doinst.sh index 2af731e95..bf1b21702 100644 --- a/source/n/php/doinst.sh +++ b/source/n/php/doinst.sh @@ -24,5 +24,5 @@ fi config etc/rc.d/rc.php-fpm.new cp -a etc/httpd/php.ini-production etc/httpd/php.ini.new config etc/httpd/php.ini.new -cp -a etc/php-fpm.conf.default etc/php-fpm.conf.new -config etc/php-fpm.conf.new +cp -a etc/php-fpm/php-fpm.conf.default etc/php-fpm/php-fpm.conf.new +config etc/php-fpm/php-fpm.conf.new diff --git a/source/n/php/fetch-php.sh b/source/n/php/fetch-php.sh index 6542c8bb8..522214cc0 100755 --- a/source/n/php/fetch-php.sh +++ b/source/n/php/fetch-php.sh @@ -1 +1 @@ -lftpget http://us.php.net/distributions/php-5.4.7.tar.bz2 +lftpget http://us.php.net/distributions/php-5.4.20.tar.bz2 diff --git a/source/n/php/init.d.php-fpm.in.diff b/source/n/php/init.d.php-fpm.in.diff new file mode 100644 index 000000000..00f887780 --- /dev/null +++ b/source/n/php/init.d.php-fpm.in.diff @@ -0,0 +1,11 @@ +--- ./sapi/fpm/init.d.php-fpm.in.orig 2013-05-08 00:41:20.000000000 -0500 ++++ ./sapi/fpm/init.d.php-fpm.in 2013-05-19 14:52:33.952089160 -0500 +@@ -14,7 +14,7 @@ + exec_prefix=@exec_prefix@ + + php_fpm_BIN=@sbindir@/php-fpm +-php_fpm_CONF=@sysconfdir@/php-fpm.conf ++php_fpm_CONF=@sysconfdir@/php-fpm/php-fpm.conf + php_fpm_PID=@localstatedir@/run/php-fpm.pid + + diff --git a/source/n/php/php.SlackBuild b/source/n/php/php.SlackBuild index e475f824e..9e2632303 100755 --- a/source/n/php/php.SlackBuild +++ b/source/n/php/php.SlackBuild @@ -3,7 +3,7 @@ # Build and package mod_php on Slackware. # by: David Cantrell <david@slackware.com> # Modified for PHP 4-5 by volkerdi@slackware.com -# Copyright 2007, 2008, 2009, 2010, 2011, 2012 Patrick Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -24,8 +24,8 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=5.4.7 -ALPINE=2.02 +VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +ALPINE=2.11 BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: @@ -71,10 +71,11 @@ if [ -r $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a ]; then sleep 5 else ( cd $CWD/../alpine ; ./alpine.SlackBuild || exit 1 ) || exit 1 - ( cd $TMP/re-alpine-${ALPINE}/imap/c-client + ( cd $TMP/alpine-${ALPINE}/imap/c-client strip -g c-client.a mkdir -p $IMAPLIBDIR/lib${LIBDIRSUFFIX} cp c-client.a $IMAPLIBDIR/lib${LIBDIRSUFFIX} + ( cd $IMAPLIBDIR/lib${LIBDIRSUFFIX} ; ln -sf c-client.a libc-client.a ) mkdir -p $IMAPLIBDIR/include cp *.h $IMAPLIBDIR/include ) @@ -95,6 +96,8 @@ rm -rf php-$VERSION tar xvf $CWD/php-$VERSION.tar.?z* || exit 1 cd php-$VERSION +zcat $CWD/init.d.php-fpm.in.diff.gz | patch -p1 --verbose || exit 1 + # cleanup: find . -name "*.orig" -delete @@ -238,6 +241,8 @@ make install INSTALL_ROOT=$PKG || exit 1 mkdir -p $PKG/etc/{rc.d,php-fpm} cp sapi/fpm/init.d.php-fpm $PKG/etc/rc.d/rc.php-fpm.new chmod 644 $PKG/etc/rc.d/rc.php-fpm.new +mv $PKG/etc/php-fpm.conf.default $PKG/etc/php-fpm +chmod 644 $PKG/etc/php-fpm/php-fpm.conf.default # PHP (used to) install Pear with some strange permissions. chmod 755 $PKG/usr/bin/pear diff --git a/source/n/popa3d/popa3d-1.0.2-crypt.diff b/source/n/popa3d/popa3d-1.0.2-crypt.diff new file mode 100644 index 000000000..c6c006c7a --- /dev/null +++ b/source/n/popa3d/popa3d-1.0.2-crypt.diff @@ -0,0 +1,50 @@ +--- Owl/packages/popa3d/popa3d/auth_passwd.c 2002/03/20 17:08:45 1.1 ++++ Owl/packages/popa3d/popa3d/auth_passwd.c 2012/08/15 09:06:39 1.2 +@@ -26,9 +26,11 @@ struct passwd *auth_userpass(char *user, + if (!pw || !*pw->pw_passwd || + *pw->pw_passwd == '*' || *pw->pw_passwd == '!') + crypt(pass, AUTH_DUMMY_SALT); +- else +- if (!strcmp(crypt(pass, pw->pw_passwd), pw->pw_passwd)) +- result = pw; ++ else { ++ char *hash = crypt(pass, pw->pw_passwd); ++ if (hash && !strcmp(hash, pw->pw_passwd)) ++ result = pw; ++ } + + if (pw) + memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); +--- Owl/packages/popa3d/popa3d/auth_shadow.c 2006/03/05 13:18:32 1.2 ++++ Owl/packages/popa3d/popa3d/auth_shadow.c 2012/08/15 09:06:39 1.3 +@@ -52,9 +52,11 @@ struct passwd *auth_userpass(char *user, + if (!(spw = getspnam(user)) || !pw || !*spw->sp_pwdp || + *spw->sp_pwdp == '*' || *spw->sp_pwdp == '!') + crypt(pass, AUTH_DUMMY_SALT); +- else +- if (!strcmp(crypt(pass, spw->sp_pwdp), spw->sp_pwdp)) +- result = 1; ++ else { ++ char *hash = crypt(pass, spw->sp_pwdp); ++ if (hash && !strcmp(hash, spw->sp_pwdp)) ++ result = 1; ++ } + write(channel[1], &result, 1); + exit(0); + } +--- Owl/packages/popa3d/popa3d/virtual.c 2006/03/07 03:30:15 1.3 ++++ Owl/packages/popa3d/popa3d/virtual.c 2012/08/15 09:06:39 1.4 +@@ -175,8 +175,11 @@ struct passwd *virtual_userpass(char *us + endpwent(); + + result = NULL; +- if (!strcmp(crypt(pass, passwd), passwd) && !fail) +- result = pw; ++ { ++ char *computed_hash = crypt(pass, passwd); ++ if (computed_hash && !strcmp(computed_hash, passwd) && !fail) ++ result = pw; ++ } + + memset(auth, 0, sizeof(auth)); + diff --git a/source/n/popa3d/popa3d.SlackBuild b/source/n/popa3d/popa3d.SlackBuild index 7f6713cd1..3767fae6a 100755 --- a/source/n/popa3d/popa3d.SlackBuild +++ b/source/n/popa3d/popa3d.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,7 +21,7 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. VERSION=1.0.2 -BUILD=${BUILD:-3} +BUILD=${BUILD:-4} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -45,7 +45,10 @@ cd $TMP rm -rf popa3d-$VERSION tar xvf $CWD/popa3d-$VERSION.tar.gz || exit 1 cd popa3d-$VERSION || exit 1 + zcat $CWD/popa3d.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 +zcat $CWD/popa3d-1.0.2-crypt.diff.gz | patch -p4 --verbose || exit 1 + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ diff --git a/source/n/ppp/ppp.SlackBuild b/source/n/ppp/ppp.SlackBuild index f7732bd61..3c229953d 100755 --- a/source/n/ppp/ppp.SlackBuild +++ b/source/n/ppp/ppp.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,7 +23,7 @@ VERSION=2.4.5 RADVER=0.3.2 PPPVER=1.98 -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -64,8 +64,12 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -zcat $CWD/ppp.slack.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit +zcat $CWD/ppp.slack.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 sed -i -e "s#lib/pppd#lib${LIBDIRSUFFIX}/pppd#g" $(grep -lr 'lib/pppd' *) +zcat $CWD/ppp.crypt.diff.gz | patch -p1 --verbose || exit 1 + +# This conflicts with the header in 3.5+ kernels: +rm -f include/linux/if_pppol2tp.h ./configure \ --prefix=/usr \ diff --git a/source/n/ppp/ppp.crypt.diff b/source/n/ppp/ppp.crypt.diff new file mode 100644 index 000000000..2e39af2b1 --- /dev/null +++ b/source/n/ppp/ppp.crypt.diff @@ -0,0 +1,64 @@ +From 04c4348108d847e034dd91066cc6843f60d71731 Mon Sep 17 00:00:00 2001 +From: Paul Mackerras <paulus@samba.org> +Date: Sun, 20 May 2012 14:14:55 +1000 +Subject: [PATCH] pppd: Don't crash if crypt() returns NULL + +It is possible for crypt() to return NULL under some circumstances, +so we need to check the return value before passing it to strcmp(). +If we do get NULL from crypt(), treat it as an authentication failure. + +Reported-by: Paul Wouters <pwouters@redhat.com> +Signed-off-by: Paul Mackerras <paulus@samba.org> +--- + pppd/auth.c | 8 +++++--- + pppd/session.c | 7 +++++-- + 2 files changed, 10 insertions(+), 5 deletions(-) + +diff --git a/pppd/auth.c b/pppd/auth.c +index fb71944..883b7f5 100644 +--- a/pppd/auth.c ++++ b/pppd/auth.c +@@ -1442,9 +1442,11 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg) + } + if (secret[0] != 0 && !login_secret) { + /* password given in pap-secrets - must match */ +- if ((cryptpap || strcmp(passwd, secret) != 0) +- && strcmp(crypt(passwd, secret), secret) != 0) +- ret = UPAP_AUTHNAK; ++ if (cryptpap || strcmp(passwd, secret) != 0) { ++ char *cbuf = crypt(passwd, secret); ++ if (!cbuf || strcmp(cbuf, secret) != 0) ++ ret = UPAP_AUTHNAK; ++ } + } + } + fclose(f); +diff --git a/pppd/session.c b/pppd/session.c +index 32901a2..56385dd 100644 +--- a/pppd/session.c ++++ b/pppd/session.c +@@ -178,6 +178,7 @@ session_start(flags, user, passwd, ttyName, msg) + bool try_session = 0; + #else /* #ifdef USE_PAM */ + struct passwd *pw; ++ char *cbuf; + #ifdef HAS_SHADOW + struct spwd *spwd; + struct spwd *getspnam(); +@@ -348,8 +349,10 @@ session_start(flags, user, passwd, ttyName, msg) + /* + * If no passwd, don't let them login if we're authenticating. + */ +- if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2 +- || strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0) ++ if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2) ++ return SESSION_FAILED; ++ cbuf = crypt(passwd, pw->pw_passwd); ++ if (!cbuf || strcmp(cbuf, pw->pw_passwd) != 0) + return SESSION_FAILED; + } + +-- +1.7.10.4 + + diff --git a/source/n/proftpd/proftpd.SlackBuild b/source/n/proftpd/proftpd.SlackBuild index bce1b00ea..ded54ce5d 100755 --- a/source/n/proftpd/proftpd.SlackBuild +++ b/source/n/proftpd/proftpd.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,9 +21,9 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.3.4a -DIRVER=1.3.4a -BUILD=${BUILD:-2} +VERSION=1.3.4c +DIRVER=1.3.4c +BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -81,7 +81,7 @@ CXXFLAGS="$SLKCFLAGS" \ --enable-ctrls \ --enable-ipv6 \ --localstatedir=/var/run \ - --with-modules=mod_ban:mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin \ + --with-modules=mod_radius:mod_ban:mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin \ --build=$ARCH-slackware-linux # This caused funny messages about "Quotas off" with every FTP command, # and mod_wrap gets a compile error: diff --git a/source/n/rfkill/rfkill.SlackBuild b/source/n/rfkill/rfkill.SlackBuild index de337167e..c82832b91 100755 --- a/source/n/rfkill/rfkill.SlackBuild +++ b/source/n/rfkill/rfkill.SlackBuild @@ -24,7 +24,7 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PKGNAM=rfkill -VERSION=${VERSION:-0.4} +VERSION=${VERSION:-0.5} BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: diff --git a/source/n/rp-pppoe/rp-pppoe.SlackBuild b/source/n/rp-pppoe/rp-pppoe.SlackBuild index 40fd4a01b..d23e97a0e 100755 --- a/source/n/rp-pppoe/rp-pppoe.SlackBuild +++ b/source/n/rp-pppoe/rp-pppoe.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,7 +20,8 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=3.10 +PKGNAM=rp-pppoe +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: @@ -53,7 +54,7 @@ rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf rp-pppoe-$VERSION -tar xvf $CWD/rp-pppoe-$VERSION.tar.gz || exit 1 +tar xvf $CWD/rp-pppoe-$VERSION.tar.?z* || exit 1 cd rp-pppoe-$VERSION/src || exit 1 chown -R root:root . find . \ diff --git a/source/n/samba/doinst.sh b/source/n/samba/doinst.sh index c7b358ed1..eb2b0b58c 100644 --- a/source/n/samba/doinst.sh +++ b/source/n/samba/doinst.sh @@ -11,6 +11,7 @@ config() { # Otherwise, we leave the .new copy for the admin to consider... } config etc/rc.d/rc.samba.new +config etc/samba/lmhosts.new # This won't be needed. The point here is to preserve the permissions of the existing # file, if there is one. I don't see major new development happening in rc.samba... ;-) rm -f etc/rc.d/rc.samba.new diff --git a/source/n/samba/prune-samba.sh b/source/n/samba/prune-samba.sh deleted file mode 100755 index a6106df33..000000000 --- a/source/n/samba/prune-samba.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - -# Copyright 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -# Pare down the Samba sources to just Samba3 for now, and drop redundant docs. -# This script expects the samba sources to be unpacked in the current -# directory. It will then "pare" them. You'll be expected to repack them -# afterwards. - -cd samba-?.?.? || cd samba-?.?.?? || exit 1 - -rm --verbose WHATSNEW4.txt howto-ol-backend-s4.txt howto4.txt prog_guide4.txt -rm -r --verbose docs-xml packaging4 source4 swat2* -rm --verbose docs/*.pdf - diff --git a/source/n/samba/pytalloc-util.pc b/source/n/samba/pytalloc-util.pc new file mode 100644 index 000000000..800a9a815 --- /dev/null +++ b/source/n/samba/pytalloc-util.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=${prefix} +libdir=${prefix}/lib +includedir=${prefix}/include + +Name: pytalloc-util +Description: Utility functions for using talloc objects with Python +Version: 2.0.8 +Libs: -L${libdir} -lpytalloc-util +Cflags: -Wl,-rpath,/usr/lib -I${includedir} +URL: http://talloc.samba.org/ diff --git a/source/n/samba/samba.SlackBuild b/source/n/samba/samba.SlackBuild index 16db23417..2257abb82 100755 --- a/source/n/samba/samba.SlackBuild +++ b/source/n/samba/samba.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,26 +20,62 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# Modified 2012 by Eric Hameleers <alien at slackware.com> for ARM port. + VERSION=${VERSION:-$(echo samba-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} - -# Automatically determine the architecture we're building on: -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i486 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac +BUILD=${BUILD:-2} + +if [ -e $CWD/machine.conf ]; then + . $CWD/machine.conf ] +elif [ -e /etc/slackbuild/machine.conf ]; then + . /etc/slackbuild/machine.conf ] +else + # Automatically determine the architecture we're building on: + if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac + fi + # Set CFLAGS/CXXFLAGS and LIBDIRSUFFIX: + if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" + else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + fi fi +case "$ARCH" in + arm*) TARGET=$ARCH-slackware-linux-gnueabi ;; + *) TARGET=$ARCH-slackware-linux ;; +esac + CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-samba rm -rf $PKG mkdir -p $TMP $PKG +if [ -r /usr/lib${LIBDIRSUFFIX}/libtalloc.so.? -a ! -r /var/log/packages/talloc* ]; then + echo "The Samba package needs to be removed before building to ensure that" + echo "talloc (and possibly other bundled libraries) are included in the build." + echo + echo "Removing the Samba package in 15 seconds, and then continuing with the build." + sleep 15 + removepkg samba +fi + cd $TMP rm -rf samba-$VERSION tar xvf $CWD/samba-$VERSION.tar.xz || exit 1 @@ -59,21 +95,6 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -cd source3 -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "s390" ]; then - SLKCFLAGS="-O2" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "x86_64" ]; then - SLKCFLAGS="-O2 -fPIC" - LIBDIRSUFFIX="64" -else - SLKCFLAGS="-O2" - LIBDIRSUFFIX="" -fi - # Some of these options could be auto-detected, but declaring them # here doesn't hurt and helps document what features we're trying to # build in. @@ -82,8 +103,10 @@ fi LDFLAGS="-Wl,--no-as-needed" \ CFLAGS="$SLKCFLAGS" \ ./configure \ + --enable-fhs \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ + --includedir=/usr/include \ --bindir=/usr/bin \ --sbindir=/usr/sbin \ --mandir=/usr/man \ @@ -91,28 +114,30 @@ CFLAGS="$SLKCFLAGS" \ --with-configdir=/etc/samba \ --with-piddir=/var/run \ --with-privatedir=/etc/samba/private \ - --localstatedir=/var \ + --with-privatelibdir=/usr/lib${LIBDIRSUFFIX} \ + --with-modulesdir=/usr/lib${LIBDIRSUFFIX} \ --with-lockdir=/var/cache/samba \ - --with-swatdir=/usr/share/swat \ --with-logfilebase=/var/log/samba \ + --localstatedir=/var \ --enable-cups \ - --enable-external-libtalloc=no \ - --enable-static=no \ - --enable-shared=yes \ - --with-acl-support=yes \ + --with-acl-support \ --with-automount \ --with-quotas \ --with-syslog \ --with-utmp \ - --with-libsmbclient \ --with-winbind \ --with-ldap \ - --build=$ARCH-slackware-linux - # Using with-fhs overrides our libdir, and besides we are already hard-coding - # directories. So, now we define them all explicitly... - #--with-fhs \ + --with-ads \ + --without-pam \ + --build=$TARGET + # Gives errors: + #--builtin-libraries=replace,ccan \ + #--bundled-libraries=heimdal \ # -j options don't seem to work... +JOBS=6 +MAXJOBS=6 +export JOBS MAXJOBS make || exit 1 mkdir -p \ @@ -124,30 +149,52 @@ mkdir -p \ chmod 700 $PKG/etc/samba/private chmod 1777 $PKG/var/spool/samba -make install-everything DESTDIR=$PKG || exit 1 - -# Install libnss_win* libraries: -mkdir -p $PKG/lib${LIBDIRSUFFIX} -cp -a ../nsswitch/libnss_winbind.so $PKG/lib${LIBDIRSUFFIX}/libnss_winbind.so.2 -cp -a ../nsswitch/libnss_wins.so $PKG/lib${LIBDIRSUFFIX}/libnss_wins.so.2 -( cd $PKG/lib${LIBDIRSUFFIX} - ln -sf libnss_winbind.so.2 libnss_winbind.so - ln -sf libnss_wins.so.2 libnss_wins.so -) +make install DESTDIR=$PKG || exit 1 # Install pkgconfig files: mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig -cp -a pkgconfig/*.pc $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc ]; then cat $CWD/talloc.pc | sed -e "s/\/lib/\/lib${LIBDIRSUFFIX}/" > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc fi +if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/pytalloc-util.pc ]; then + cat $CWD/pytalloc-util.pc | sed -e "s/\/lib/\/lib${LIBDIRSUFFIX}/" > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/pytalloc-util.pc +fi + +# Install talloc.h: +if [ ! -r $PKG/usr/include/talloc.h ]; then + cp -a lib/talloc/talloc.h $PKG/usr/include + chown root:root $PKG/usr/include/talloc.h + chmod 644 $PKG/usr/include/talloc.h +fi + +# Make symlink for pytalloc.h in /usr/include: +if [ ! -r $PKG/usr/include/pytalloc.h ]; then + if [ -r $PKG/usr/include/samba-4.0/pytalloc.h ]; then + ( cd $PKG/usr/include ; ln -sf samba-4.0/pytalloc.h . ) + fi +fi + +# Make symlink for libtalloc.so: +if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/libtalloc.so -a -r $PKG/usr/lib${LIBDIRSUFFIX}/libtalloc.so.? ]; then + ( cd $PKG/usr/lib${LIBDIRSUFFIX} ; ln -sf libtalloc.so.? libtalloc.so ) +fi + +# Make symlink for libpytalloc-util.so: +if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/libpytalloc-util.so -a -r $PKG/usr/lib${LIBDIRSUFFIX}/libpytalloc-util.so.? ]; then + ( cd $PKG/usr/lib${LIBDIRSUFFIX} ; ln -sf libpytalloc-util.so.? libpytalloc-util.so ) +fi + +# Install the smbprint script: +install -m0744 packaging/printing/smbprint $PKG/usr/bin/smbprint # Add a sample config file: cat $CWD/smb.conf.default > $PKG/etc/samba/smb.conf-sample +# Setup a default lmhosts file: +echo "127.0.0.1 localhost" > $PKG/etc/samba/lmhosts.new + if [ ! -r $PKG/usr/bin/smbget ]; then rm -f $PKG/usr/share/man/man1/smbget.1 - rm -f $PKG/usr/share/swat/help/smbget.1.html fi # We'll add rc.samba to the init directory, but chmod 644 so that it doesn't @@ -166,7 +213,6 @@ find $PKG | xargs file | grep -e "executable" -e "shared object" \ rm -r $PKG/usr/share/locale rm -f $PKG/usr/man/man8/pam* -cd .. cp -a \ COPYING* MAINTAINERS Manifest PFIF.txt README* \ Read-Manifest-Now Roadmap WHATSNEW.txt docs examples \ @@ -174,10 +220,8 @@ cp -a \ # These are installed elsewhere: rm -rf $PKG/usr/doc/samba-$VERSION/docs/htmldocs \ $PKG/usr/doc/samba-$VERSION/docs/manpages -mkdir -p $PKG/usr/doc/samba-$VERSION/docs -( cd $PKG/usr/doc/samba-$VERSION/docs - ln -sf /usr/share/swat/help htmldocs -) +# Empty now? +rmdir $PKG/usr/doc/samba-$VERSION/docs 2> /dev/null # I'm sorry, but when all this info is included in HTML, adding 7MB worth of # PDF files just to have extra artwork is more fluff than I'll agree to. rm -f $PKG/usr/doc/samba-$VERSION/docs/*.pdf diff --git a/source/n/samba/smb.conf.default b/source/n/samba/smb.conf.default index 44ba134f6..c41cfff60 100644 --- a/source/n/samba/smb.conf.default +++ b/source/n/samba/smb.conf.default @@ -28,10 +28,16 @@ # server string is the equivalent of the NT Description field server string = Samba Server -# Security mode. Defines in which mode Samba will operate. Possible -# values are share, user, server, domain and ads. Most people will want -# user level security. See the Samba-HOWTO-Collection for details. - security = user +# Server role. Defines in which mode Samba will operate. Possible +# values are "standalone server", "member server", "classic primary +# domain controller", "classic backup domain controller", "active +# directory domain controller". +# +# Most people will want "standalone sever" or "member server". +# Running as "active directory domain controller" will require first +# running "samba-tool domain provision" to wipe databases and create a +# new domain. + server role = standalone server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The @@ -40,23 +46,6 @@ # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. -# If you want to automatically load your printer list rather -# than setting them up individually then you'll need this - load printers = yes - -# you may wish to override the location of the printcap file -; printcap name = /etc/printcap - -# on SystemV system setting printcap name to lpstat should allow -# you to automatically obtain a printer list from the SystemV spool -# system -; printcap name = lpstat - -# It should not be necessary to specify the print system type unless -# it is non-standard. Currently supported print systems include: -# bsd, cups, sysv, plp, lprng, aix, hpux, qnx -; printing = cups - # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest @@ -68,15 +57,7 @@ # Put a capping on the size of the log files (in Kb). max log size = 50 -# Use password server option only with security = server -# The argument list may include: -# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] -# or to auto-locate the domain controller/s -# password server = * -; password server = <NT-Server-Name> - -# Use the realm option only with security = ads -# Specifies the Active Directory realm the host is part of +# Specifies the Kerberos or Active Directory realm the host is part of ; realm = MY_REALM # Backend to store user information in. New installations should @@ -96,35 +77,6 @@ # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 -# Browser Control Options: -# set local master to no if you don't want Samba to become a master -# browser on your network. Otherwise the normal election rules apply -; local master = no - -# OS Level determines the precedence of this server in master browser -# elections. The default value should be reasonable -; os level = 33 - -# Domain Master specifies Samba to be the Domain Master Browser. This -# allows Samba to collate browse lists between subnets. Don't use this -# if you already have a Windows NT domain controller doing this job -; domain master = yes - -# Preferred Master causes Samba to force a local browser election on startup -# and gives it a slightly higher chance of winning the election -; preferred master = yes - -# Enable this if you want Samba to be a domain logon server for -# Windows95 workstations. -; domain logons = yes - -# if you enable domain logons then you may want a per-machine or -# per user logon script -# run a specific logon batch file per workstation (machine) -; logon script = %m.bat -# run a specific logon batch file per username -; logon script = %U.bat - # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below diff --git a/source/n/samba/smb.conf.default.orig b/source/n/samba/smb.conf.default.orig index b4e3d63e0..bb9c2e25e 100644 --- a/source/n/samba/smb.conf.default.orig +++ b/source/n/samba/smb.conf.default.orig @@ -28,10 +28,16 @@ # server string is the equivalent of the NT Description field server string = Samba Server -# Security mode. Defines in which mode Samba will operate. Possible -# values are share, user, server, domain and ads. Most people will want -# user level security. See the Samba-HOWTO-Collection for details. - security = user +# Server role. Defines in which mode Samba will operate. Possible +# values are "standalone server", "member server", "classic primary +# domain controller", "classic backup domain controller", "active +# directory domain controller". +# +# Most people will want "standalone sever" or "member server". +# Running as "active directory domain controller" will require first +# running "samba-tool domain provision" to wipe databases and create a +# new domain. + server role = standalone server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The @@ -40,23 +46,6 @@ # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. -# If you want to automatically load your printer list rather -# than setting them up individually then you'll need this - load printers = yes - -# you may wish to override the location of the printcap file -; printcap name = /etc/printcap - -# on SystemV system setting printcap name to lpstat should allow -# you to automatically obtain a printer list from the SystemV spool -# system -; printcap name = lpstat - -# It should not be necessary to specify the print system type unless -# it is non-standard. Currently supported print systems include: -# bsd, cups, sysv, plp, lprng, aix, hpux, qnx -; printing = cups - # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest @@ -68,15 +57,7 @@ # Put a capping on the size of the log files (in Kb). max log size = 50 -# Use password server option only with security = server -# The argument list may include: -# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] -# or to auto-locate the domain controller/s -# password server = * -; password server = <NT-Server-Name> - -# Use the realm option only with security = ads -# Specifies the Active Directory realm the host is part of +# Specifies the Kerberos or Active Directory realm the host is part of ; realm = MY_REALM # Backend to store user information in. New installations should @@ -96,35 +77,6 @@ # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 -# Browser Control Options: -# set local master to no if you don't want Samba to become a master -# browser on your network. Otherwise the normal election rules apply -; local master = no - -# OS Level determines the precedence of this server in master browser -# elections. The default value should be reasonable -; os level = 33 - -# Domain Master specifies Samba to be the Domain Master Browser. This -# allows Samba to collate browse lists between subnets. Don't use this -# if you already have a Windows NT domain controller doing this job -; domain master = yes - -# Preferred Master causes Samba to force a local browser election on startup -# and gives it a slightly higher chance of winning the election -; preferred master = yes - -# Enable this if you want Samba to be a domain logon server for -# Windows95 workstations. -; domain logons = yes - -# if you enable domain logons then you may want a per-machine or -# per user logon script -# run a specific logon batch file per workstation (machine) -; logon script = %m.bat -# run a specific logon batch file per username -; logon script = %U.bat - # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below diff --git a/source/n/samba/smb.conf.diff b/source/n/samba/smb.conf.diff index 3573a8f0b..b08d2b12d 100644 --- a/source/n/samba/smb.conf.diff +++ b/source/n/samba/smb.conf.diff @@ -1,5 +1,5 @@ ---- smb.conf.default.orig 2009-09-30 07:17:40.000000000 -0500 -+++ smb.conf.default 2009-10-03 15:59:26.000000000 -0500 +--- smb.conf.default.orig 2013-06-13 04:21:02.000000000 -0500 ++++ smb.conf.default 2013-10-15 20:02:31.684043875 -0500 @@ -22,7 +22,7 @@ #======================= Global Settings ===================================== [global] @@ -9,7 +9,7 @@ workgroup = MYGROUP # server string is the equivalent of the NT Description field -@@ -63,7 +63,7 @@ +@@ -52,7 +52,7 @@ # this tells Samba to use a separate log file for each machine # that connects @@ -18,7 +18,7 @@ # Put a capping on the size of the log files (in Kb). max log size = 50 -@@ -184,7 +184,7 @@ +@@ -136,7 +136,7 @@ # specifically define each individual printer [printers] comment = All Printers diff --git a/source/n/samba/talloc.pc b/source/n/samba/talloc.pc index 7a23835ce..125977d19 100644 --- a/source/n/samba/talloc.pc +++ b/source/n/samba/talloc.pc @@ -1,11 +1,11 @@ prefix=/usr exec_prefix=${prefix} -libdir=${exec_prefix}/lib +libdir=${prefix}/lib includedir=${prefix}/include Name: talloc Description: A hierarchical pool based memory system with destructors -Version: 2.0.1 -Libs: -L${libdir} -ltalloc +Version: 2.0.8 +Libs: -Wl,-rpath,/usr/lib -L${libdir} -ltalloc Cflags: -I${includedir} URL: http://talloc.samba.org/ diff --git a/source/n/sendmail/8.14.5.auth2.p0 b/source/n/sendmail/8.14.5.auth2.p0 deleted file mode 100644 index 13cdacc77..000000000 --- a/source/n/sendmail/8.14.5.auth2.p0 +++ /dev/null @@ -1,23 +0,0 @@ ---- sendmail.h- Tue May 24 16:24:39 2011 -+++ sendmail.h Tue May 24 16:25:29 2011 -@@ -721,9 +721,9 @@ - #if STARTTLS - #define MCIF_TLS 0x00100000 /* STARTTLS supported */ - #define MCIF_TLSACT 0x00200000 /* STARTTLS active */ --#define MCIF_EXTENS (MCIF_EXPN | MCIF_SIZE | MCIF_8BITMIME | MCIF_DSN | MCIF_8BITOK | MCIF_AUTH | MCIF_ENHSTAT | MCIF_TLS) - #else /* STARTTLS */ --#define MCIF_EXTENS (MCIF_EXPN | MCIF_SIZE | MCIF_8BITMIME | MCIF_DSN | MCIF_8BITOK | MCIF_AUTH | MCIF_ENHSTAT) -+#define MCIF_TLS 0 -+#define MCIF_TLSACT 0 - #endif /* STARTTLS */ - #define MCIF_DLVR_BY 0x00400000 /* DELIVERBY */ - #if _FFR_IGNORE_EXT_ON_HELO -@@ -732,6 +732,8 @@ - #define MCIF_INLONGLINE 0x01000000 /* in the middle of a long line */ - #define MCIF_AUTH2 0x02000000 /* got 2 AUTH lines */ - #define MCIF_ONLY_EHLO 0x10000000 /* use only EHLO in smtpinit */ -+ -+#define MCIF_EXTENS (MCIF_EXPN | MCIF_SIZE | MCIF_8BITMIME | MCIF_DSN | MCIF_8BITOK | MCIF_AUTH | MCIF_ENHSTAT | MCIF_TLS | MCIF_AUTH2) - - /* states */ - #define MCIS_CLOSED 0 /* no traffic on this connection */ diff --git a/source/n/sendmail/SlackBuild-sendmail b/source/n/sendmail/SlackBuild-sendmail index 17c79a24e..3a46a527c 100755 --- a/source/n/sendmail/SlackBuild-sendmail +++ b/source/n/sendmail/SlackBuild-sendmail @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,8 +20,8 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=8.14.5 -BUILD=${BUILD:-3} +VERSION=8.14.7 +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -68,11 +68,6 @@ rm -rf sendmail-$VERSION tar xvf $CWD/sendmail.$VERSION.tar.gz || exit 1 cd sendmail-$VERSION -# Upstream patch to fix broken SMTP AUTH in Sendmail 8.14.5: -cd sendmail -cat $CWD/8.14.5.auth2.p0 | patch -p0 --verbose || exit 1 -cd .. - chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ diff --git a/source/n/sendmail/SlackBuild-sendmail-cf b/source/n/sendmail/SlackBuild-sendmail-cf index e24570415..ad344fa71 100755 --- a/source/n/sendmail/SlackBuild-sendmail-cf +++ b/source/n/sendmail/SlackBuild-sendmail-cf @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,9 +20,9 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=8.14.5 +VERSION=8.14.7 ARCH=noarch -BUILD=${BUILD:-3} +BUILD=${BUILD:-1} CWD=$(pwd) TMP=${TMP:-/tmp} diff --git a/source/n/slrn/slrn.SlackBuild b/source/n/slrn/slrn.SlackBuild index d6f2a8f7e..24a07fc8c 100755 --- a/source/n/slrn/slrn.SlackBuild +++ b/source/n/slrn/slrn.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,8 +21,8 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=0.9.9p1 -BUILD=${BUILD:-4} +VERSION=1.0.1 +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -58,7 +58,7 @@ mkdir -p $TMP $PKG cd $TMP rm -rf slrn-$VERSION -tar xvf $CWD/slrn-$VERSION.tar.bz2 || exit 1 +tar xvf $CWD/slrn-$VERSION.tar.?z* || exit 1 cd slrn-$VERSION || exit 1 chown -R root:root . find . \ diff --git a/source/n/tcpdump/slack-desc b/source/n/tcpdump/slack-desc index 1adda180e..5e9696434 100644 --- a/source/n/tcpdump/slack-desc +++ b/source/n/tcpdump/slack-desc @@ -13,7 +13,7 @@ tcpdump: can use it to dump information on all the packets on a network that tcpdump: match a boolean expression. Tcpdump uses libpcap, a system tcpdump: independent interface for user-level packet capture. tcpdump: -tcpdump: Project homepage: http://sourceforge.net/projects/tcpdump/ +tcpdump: Project homepage: http://www.tcpdump.org tcpdump: tcpdump: tcpdump: diff --git a/source/n/tftp-hpa/tftp-hpa-0.49.tar.bz2.sign b/source/n/tftp-hpa/tftp-hpa-0.49.tar.bz2.sign deleted file mode 100644 index de4c7fbb4..000000000 --- a/source/n/tftp-hpa/tftp-hpa-0.49.tar.bz2.sign +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.9 (GNU/Linux) -Comment: See http://www.kernel.org/signature.html for info - -iD8DBQBI/QH7yGugalF9Dw4RAjZZAJ0Ro/KGEOFgQt0Ewk6BRuYQpnv/lQCfUIIJ -lyM+y31FV4/xhLoNKcr8JtA= -=X8qg ------END PGP SIGNATURE----- diff --git a/source/n/tftp-hpa/tftp-hpa-5.2.tar.sign b/source/n/tftp-hpa/tftp-hpa-5.2.tar.sign new file mode 100644 index 000000000..375f5d84b --- /dev/null +++ b/source/n/tftp-hpa/tftp-hpa-5.2.tar.sign @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.11 (GNU/Linux) + +iQIcBAABAgAGBQJO5StXAAoJEIiuZH1Y96v+6AEP+gLaSNgbxcFgTcRUsZfp+7at +I6vUqBDFcN3fa7mLAyJqD5haGHl+oyx/zliSS/kscGmc4he2TMgvXjc8gWKUYf5I +5OF4+2qHGXWzGA9sVxTP6KLWEYY8ICjHs0ALk2HVNV9zF64f6pulz/jUkBXL1deA +fpgioO26vzt/yWl9lp1VWi5e74It6sx4c6F/j5drMErfzwuQGrW5vQ5MhK7+NGhL +Hb4jdEEZ12MquZlcYYDdx7zci0MrVF4QNasIL3OeIGmpda/I068xcz76pJdQbPXD +sRaN3ZkKP8cXRMDZn4DGFD+DMQ70vsroIXyM9nsR+6FOKXN7yQ3mX76JlhRr8Cmu +FrsmmBrKNKW1Qvmwjoceq+qUoZpCPUnG9Ku1rOMFEegbPVNdii4SQnAp1GldK9vO +az6SYCHJEOoLylaDL0ew8Uv/MO1HuokaaFA1icFxv4Uuphebx+bcum8YyojKX+Iu +SVeLNLH+C4SnbranzspNqSDnXjc8Ut0vuSDWfjavK+U4KapMTe8qeHHF7SwdFBft +hzi5MaoCq45G7BzyjTnhPgpURoDQ1bZ0jtmZNqdTCMZXWALA88Ypxx0VqKS7zO4P +Q/audzxXVK7XZC4vzFjfs7jR19vrx8h3EpHy9PlP6t3IiDHHjN5TgOaminWEFSKK +NyAsWe0wZuO5LJ7txFTN +=8kNU +-----END PGP SIGNATURE----- diff --git a/source/n/tftp-hpa/tftp-hpa.SlackBuild b/source/n/tftp-hpa/tftp-hpa.SlackBuild index 6fcc104ff..b5b36fbca 100755 --- a/source/n/tftp-hpa/tftp-hpa.SlackBuild +++ b/source/n/tftp-hpa/tftp-hpa.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,7 +22,7 @@ PKGNAM=tftp-hpa -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: @@ -46,7 +46,7 @@ mkdir -p $TMP $PKG cd $TMP rm -rf tftp-hpa-$VERSION -tar xvf $CWD/tftp-hpa-$VERSION.tar.bz2 || exit 1 +tar xvf $CWD/tftp-hpa-$VERSION.tar.xz || exit 1 cd tftp-hpa-$VERSION || exit 1 chown -R root:root . diff --git a/source/n/tin/tin-1.8.3.tar.bz2.sign b/source/n/tin/tin-1.8.3.tar.bz2.sign deleted file mode 100644 index 455fe0c82..000000000 --- a/source/n/tin/tin-1.8.3.tar.bz2.sign +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PGP MESSAGE----- -Version: 2.6.3ia - -iQCVAwUARcHorlpJVQ60kLTRAQEqmwQA1i62sO941RPciwqfBIZiKbsoAUl/h/Mm -WXSKPi+S6KzYEeHk7yOwCY+EP+2adL2eYGVTVZeWoT16YmlHGzYw8wsH2zUuDF4M -sH6z2MyWv8IL5/ELlHnvg710SlkQQmJFHSxcXhiA2i0E7mKeJ1ozFmrwqo88kt4Y -8S8uupIHbnE= -=hwqI ------END PGP MESSAGE----- diff --git a/source/n/tin/tin.SlackBuild b/source/n/tin/tin.SlackBuild index a344150df..1e0f29081 100755 --- a/source/n/tin/tin.SlackBuild +++ b/source/n/tin/tin.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,8 +22,8 @@ PKGNAM=tin -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -44,7 +44,7 @@ mkdir -p $TMP $PKG cd $TMP rm -rf tin-$VERSION -tar xvf $CWD/tin-$VERSION.tar.bz2 || exit 1 +tar xvf $CWD/tin-$VERSION.tar.?z* || exit 1 cd tin-$VERSION || exit 1 chown -R root:root . find . \ diff --git a/source/n/ulogd/doinst.sh b/source/n/ulogd/doinst.sh new file mode 100644 index 000000000..6f21ee33e --- /dev/null +++ b/source/n/ulogd/doinst.sh @@ -0,0 +1,28 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ -e $OLD ]; then + cp -a $OLD ${NEW}.incoming + cat $NEW > ${NEW}.incoming + mv ${NEW}.incoming $NEW + fi + config $NEW +} + +config etc/ulogd.conf.new +config etc/logrotate.d/ulogd.new +preserve_perms etc/rc.d/rc.ulogd.new + diff --git a/source/n/ulogd/rc.ulogd b/source/n/ulogd/rc.ulogd new file mode 100644 index 000000000..d7e2fb1bb --- /dev/null +++ b/source/n/ulogd/rc.ulogd @@ -0,0 +1,36 @@ +#!/bin/sh +# +# Start/stop/restart ulogd +# + +ulogd_start() { + if [ -x /usr/sbin/ulogd ]; then + echo "Starting ulogd daemon: /usr/sbin/ulogd " + /usr/sbin/ulogd -d 2> /dev/null + fi +} + +ulogd_stop() { + killall ulogd 2> /dev/null +} + +ulogd_restart() { + ulogd_stop + sleep 1 + ulogd_start +} + +case "$1" in +'start') + ulogd_start + ;; +'stop') + ulogd_stop + ;; +'restart') + ulogd_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac + diff --git a/source/n/ulogd/slack-desc b/source/n/ulogd/slack-desc new file mode 100644 index 000000000..ce1298f9e --- /dev/null +++ b/source/n/ulogd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +ulogd: ulogd (Userspace Logging Daemon) +ulogd: +ulogd: ulogd is a userspace logging daemon for netfilter/iptables related +ulogd: logging. This includes per-packet logging of security violations, +ulogd: per-packet logging for accounting, per-flow logging and flexible +ulogd: user-defined accounting. +ulogd: +ulogd: +ulogd: +ulogd: +ulogd: diff --git a/source/n/ulogd/ulogd.SlackBuild b/source/n/ulogd/ulogd.SlackBuild new file mode 100755 index 000000000..3e7eaade0 --- /dev/null +++ b/source/n/ulogd/ulogd.SlackBuild @@ -0,0 +1,114 @@ +#!/bin/sh + +# Slackware build script for ulogd + +# Copyright 2006-2013 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=ulogd +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i486 ;; + arm*) ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +set -e + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +chmod -R a-s,u+w,go+r-w . + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +cd doc + sgml2txt ulogd.sgml + sgml2html -s 0 ulogd.sgml +cd .. + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/etc +cp -a ulogd.conf $PKG/etc/ulogd.conf.new + +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.ulogd > $PKG/etc/rc.d/rc.ulogd.new +chmod 0755 $PKG/etc/rc.d/rc.ulogd.new + +mkdir -p $PKG/etc/logrotate.d +cat ulogd.logrotate > $PKG/etc/logrotate.d/ulogd.new + +find $PKG/usr/man -exec gzip -9 {} \; + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/samples +cp -a \ + AUTHORS COPYING* README* TODO doc/ulogd.{txt,html} \ + $PKG/usr/doc/$PKGNAM-$VERSION +cp -a doc/*.sql doc/*.table $PKG/usr/doc/$PKGNAM-$VERSION/samples + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/wget/wget.SlackBuild b/source/n/wget/wget.SlackBuild index 6706c161f..c2954cbdd 100755 --- a/source/n/wget/wget.SlackBuild +++ b/source/n/wget/wget.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,7 +22,7 @@ VERSION=${VERSION:-$(echo wget-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j7 "} diff --git a/source/n/wireless-tools/scripts/rc.wireless b/source/n/wireless-tools/scripts/rc.wireless index 51623d506..d1264a1fc 100644 --- a/source/n/wireless-tools/scripts/rc.wireless +++ b/source/n/wireless-tools/scripts/rc.wireless @@ -47,7 +47,7 @@ # 16/apr/2008 * Pat Volkerding * Make sure that HWADDR is all upper case. # 23/apr/2008 * Pat Volkerding * Increase sleep time after bringing up an # interface to 3 seconds. Some drivers -# need this additional time to initalize. +# need this additional time to initialize. # 02/jan/2010 * Pat Volkerding * Look for /sys/class/net/$NETDEV/wireless rather # than the contents of /proc/net/wireless to find # if a network device is wireless. In newer diff --git a/source/n/wpa_supplicant/config/dot.config b/source/n/wpa_supplicant/config/dot.config index f4d7306b9..45593ac6f 100644 --- a/source/n/wpa_supplicant/config/dot.config +++ b/source/n/wpa_supplicant/config/dot.config @@ -1,3 +1,4 @@ +CONFIG_AP=y CONFIG_BACKEND=file CONFIG_BGSCAN_SIMPLE=y CONFIG_CTRL_IFACE=y @@ -24,19 +25,13 @@ CONFIG_EAP_SAKE=y CONFIG_EAP_TLS=y CONFIG_EAP_TNC=y CONFIG_EAP_TTLS=y +CONFIG_IBSS_RSN=y CONFIG_IEEE8021X_EAPOL=y CONFIG_LIBNL32=y +CONFIG_P2P=y CONFIG_PEERKEY=y CONFIG_PKCS12=y CONFIG_READLINE=y CONFIG_SMARTCARD=y CONFIG_WPS=y -# These five are not defined by Fedora -# Do we still need them? -#CONFIG_DRIVER_ATMEL=y -#CONFIG_DRIVER_HOSTAP=y -#CONFIG_DRIVER_IPW=y -#CONFIG_DRIVER_NDISWRAPPER=y -#CONFIG_DRIVER_RALINK=y - diff --git a/source/n/wpa_supplicant/patches/assoc-timeout.diff b/source/n/wpa_supplicant/patches/assoc-timeout.diff new file mode 100644 index 000000000..5739705cb --- /dev/null +++ b/source/n/wpa_supplicant/patches/assoc-timeout.diff @@ -0,0 +1,3816 @@ +diff -Nur wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c +--- wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c 2013-01-12 09:42:53.000000000 -0600 ++++ wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c 2013-05-11 14:09:34.586718122 -0500 +@@ -1666,10 +1666,10 @@ + + if (assoc_failed) { + /* give IBSS a bit more time */ +- timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; ++ timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; + } else if (wpa_s->conf->ap_scan == 1) { + /* give IBSS a bit more time */ +- timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; ++ timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 20; + } + wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); + } +diff -Nur wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c.orig wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c.orig +--- wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c.orig 1969-12-31 18:00:00.000000000 -0600 ++++ wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c.orig 2013-01-12 09:42:53.000000000 -0600 +@@ -0,0 +1,3796 @@ ++/* ++ * WPA Supplicant ++ * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> ++ * ++ * This software may be distributed under the terms of the BSD license. ++ * See README for more details. ++ * ++ * This file implements functions for registering and unregistering ++ * %wpa_supplicant interfaces. In addition, this file contains number of ++ * functions for managing network connections. ++ */ ++ ++#include "includes.h" ++ ++#include "common.h" ++#include "crypto/random.h" ++#include "crypto/sha1.h" ++#include "eapol_supp/eapol_supp_sm.h" ++#include "eap_peer/eap.h" ++#include "eap_server/eap_methods.h" ++#include "rsn_supp/wpa.h" ++#include "eloop.h" ++#include "config.h" ++#include "utils/ext_password.h" ++#include "l2_packet/l2_packet.h" ++#include "wpa_supplicant_i.h" ++#include "driver_i.h" ++#include "ctrl_iface.h" ++#include "pcsc_funcs.h" ++#include "common/version.h" ++#include "rsn_supp/preauth.h" ++#include "rsn_supp/pmksa_cache.h" ++#include "common/wpa_ctrl.h" ++#include "common/ieee802_11_defs.h" ++#include "p2p/p2p.h" ++#include "blacklist.h" ++#include "wpas_glue.h" ++#include "wps_supplicant.h" ++#include "ibss_rsn.h" ++#include "sme.h" ++#include "gas_query.h" ++#include "ap.h" ++#include "p2p_supplicant.h" ++#include "wifi_display.h" ++#include "notify.h" ++#include "bgscan.h" ++#include "autoscan.h" ++#include "bss.h" ++#include "scan.h" ++#include "offchannel.h" ++#include "hs20_supplicant.h" ++ ++const char *wpa_supplicant_version = ++"wpa_supplicant v" VERSION_STR "\n" ++"Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> and contributors"; ++ ++const char *wpa_supplicant_license = ++"This software may be distributed under the terms of the BSD license.\n" ++"See README for more details.\n" ++#ifdef EAP_TLS_OPENSSL ++"\nThis product includes software developed by the OpenSSL Project\n" ++"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" ++#endif /* EAP_TLS_OPENSSL */ ++; ++ ++#ifndef CONFIG_NO_STDOUT_DEBUG ++/* Long text divided into parts in order to fit in C89 strings size limits. */ ++const char *wpa_supplicant_full_license1 = ++""; ++const char *wpa_supplicant_full_license2 = ++"This software may be distributed under the terms of the BSD license.\n" ++"\n" ++"Redistribution and use in source and binary forms, with or without\n" ++"modification, are permitted provided that the following conditions are\n" ++"met:\n" ++"\n"; ++const char *wpa_supplicant_full_license3 = ++"1. Redistributions of source code must retain the above copyright\n" ++" notice, this list of conditions and the following disclaimer.\n" ++"\n" ++"2. Redistributions in binary form must reproduce the above copyright\n" ++" notice, this list of conditions and the following disclaimer in the\n" ++" documentation and/or other materials provided with the distribution.\n" ++"\n"; ++const char *wpa_supplicant_full_license4 = ++"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" ++" names of its contributors may be used to endorse or promote products\n" ++" derived from this software without specific prior written permission.\n" ++"\n" ++"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" ++"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" ++"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" ++"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; ++const char *wpa_supplicant_full_license5 = ++"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" ++"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" ++"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" ++"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" ++"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" ++"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" ++"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" ++"\n"; ++#endif /* CONFIG_NO_STDOUT_DEBUG */ ++ ++extern int wpa_debug_level; ++extern int wpa_debug_show_keys; ++extern int wpa_debug_timestamp; ++extern struct wpa_driver_ops *wpa_drivers[]; ++ ++/* Configure default/group WEP keys for static WEP */ ++int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) ++{ ++ int i, set = 0; ++ ++ for (i = 0; i < NUM_WEP_KEYS; i++) { ++ if (ssid->wep_key_len[i] == 0) ++ continue; ++ ++ set = 1; ++ wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, ++ i, i == ssid->wep_tx_keyidx, NULL, 0, ++ ssid->wep_key[i], ssid->wep_key_len[i]); ++ } ++ ++ return set; ++} ++ ++ ++static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, ++ struct wpa_ssid *ssid) ++{ ++ u8 key[32]; ++ size_t keylen; ++ enum wpa_alg alg; ++ u8 seq[6] = { 0 }; ++ ++ /* IBSS/WPA-None uses only one key (Group) for both receiving and ++ * sending unicast and multicast packets. */ ++ ++ if (ssid->mode != WPAS_MODE_IBSS) { ++ wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not " ++ "IBSS/ad-hoc) for WPA-None", ssid->mode); ++ return -1; ++ } ++ ++ if (!ssid->psk_set) { ++ wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for " ++ "WPA-None"); ++ return -1; ++ } ++ ++ switch (wpa_s->group_cipher) { ++ case WPA_CIPHER_CCMP: ++ os_memcpy(key, ssid->psk, 16); ++ keylen = 16; ++ alg = WPA_ALG_CCMP; ++ break; ++ case WPA_CIPHER_GCMP: ++ os_memcpy(key, ssid->psk, 16); ++ keylen = 16; ++ alg = WPA_ALG_GCMP; ++ break; ++ case WPA_CIPHER_TKIP: ++ /* WPA-None uses the same Michael MIC key for both TX and RX */ ++ os_memcpy(key, ssid->psk, 16 + 8); ++ os_memcpy(key + 16 + 8, ssid->psk + 16, 8); ++ keylen = 32; ++ alg = WPA_ALG_TKIP; ++ break; ++ default: ++ wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for " ++ "WPA-None", wpa_s->group_cipher); ++ return -1; ++ } ++ ++ /* TODO: should actually remember the previously used seq#, both for TX ++ * and RX from each STA.. */ ++ ++ return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen); ++} ++ ++ ++static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) ++{ ++ struct wpa_supplicant *wpa_s = eloop_ctx; ++ const u8 *bssid = wpa_s->bssid; ++ if (is_zero_ether_addr(bssid)) ++ bssid = wpa_s->pending_bssid; ++ wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", ++ MAC2STR(bssid)); ++ wpa_blacklist_add(wpa_s, bssid); ++ wpa_sm_notify_disassoc(wpa_s->wpa); ++ wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); ++ wpa_s->reassociate = 1; ++ ++ /* ++ * If we timed out, the AP or the local radio may be busy. ++ * So, wait a second until scanning again. ++ */ ++ wpa_supplicant_req_scan(wpa_s, 1, 0); ++ ++#ifdef CONFIG_P2P ++ if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled && ++ wpa_s->global->p2p != NULL) { ++ wpa_s->global->p2p_cb_on_scan_complete = 0; ++ if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation " ++ "continued after timed out authentication"); ++ } ++ } ++#endif /* CONFIG_P2P */ ++} ++ ++ ++/** ++ * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication ++ * @wpa_s: Pointer to wpa_supplicant data ++ * @sec: Number of seconds after which to time out authentication ++ * @usec: Number of microseconds after which to time out authentication ++ * ++ * This function is used to schedule a timeout for the current authentication ++ * attempt. ++ */ ++void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, ++ int sec, int usec) ++{ ++ if (wpa_s->conf && wpa_s->conf->ap_scan == 0 && ++ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) ++ return; ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " ++ "%d usec", sec, usec); ++ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); ++ eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); ++} ++ ++ ++/** ++ * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout ++ * @wpa_s: Pointer to wpa_supplicant data ++ * ++ * This function is used to cancel authentication timeout scheduled with ++ * wpa_supplicant_req_auth_timeout() and it is called when authentication has ++ * been completed. ++ */ ++void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) ++{ ++ wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); ++ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); ++ wpa_blacklist_del(wpa_s, wpa_s->bssid); ++} ++ ++ ++/** ++ * wpa_supplicant_initiate_eapol - Configure EAPOL state machine ++ * @wpa_s: Pointer to wpa_supplicant data ++ * ++ * This function is used to configure EAPOL state machine based on the selected ++ * authentication mode. ++ */ ++void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) ++{ ++#ifdef IEEE8021X_EAPOL ++ struct eapol_config eapol_conf; ++ struct wpa_ssid *ssid = wpa_s->current_ssid; ++ ++#ifdef CONFIG_IBSS_RSN ++ if (ssid->mode == WPAS_MODE_IBSS && ++ wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && ++ wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { ++ /* ++ * RSN IBSS authentication is per-STA and we can disable the ++ * per-BSSID EAPOL authentication. ++ */ ++ eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); ++ eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); ++ eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); ++ return; ++ } ++#endif /* CONFIG_IBSS_RSN */ ++ ++ eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); ++ eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); ++ ++ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || ++ wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) ++ eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); ++ else ++ eapol_sm_notify_portControl(wpa_s->eapol, Auto); ++ ++ os_memset(&eapol_conf, 0, sizeof(eapol_conf)); ++ if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { ++ eapol_conf.accept_802_1x_keys = 1; ++ eapol_conf.required_keys = 0; ++ if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { ++ eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; ++ } ++ if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { ++ eapol_conf.required_keys |= ++ EAPOL_REQUIRE_KEY_BROADCAST; ++ } ++ ++ if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) ++ eapol_conf.required_keys = 0; ++ } ++ if (wpa_s->conf) ++ eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; ++ eapol_conf.workaround = ssid->eap_workaround; ++ eapol_conf.eap_disabled = ++ !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && ++ wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && ++ wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; ++ eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); ++#endif /* IEEE8021X_EAPOL */ ++} ++ ++ ++/** ++ * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode ++ * @wpa_s: Pointer to wpa_supplicant data ++ * @ssid: Configuration data for the network ++ * ++ * This function is used to configure WPA state machine and related parameters ++ * to a mode where WPA is not enabled. This is called as part of the ++ * authentication configuration when the selected network does not use WPA. ++ */ ++void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, ++ struct wpa_ssid *ssid) ++{ ++ int i; ++ ++ if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) ++ wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; ++ else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) ++ wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; ++ else ++ wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; ++ wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); ++ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); ++ wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); ++ wpa_s->pairwise_cipher = WPA_CIPHER_NONE; ++ wpa_s->group_cipher = WPA_CIPHER_NONE; ++ wpa_s->mgmt_group_cipher = 0; ++ ++ for (i = 0; i < NUM_WEP_KEYS; i++) { ++ if (ssid->wep_key_len[i] > 5) { ++ wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; ++ wpa_s->group_cipher = WPA_CIPHER_WEP104; ++ break; ++ } else if (ssid->wep_key_len[i] > 0) { ++ wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; ++ wpa_s->group_cipher = WPA_CIPHER_WEP40; ++ break; ++ } ++ } ++ ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, ++ wpa_s->pairwise_cipher); ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); ++#ifdef CONFIG_IEEE80211W ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, ++ wpa_s->mgmt_group_cipher); ++#endif /* CONFIG_IEEE80211W */ ++ ++ pmksa_cache_clear_current(wpa_s->wpa); ++} ++ ++ ++void free_hw_features(struct wpa_supplicant *wpa_s) ++{ ++ int i; ++ if (wpa_s->hw.modes == NULL) ++ return; ++ ++ for (i = 0; i < wpa_s->hw.num_modes; i++) { ++ os_free(wpa_s->hw.modes[i].channels); ++ os_free(wpa_s->hw.modes[i].rates); ++ } ++ ++ os_free(wpa_s->hw.modes); ++ wpa_s->hw.modes = NULL; ++} ++ ++ ++static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) ++{ ++ bgscan_deinit(wpa_s); ++ autoscan_deinit(wpa_s); ++ scard_deinit(wpa_s->scard); ++ wpa_s->scard = NULL; ++ wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); ++ eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); ++ l2_packet_deinit(wpa_s->l2); ++ wpa_s->l2 = NULL; ++ if (wpa_s->l2_br) { ++ l2_packet_deinit(wpa_s->l2_br); ++ wpa_s->l2_br = NULL; ++ } ++ ++ if (wpa_s->conf != NULL) { ++ struct wpa_ssid *ssid; ++ for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) ++ wpas_notify_network_removed(wpa_s, ssid); ++ } ++ ++ os_free(wpa_s->confname); ++ wpa_s->confname = NULL; ++ ++ wpa_sm_set_eapol(wpa_s->wpa, NULL); ++ eapol_sm_deinit(wpa_s->eapol); ++ wpa_s->eapol = NULL; ++ ++ rsn_preauth_deinit(wpa_s->wpa); ++ ++#ifdef CONFIG_TDLS ++ wpa_tdls_deinit(wpa_s->wpa); ++#endif /* CONFIG_TDLS */ ++ ++ pmksa_candidate_free(wpa_s->wpa); ++ wpa_sm_deinit(wpa_s->wpa); ++ wpa_s->wpa = NULL; ++ wpa_blacklist_clear(wpa_s); ++ ++ wpa_bss_deinit(wpa_s); ++ ++ wpa_supplicant_cancel_scan(wpa_s); ++ wpa_supplicant_cancel_auth_timeout(wpa_s); ++ eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); ++#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT ++ eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, ++ wpa_s, NULL); ++#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ ++ ++ wpas_wps_deinit(wpa_s); ++ ++ wpabuf_free(wpa_s->pending_eapol_rx); ++ wpa_s->pending_eapol_rx = NULL; ++ ++#ifdef CONFIG_IBSS_RSN ++ ibss_rsn_deinit(wpa_s->ibss_rsn); ++ wpa_s->ibss_rsn = NULL; ++#endif /* CONFIG_IBSS_RSN */ ++ ++ sme_deinit(wpa_s); ++ ++#ifdef CONFIG_AP ++ wpa_supplicant_ap_deinit(wpa_s); ++#endif /* CONFIG_AP */ ++ ++#ifdef CONFIG_P2P ++ wpas_p2p_deinit(wpa_s); ++#endif /* CONFIG_P2P */ ++ ++#ifdef CONFIG_OFFCHANNEL ++ offchannel_deinit(wpa_s); ++#endif /* CONFIG_OFFCHANNEL */ ++ ++ wpa_supplicant_cancel_sched_scan(wpa_s); ++ ++ os_free(wpa_s->next_scan_freqs); ++ wpa_s->next_scan_freqs = NULL; ++ ++ gas_query_deinit(wpa_s->gas); ++ wpa_s->gas = NULL; ++ ++ free_hw_features(wpa_s); ++ ++ os_free(wpa_s->bssid_filter); ++ wpa_s->bssid_filter = NULL; ++ ++ os_free(wpa_s->disallow_aps_bssid); ++ wpa_s->disallow_aps_bssid = NULL; ++ os_free(wpa_s->disallow_aps_ssid); ++ wpa_s->disallow_aps_ssid = NULL; ++ ++ wnm_bss_keep_alive_deinit(wpa_s); ++ ++ ext_password_deinit(wpa_s->ext_pw); ++ wpa_s->ext_pw = NULL; ++ ++ wpabuf_free(wpa_s->last_gas_resp); ++ ++ os_free(wpa_s->last_scan_res); ++ wpa_s->last_scan_res = NULL; ++} ++ ++ ++/** ++ * wpa_clear_keys - Clear keys configured for the driver ++ * @wpa_s: Pointer to wpa_supplicant data ++ * @addr: Previously used BSSID or %NULL if not available ++ * ++ * This function clears the encryption keys that has been previously configured ++ * for the driver. ++ */ ++void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) ++{ ++ if (wpa_s->keys_cleared) { ++ /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have ++ * timing issues with keys being cleared just before new keys ++ * are set or just after association or something similar. This ++ * shows up in group key handshake failing often because of the ++ * client not receiving the first encrypted packets correctly. ++ * Skipping some of the extra key clearing steps seems to help ++ * in completing group key handshake more reliably. */ ++ wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - " ++ "skip key clearing"); ++ return; ++ } ++ ++ /* MLME-DELETEKEYS.request */ ++ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0); ++ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0); ++ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0); ++ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0); ++#ifdef CONFIG_IEEE80211W ++ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0); ++ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0); ++#endif /* CONFIG_IEEE80211W */ ++ if (addr) { ++ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, ++ 0); ++ /* MLME-SETPROTECTION.request(None) */ ++ wpa_drv_mlme_setprotection( ++ wpa_s, addr, ++ MLME_SETPROTECTION_PROTECT_TYPE_NONE, ++ MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); ++ } ++ wpa_s->keys_cleared = 1; ++} ++ ++ ++/** ++ * wpa_supplicant_state_txt - Get the connection state name as a text string ++ * @state: State (wpa_state; WPA_*) ++ * Returns: The state name as a printable text string ++ */ ++const char * wpa_supplicant_state_txt(enum wpa_states state) ++{ ++ switch (state) { ++ case WPA_DISCONNECTED: ++ return "DISCONNECTED"; ++ case WPA_INACTIVE: ++ return "INACTIVE"; ++ case WPA_INTERFACE_DISABLED: ++ return "INTERFACE_DISABLED"; ++ case WPA_SCANNING: ++ return "SCANNING"; ++ case WPA_AUTHENTICATING: ++ return "AUTHENTICATING"; ++ case WPA_ASSOCIATING: ++ return "ASSOCIATING"; ++ case WPA_ASSOCIATED: ++ return "ASSOCIATED"; ++ case WPA_4WAY_HANDSHAKE: ++ return "4WAY_HANDSHAKE"; ++ case WPA_GROUP_HANDSHAKE: ++ return "GROUP_HANDSHAKE"; ++ case WPA_COMPLETED: ++ return "COMPLETED"; ++ default: ++ return "UNKNOWN"; ++ } ++} ++ ++ ++#ifdef CONFIG_BGSCAN ++ ++static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s) ++{ ++ if (wpas_driver_bss_selection(wpa_s)) ++ return; ++ if (wpa_s->current_ssid == wpa_s->bgscan_ssid) ++ return; ++ ++ bgscan_deinit(wpa_s); ++ if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) { ++ if (bgscan_init(wpa_s, wpa_s->current_ssid)) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " ++ "bgscan"); ++ /* ++ * Live without bgscan; it is only used as a roaming ++ * optimization, so the initial connection is not ++ * affected. ++ */ ++ } else { ++ struct wpa_scan_results *scan_res; ++ wpa_s->bgscan_ssid = wpa_s->current_ssid; ++ scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, ++ 0); ++ if (scan_res) { ++ bgscan_notify_scan(wpa_s, scan_res); ++ wpa_scan_results_free(scan_res); ++ } ++ } ++ } else ++ wpa_s->bgscan_ssid = NULL; ++} ++ ++ ++static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s) ++{ ++ if (wpa_s->bgscan_ssid != NULL) { ++ bgscan_deinit(wpa_s); ++ wpa_s->bgscan_ssid = NULL; ++ } ++} ++ ++#endif /* CONFIG_BGSCAN */ ++ ++ ++static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s) ++{ ++ if (autoscan_init(wpa_s, 0)) ++ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan"); ++} ++ ++ ++static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s) ++{ ++ autoscan_deinit(wpa_s); ++} ++ ++ ++void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s) ++{ ++ if (wpa_s->wpa_state == WPA_DISCONNECTED || ++ wpa_s->wpa_state == WPA_SCANNING) { ++ autoscan_deinit(wpa_s); ++ wpa_supplicant_start_autoscan(wpa_s); ++ } ++} ++ ++ ++/** ++ * wpa_supplicant_set_state - Set current connection state ++ * @wpa_s: Pointer to wpa_supplicant data ++ * @state: The new connection state ++ * ++ * This function is called whenever the connection state changes, e.g., ++ * association is completed for WPA/WPA2 4-Way Handshake is started. ++ */ ++void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, ++ enum wpa_states state) ++{ ++ enum wpa_states old_state = wpa_s->wpa_state; ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s", ++ wpa_supplicant_state_txt(wpa_s->wpa_state), ++ wpa_supplicant_state_txt(state)); ++ ++ if (state != WPA_SCANNING) ++ wpa_supplicant_notify_scanning(wpa_s, 0); ++ ++ if (state == WPA_COMPLETED && wpa_s->new_connection) { ++#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) ++ struct wpa_ssid *ssid = wpa_s->current_ssid; ++ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " ++ MACSTR " completed [id=%d id_str=%s]", ++ MAC2STR(wpa_s->bssid), ++ ssid ? ssid->id : -1, ++ ssid && ssid->id_str ? ssid->id_str : ""); ++#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ ++ wpas_clear_temp_disabled(wpa_s, ssid, 1); ++ wpa_s->extra_blacklist_count = 0; ++ wpa_s->new_connection = 0; ++ wpa_drv_set_operstate(wpa_s, 1); ++#ifndef IEEE8021X_EAPOL ++ wpa_drv_set_supp_port(wpa_s, 1); ++#endif /* IEEE8021X_EAPOL */ ++ wpa_s->after_wps = 0; ++#ifdef CONFIG_P2P ++ wpas_p2p_completed(wpa_s); ++#endif /* CONFIG_P2P */ ++ ++ sme_sched_obss_scan(wpa_s, 1); ++ } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || ++ state == WPA_ASSOCIATED) { ++ wpa_s->new_connection = 1; ++ wpa_drv_set_operstate(wpa_s, 0); ++#ifndef IEEE8021X_EAPOL ++ wpa_drv_set_supp_port(wpa_s, 0); ++#endif /* IEEE8021X_EAPOL */ ++ sme_sched_obss_scan(wpa_s, 0); ++ } ++ wpa_s->wpa_state = state; ++ ++#ifdef CONFIG_BGSCAN ++ if (state == WPA_COMPLETED) ++ wpa_supplicant_start_bgscan(wpa_s); ++ else ++ wpa_supplicant_stop_bgscan(wpa_s); ++#endif /* CONFIG_BGSCAN */ ++ ++ if (state == WPA_AUTHENTICATING) ++ wpa_supplicant_stop_autoscan(wpa_s); ++ ++ if (state == WPA_DISCONNECTED || state == WPA_INACTIVE) ++ wpa_supplicant_start_autoscan(wpa_s); ++ ++ if (wpa_s->wpa_state != old_state) { ++ wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); ++ ++ if (wpa_s->wpa_state == WPA_COMPLETED || ++ old_state == WPA_COMPLETED) ++ wpas_notify_auth_changed(wpa_s); ++ } ++} ++ ++ ++void wpa_supplicant_terminate_proc(struct wpa_global *global) ++{ ++ int pending = 0; ++#ifdef CONFIG_WPS ++ struct wpa_supplicant *wpa_s = global->ifaces; ++ while (wpa_s) { ++ if (wpas_wps_terminate_pending(wpa_s) == 1) ++ pending = 1; ++ wpa_s = wpa_s->next; ++ } ++#endif /* CONFIG_WPS */ ++ if (pending) ++ return; ++ eloop_terminate(); ++} ++ ++ ++static void wpa_supplicant_terminate(int sig, void *signal_ctx) ++{ ++ struct wpa_global *global = signal_ctx; ++ wpa_supplicant_terminate_proc(global); ++} ++ ++ ++void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) ++{ ++ enum wpa_states old_state = wpa_s->wpa_state; ++ ++ wpa_s->pairwise_cipher = 0; ++ wpa_s->group_cipher = 0; ++ wpa_s->mgmt_group_cipher = 0; ++ wpa_s->key_mgmt = 0; ++ if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) ++ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); ++ ++ if (wpa_s->wpa_state != old_state) ++ wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); ++} ++ ++ ++/** ++ * wpa_supplicant_reload_configuration - Reload configuration data ++ * @wpa_s: Pointer to wpa_supplicant data ++ * Returns: 0 on success or -1 if configuration parsing failed ++ * ++ * This function can be used to request that the configuration data is reloaded ++ * (e.g., after configuration file change). This function is reloading ++ * configuration only for one interface, so this may need to be called multiple ++ * times if %wpa_supplicant is controlling multiple interfaces and all ++ * interfaces need reconfiguration. ++ */ ++int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) ++{ ++ struct wpa_config *conf; ++ int reconf_ctrl; ++ int old_ap_scan; ++ ++ if (wpa_s->confname == NULL) ++ return -1; ++ conf = wpa_config_read(wpa_s->confname); ++ if (conf == NULL) { ++ wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " ++ "file '%s' - exiting", wpa_s->confname); ++ return -1; ++ } ++ conf->changed_parameters = (unsigned int) -1; ++ ++ reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface ++ || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && ++ os_strcmp(conf->ctrl_interface, ++ wpa_s->conf->ctrl_interface) != 0); ++ ++ if (reconf_ctrl && wpa_s->ctrl_iface) { ++ wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); ++ wpa_s->ctrl_iface = NULL; ++ } ++ ++ eapol_sm_invalidate_cached_session(wpa_s->eapol); ++ if (wpa_s->current_ssid) { ++ wpa_supplicant_deauthenticate(wpa_s, ++ WLAN_REASON_DEAUTH_LEAVING); ++ } ++ ++ /* ++ * TODO: should notify EAPOL SM about changes in opensc_engine_path, ++ * pkcs11_engine_path, pkcs11_module_path. ++ */ ++ if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { ++ /* ++ * Clear forced success to clear EAP state for next ++ * authentication. ++ */ ++ eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); ++ } ++ eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); ++ wpa_sm_set_config(wpa_s->wpa, NULL); ++ wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); ++ wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); ++ rsn_preauth_deinit(wpa_s->wpa); ++ ++ old_ap_scan = wpa_s->conf->ap_scan; ++ wpa_config_free(wpa_s->conf); ++ wpa_s->conf = conf; ++ if (old_ap_scan != wpa_s->conf->ap_scan) ++ wpas_notify_ap_scan_changed(wpa_s); ++ ++ if (reconf_ctrl) ++ wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); ++ ++ wpa_supplicant_update_config(wpa_s); ++ ++ wpa_supplicant_clear_status(wpa_s); ++ if (wpa_supplicant_enabled_networks(wpa_s)) { ++ wpa_s->reassociate = 1; ++ wpa_supplicant_req_scan(wpa_s, 0, 0); ++ } ++ wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); ++ return 0; ++} ++ ++ ++static void wpa_supplicant_reconfig(int sig, void *signal_ctx) ++{ ++ struct wpa_global *global = signal_ctx; ++ struct wpa_supplicant *wpa_s; ++ for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring", ++ sig); ++ if (wpa_supplicant_reload_configuration(wpa_s) < 0) { ++ wpa_supplicant_terminate_proc(global); ++ } ++ } ++} ++ ++ ++enum wpa_cipher cipher_suite2driver(int cipher) ++{ ++ switch (cipher) { ++ case WPA_CIPHER_NONE: ++ return CIPHER_NONE; ++ case WPA_CIPHER_WEP40: ++ return CIPHER_WEP40; ++ case WPA_CIPHER_WEP104: ++ return CIPHER_WEP104; ++ case WPA_CIPHER_CCMP: ++ return CIPHER_CCMP; ++ case WPA_CIPHER_GCMP: ++ return CIPHER_GCMP; ++ case WPA_CIPHER_TKIP: ++ default: ++ return CIPHER_TKIP; ++ } ++} ++ ++ ++enum wpa_key_mgmt key_mgmt2driver(int key_mgmt) ++{ ++ switch (key_mgmt) { ++ case WPA_KEY_MGMT_NONE: ++ return KEY_MGMT_NONE; ++ case WPA_KEY_MGMT_IEEE8021X_NO_WPA: ++ return KEY_MGMT_802_1X_NO_WPA; ++ case WPA_KEY_MGMT_IEEE8021X: ++ return KEY_MGMT_802_1X; ++ case WPA_KEY_MGMT_WPA_NONE: ++ return KEY_MGMT_WPA_NONE; ++ case WPA_KEY_MGMT_FT_IEEE8021X: ++ return KEY_MGMT_FT_802_1X; ++ case WPA_KEY_MGMT_FT_PSK: ++ return KEY_MGMT_FT_PSK; ++ case WPA_KEY_MGMT_IEEE8021X_SHA256: ++ return KEY_MGMT_802_1X_SHA256; ++ case WPA_KEY_MGMT_PSK_SHA256: ++ return KEY_MGMT_PSK_SHA256; ++ case WPA_KEY_MGMT_WPS: ++ return KEY_MGMT_WPS; ++ case WPA_KEY_MGMT_PSK: ++ default: ++ return KEY_MGMT_PSK; ++ } ++} ++ ++ ++static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, ++ struct wpa_ssid *ssid, ++ struct wpa_ie_data *ie) ++{ ++ int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); ++ if (ret) { ++ if (ret == -2) { ++ wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " ++ "from association info"); ++ } ++ return -1; ++ } ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set " ++ "cipher suites"); ++ if (!(ie->group_cipher & ssid->group_cipher)) { ++ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " ++ "cipher 0x%x (mask 0x%x) - reject", ++ ie->group_cipher, ssid->group_cipher); ++ return -1; ++ } ++ if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { ++ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " ++ "cipher 0x%x (mask 0x%x) - reject", ++ ie->pairwise_cipher, ssid->pairwise_cipher); ++ return -1; ++ } ++ if (!(ie->key_mgmt & ssid->key_mgmt)) { ++ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " ++ "management 0x%x (mask 0x%x) - reject", ++ ie->key_mgmt, ssid->key_mgmt); ++ return -1; ++ } ++ ++#ifdef CONFIG_IEEE80211W ++ if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && ++ (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? ++ wpa_s->conf->pmf : ssid->ieee80211w) == ++ MGMT_FRAME_PROTECTION_REQUIRED) { ++ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " ++ "that does not support management frame protection - " ++ "reject"); ++ return -1; ++ } ++#endif /* CONFIG_IEEE80211W */ ++ ++ return 0; ++} ++ ++ ++/** ++ * wpa_supplicant_set_suites - Set authentication and encryption parameters ++ * @wpa_s: Pointer to wpa_supplicant data ++ * @bss: Scan results for the selected BSS, or %NULL if not available ++ * @ssid: Configuration data for the selected network ++ * @wpa_ie: Buffer for the WPA/RSN IE ++ * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the ++ * used buffer length in case the functions returns success. ++ * Returns: 0 on success or -1 on failure ++ * ++ * This function is used to configure authentication and encryption parameters ++ * based on the network configuration and scan result for the selected BSS (if ++ * available). ++ */ ++int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, ++ struct wpa_bss *bss, struct wpa_ssid *ssid, ++ u8 *wpa_ie, size_t *wpa_ie_len) ++{ ++ struct wpa_ie_data ie; ++ int sel, proto; ++ const u8 *bss_wpa, *bss_rsn; ++ ++ if (bss) { ++ bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); ++ bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); ++ } else ++ bss_wpa = bss_rsn = NULL; ++ ++ if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && ++ wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && ++ (ie.group_cipher & ssid->group_cipher) && ++ (ie.pairwise_cipher & ssid->pairwise_cipher) && ++ (ie.key_mgmt & ssid->key_mgmt)) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); ++ proto = WPA_PROTO_RSN; ++ } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && ++ wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 && ++ (ie.group_cipher & ssid->group_cipher) && ++ (ie.pairwise_cipher & ssid->pairwise_cipher) && ++ (ie.key_mgmt & ssid->key_mgmt)) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); ++ proto = WPA_PROTO_WPA; ++ } else if (bss) { ++ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); ++ return -1; ++ } else { ++ if (ssid->proto & WPA_PROTO_RSN) ++ proto = WPA_PROTO_RSN; ++ else ++ proto = WPA_PROTO_WPA; ++ if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { ++ os_memset(&ie, 0, sizeof(ie)); ++ ie.group_cipher = ssid->group_cipher; ++ ie.pairwise_cipher = ssid->pairwise_cipher; ++ ie.key_mgmt = ssid->key_mgmt; ++#ifdef CONFIG_IEEE80211W ++ ie.mgmt_group_cipher = ++ ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ? ++ WPA_CIPHER_AES_128_CMAC : 0; ++#endif /* CONFIG_IEEE80211W */ ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " ++ "based on configuration"); ++ } else ++ proto = ie.proto; ++ } ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " ++ "pairwise %d key_mgmt %d proto %d", ++ ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); ++#ifdef CONFIG_IEEE80211W ++ if (ssid->ieee80211w) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", ++ ie.mgmt_group_cipher); ++ } ++#endif /* CONFIG_IEEE80211W */ ++ ++ wpa_s->wpa_proto = proto; ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, ++ !!(ssid->proto & WPA_PROTO_RSN)); ++ ++ if (bss || !wpa_s->ap_ies_from_associnfo) { ++ if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, ++ bss_wpa ? 2 + bss_wpa[1] : 0) || ++ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, ++ bss_rsn ? 2 + bss_rsn[1] : 0)) ++ return -1; ++ } ++ ++ sel = ie.group_cipher & ssid->group_cipher; ++ if (sel & WPA_CIPHER_CCMP) { ++ wpa_s->group_cipher = WPA_CIPHER_CCMP; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP"); ++ } else if (sel & WPA_CIPHER_GCMP) { ++ wpa_s->group_cipher = WPA_CIPHER_GCMP; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK GCMP"); ++ } else if (sel & WPA_CIPHER_TKIP) { ++ wpa_s->group_cipher = WPA_CIPHER_TKIP; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP"); ++ } else if (sel & WPA_CIPHER_WEP104) { ++ wpa_s->group_cipher = WPA_CIPHER_WEP104; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104"); ++ } else if (sel & WPA_CIPHER_WEP40) { ++ wpa_s->group_cipher = WPA_CIPHER_WEP40; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40"); ++ } else { ++ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group " ++ "cipher"); ++ return -1; ++ } ++ ++ sel = ie.pairwise_cipher & ssid->pairwise_cipher; ++ if (sel & WPA_CIPHER_CCMP) { ++ wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP"); ++ } else if (sel & WPA_CIPHER_GCMP) { ++ wpa_s->pairwise_cipher = WPA_CIPHER_GCMP; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK GCMP"); ++ } else if (sel & WPA_CIPHER_TKIP) { ++ wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP"); ++ } else if (sel & WPA_CIPHER_NONE) { ++ wpa_s->pairwise_cipher = WPA_CIPHER_NONE; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE"); ++ } else { ++ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise " ++ "cipher"); ++ return -1; ++ } ++ ++ sel = ie.key_mgmt & ssid->key_mgmt; ++#ifdef CONFIG_SAE ++ if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) ++ sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE); ++#endif /* CONFIG_SAE */ ++ if (0) { ++#ifdef CONFIG_IEEE80211R ++ } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) { ++ wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); ++ } else if (sel & WPA_KEY_MGMT_FT_PSK) { ++ wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); ++#endif /* CONFIG_IEEE80211R */ ++#ifdef CONFIG_SAE ++ } else if (sel & WPA_KEY_MGMT_SAE) { ++ wpa_s->key_mgmt = WPA_KEY_MGMT_SAE; ++ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE"); ++ } else if (sel & WPA_KEY_MGMT_FT_SAE) { ++ wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE; ++ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE"); ++#endif /* CONFIG_SAE */ ++#ifdef CONFIG_IEEE80211W ++ } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { ++ wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; ++ wpa_dbg(wpa_s, MSG_DEBUG, ++ "WPA: using KEY_MGMT 802.1X with SHA256"); ++ } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { ++ wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; ++ wpa_dbg(wpa_s, MSG_DEBUG, ++ "WPA: using KEY_MGMT PSK with SHA256"); ++#endif /* CONFIG_IEEE80211W */ ++ } else if (sel & WPA_KEY_MGMT_IEEE8021X) { ++ wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); ++ } else if (sel & WPA_KEY_MGMT_PSK) { ++ wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); ++ } else if (sel & WPA_KEY_MGMT_WPA_NONE) { ++ wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); ++ } else { ++ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " ++ "authenticated key management type"); ++ return -1; ++ } ++ ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, ++ wpa_s->pairwise_cipher); ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); ++ ++#ifdef CONFIG_IEEE80211W ++ sel = ie.mgmt_group_cipher; ++ if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? ++ wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION || ++ !(ie.capabilities & WPA_CAPABILITY_MFPC)) ++ sel = 0; ++ if (sel & WPA_CIPHER_AES_128_CMAC) { ++ wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " ++ "AES-128-CMAC"); ++ } else { ++ wpa_s->mgmt_group_cipher = 0; ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); ++ } ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, ++ wpa_s->mgmt_group_cipher); ++ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ++ (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? ++ wpa_s->conf->pmf : ssid->ieee80211w)); ++#endif /* CONFIG_IEEE80211W */ ++ ++ if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) { ++ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE"); ++ return -1; ++ } ++ ++ if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { ++ wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN); ++#ifndef CONFIG_NO_PBKDF2 ++ if (bss && ssid->bssid_set && ssid->ssid_len == 0 && ++ ssid->passphrase) { ++ u8 psk[PMK_LEN]; ++ pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len, ++ 4096, psk, PMK_LEN); ++ wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)", ++ psk, PMK_LEN); ++ wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); ++ } ++#endif /* CONFIG_NO_PBKDF2 */ ++#ifdef CONFIG_EXT_PASSWORD ++ if (ssid->ext_psk) { ++ struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, ++ ssid->ext_psk); ++ char pw_str[64 + 1]; ++ u8 psk[PMK_LEN]; ++ ++ if (pw == NULL) { ++ wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK " ++ "found from external storage"); ++ return -1; ++ } ++ ++ if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) { ++ wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected " ++ "PSK length %d in external storage", ++ (int) wpabuf_len(pw)); ++ ext_password_free(pw); ++ return -1; ++ } ++ ++ os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw)); ++ pw_str[wpabuf_len(pw)] = '\0'; ++ ++#ifndef CONFIG_NO_PBKDF2 ++ if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss) ++ { ++ pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len, ++ 4096, psk, PMK_LEN); ++ os_memset(pw_str, 0, sizeof(pw_str)); ++ wpa_hexdump_key(MSG_MSGDUMP, "PSK (from " ++ "external passphrase)", ++ psk, PMK_LEN); ++ wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); ++ } else ++#endif /* CONFIG_NO_PBKDF2 */ ++ if (wpabuf_len(pw) == 2 * PMK_LEN) { ++ if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) { ++ wpa_msg(wpa_s, MSG_INFO, "EXT PW: " ++ "Invalid PSK hex string"); ++ os_memset(pw_str, 0, sizeof(pw_str)); ++ ext_password_free(pw); ++ return -1; ++ } ++ wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); ++ } else { ++ wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable " ++ "PSK available"); ++ os_memset(pw_str, 0, sizeof(pw_str)); ++ ext_password_free(pw); ++ return -1; ++ } ++ ++ os_memset(pw_str, 0, sizeof(pw_str)); ++ ext_password_free(pw); ++ } ++#endif /* CONFIG_EXT_PASSWORD */ ++ } else ++ wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); ++ ++ return 0; ++} ++ ++ ++int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf) ++{ ++ u32 ext_capab = 0; ++ u8 *pos = buf; ++ ++#ifdef CONFIG_INTERWORKING ++ if (wpa_s->conf->interworking) ++ ext_capab |= BIT(31); /* Interworking */ ++#endif /* CONFIG_INTERWORKING */ ++ ++#ifdef CONFIG_WNM ++ ext_capab |= BIT(17); /* WNM-Sleep Mode */ ++ ext_capab |= BIT(19); /* BSS Transition */ ++#endif /* CONFIG_WNM */ ++ ++ if (!ext_capab) ++ return 0; ++ ++ *pos++ = WLAN_EID_EXT_CAPAB; ++ *pos++ = 4; ++ WPA_PUT_LE32(pos, ext_capab); ++ pos += 4; ++ ++ return pos - buf; ++} ++ ++ ++/** ++ * wpa_supplicant_associate - Request association ++ * @wpa_s: Pointer to wpa_supplicant data ++ * @bss: Scan results for the selected BSS, or %NULL if not available ++ * @ssid: Configuration data for the selected network ++ * ++ * This function is used to request %wpa_supplicant to associate with a BSS. ++ */ ++void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, ++ struct wpa_bss *bss, struct wpa_ssid *ssid) ++{ ++ u8 wpa_ie[200]; ++ size_t wpa_ie_len; ++ int use_crypt, ret, i, bssid_changed; ++ int algs = WPA_AUTH_ALG_OPEN; ++ enum wpa_cipher cipher_pairwise, cipher_group; ++ struct wpa_driver_associate_params params; ++ int wep_keys_set = 0; ++ struct wpa_driver_capa capa; ++ int assoc_failed = 0; ++ struct wpa_ssid *old_ssid; ++ u8 ext_capab[10]; ++ int ext_capab_len; ++#ifdef CONFIG_HT_OVERRIDES ++ struct ieee80211_ht_capabilities htcaps; ++ struct ieee80211_ht_capabilities htcaps_mask; ++#endif /* CONFIG_HT_OVERRIDES */ ++ ++#ifdef CONFIG_IBSS_RSN ++ ibss_rsn_deinit(wpa_s->ibss_rsn); ++ wpa_s->ibss_rsn = NULL; ++#endif /* CONFIG_IBSS_RSN */ ++ ++ if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || ++ ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { ++#ifdef CONFIG_AP ++ if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) { ++ wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP " ++ "mode"); ++ return; ++ } ++ if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) { ++ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); ++ return; ++ } ++ wpa_s->current_bss = bss; ++#else /* CONFIG_AP */ ++ wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in " ++ "the build"); ++#endif /* CONFIG_AP */ ++ return; ++ } ++ ++#ifdef CONFIG_TDLS ++ if (bss) ++ wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1), ++ bss->ie_len); ++#endif /* CONFIG_TDLS */ ++ ++ if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && ++ ssid->mode == IEEE80211_MODE_INFRA) { ++ sme_authenticate(wpa_s, bss, ssid); ++ return; ++ } ++ ++ os_memset(¶ms, 0, sizeof(params)); ++ wpa_s->reassociate = 0; ++ if (bss && !wpas_driver_bss_selection(wpa_s)) { ++#ifdef CONFIG_IEEE80211R ++ const u8 *ie, *md = NULL; ++#endif /* CONFIG_IEEE80211R */ ++ wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR ++ " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), ++ wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); ++ bssid_changed = !is_zero_ether_addr(wpa_s->bssid); ++ os_memset(wpa_s->bssid, 0, ETH_ALEN); ++ os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); ++ if (bssid_changed) ++ wpas_notify_bssid_changed(wpa_s); ++#ifdef CONFIG_IEEE80211R ++ ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); ++ if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) ++ md = ie + 2; ++ wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); ++ if (md) { ++ /* Prepare for the next transition */ ++ wpa_ft_prepare_auth_request(wpa_s->wpa, ie); ++ } ++#endif /* CONFIG_IEEE80211R */ ++#ifdef CONFIG_WPS ++ } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && ++ wpa_s->conf->ap_scan == 2 && ++ (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { ++ /* Use ap_scan==1 style network selection to find the network ++ */ ++ wpa_s->scan_req = MANUAL_SCAN_REQ; ++ wpa_s->reassociate = 1; ++ wpa_supplicant_req_scan(wpa_s, 0, 0); ++ return; ++#endif /* CONFIG_WPS */ ++ } else { ++ wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", ++ wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); ++ os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); ++ } ++ wpa_supplicant_cancel_sched_scan(wpa_s); ++ wpa_supplicant_cancel_scan(wpa_s); ++ ++ /* Starting new association, so clear the possibly used WPA IE from the ++ * previous association. */ ++ wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); ++ ++#ifdef IEEE8021X_EAPOL ++ if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { ++ if (ssid->leap) { ++ if (ssid->non_leap == 0) ++ algs = WPA_AUTH_ALG_LEAP; ++ else ++ algs |= WPA_AUTH_ALG_LEAP; ++ } ++ } ++#endif /* IEEE8021X_EAPOL */ ++ wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); ++ if (ssid->auth_alg) { ++ algs = ssid->auth_alg; ++ wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: " ++ "0x%x", algs); ++ } ++ ++ if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || ++ wpa_bss_get_ie(bss, WLAN_EID_RSN)) && ++ wpa_key_mgmt_wpa(ssid->key_mgmt)) { ++ int try_opportunistic; ++ try_opportunistic = (ssid->proactive_key_caching < 0 ? ++ wpa_s->conf->okc : ++ ssid->proactive_key_caching) && ++ (ssid->proto & WPA_PROTO_RSN); ++ if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, ++ wpa_s->current_ssid, ++ try_opportunistic) == 0) ++ eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); ++ wpa_ie_len = sizeof(wpa_ie); ++ if (wpa_supplicant_set_suites(wpa_s, bss, ssid, ++ wpa_ie, &wpa_ie_len)) { ++ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " ++ "key management and encryption suites"); ++ return; ++ } ++ } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && ++ wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { ++ /* ++ * Both WPA and non-WPA IEEE 802.1X enabled in configuration - ++ * use non-WPA since the scan results did not indicate that the ++ * AP is using WPA or WPA2. ++ */ ++ wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); ++ wpa_ie_len = 0; ++ wpa_s->wpa_proto = 0; ++ } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { ++ wpa_ie_len = sizeof(wpa_ie); ++ if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, ++ wpa_ie, &wpa_ie_len)) { ++ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " ++ "key management and encryption suites (no " ++ "scan results)"); ++ return; ++ } ++#ifdef CONFIG_WPS ++ } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { ++ struct wpabuf *wps_ie; ++ wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); ++ if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) { ++ wpa_ie_len = wpabuf_len(wps_ie); ++ os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); ++ } else ++ wpa_ie_len = 0; ++ wpabuf_free(wps_ie); ++ wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); ++ if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) ++ params.wps = WPS_MODE_PRIVACY; ++ else ++ params.wps = WPS_MODE_OPEN; ++ wpa_s->wpa_proto = 0; ++#endif /* CONFIG_WPS */ ++ } else { ++ wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); ++ wpa_ie_len = 0; ++ wpa_s->wpa_proto = 0; ++ } ++ ++#ifdef CONFIG_P2P ++ if (wpa_s->global->p2p) { ++ u8 *pos; ++ size_t len; ++ int res; ++ pos = wpa_ie + wpa_ie_len; ++ len = sizeof(wpa_ie) - wpa_ie_len; ++ res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, ++ ssid->p2p_group); ++ if (res >= 0) ++ wpa_ie_len += res; ++ } ++ ++ wpa_s->cross_connect_disallowed = 0; ++ if (bss) { ++ struct wpabuf *p2p; ++ p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE); ++ if (p2p) { ++ wpa_s->cross_connect_disallowed = ++ p2p_get_cross_connect_disallowed(p2p); ++ wpabuf_free(p2p); ++ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross " ++ "connection", ++ wpa_s->cross_connect_disallowed ? ++ "disallows" : "allows"); ++ } ++ } ++#endif /* CONFIG_P2P */ ++ ++#ifdef CONFIG_HS20 ++ if (wpa_s->conf->hs20) { ++ struct wpabuf *hs20; ++ hs20 = wpabuf_alloc(20); ++ if (hs20) { ++ wpas_hs20_add_indication(hs20); ++ os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20), ++ wpabuf_len(hs20)); ++ wpa_ie_len += wpabuf_len(hs20); ++ wpabuf_free(hs20); ++ } ++ } ++#endif /* CONFIG_HS20 */ ++ ++ ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab); ++ if (ext_capab_len > 0) { ++ u8 *pos = wpa_ie; ++ if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) ++ pos += 2 + pos[1]; ++ os_memmove(pos + ext_capab_len, pos, ++ wpa_ie_len - (pos - wpa_ie)); ++ wpa_ie_len += ext_capab_len; ++ os_memcpy(pos, ext_capab, ext_capab_len); ++ } ++ ++ wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); ++ use_crypt = 1; ++ cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher); ++ cipher_group = cipher_suite2driver(wpa_s->group_cipher); ++ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || ++ wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { ++ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) ++ use_crypt = 0; ++ if (wpa_set_wep_keys(wpa_s, ssid)) { ++ use_crypt = 1; ++ wep_keys_set = 1; ++ } ++ } ++ if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ++ use_crypt = 0; ++ ++#ifdef IEEE8021X_EAPOL ++ if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { ++ if ((ssid->eapol_flags & ++ (EAPOL_FLAG_REQUIRE_KEY_UNICAST | ++ EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && ++ !wep_keys_set) { ++ use_crypt = 0; ++ } else { ++ /* Assume that dynamic WEP-104 keys will be used and ++ * set cipher suites in order for drivers to expect ++ * encryption. */ ++ cipher_pairwise = cipher_group = CIPHER_WEP104; ++ } ++ } ++#endif /* IEEE8021X_EAPOL */ ++ ++ if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { ++ /* Set the key before (and later after) association */ ++ wpa_supplicant_set_wpa_none_key(wpa_s, ssid); ++ } ++ ++ wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); ++ if (bss) { ++ params.ssid = bss->ssid; ++ params.ssid_len = bss->ssid_len; ++ if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) { ++ wpa_printf(MSG_DEBUG, "Limit connection to BSSID " ++ MACSTR " freq=%u MHz based on scan results " ++ "(bssid_set=%d)", ++ MAC2STR(bss->bssid), bss->freq, ++ ssid->bssid_set); ++ params.bssid = bss->bssid; ++ params.freq = bss->freq; ++ } ++ } else { ++ params.ssid = ssid->ssid; ++ params.ssid_len = ssid->ssid_len; ++ } ++ ++ if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set && ++ wpa_s->conf->ap_scan == 2) { ++ params.bssid = ssid->bssid; ++ params.fixed_bssid = 1; ++ } ++ ++ if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 && ++ params.freq == 0) ++ params.freq = ssid->frequency; /* Initial channel for IBSS */ ++ params.wpa_ie = wpa_ie; ++ params.wpa_ie_len = wpa_ie_len; ++ params.pairwise_suite = cipher_pairwise; ++ params.group_suite = cipher_group; ++ params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); ++ params.wpa_proto = wpa_s->wpa_proto; ++ params.auth_alg = algs; ++ params.mode = ssid->mode; ++ params.bg_scan_period = ssid->bg_scan_period; ++ for (i = 0; i < NUM_WEP_KEYS; i++) { ++ if (ssid->wep_key_len[i]) ++ params.wep_key[i] = ssid->wep_key[i]; ++ params.wep_key_len[i] = ssid->wep_key_len[i]; ++ } ++ params.wep_tx_keyidx = ssid->wep_tx_keyidx; ++ ++ if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && ++ (params.key_mgmt_suite == KEY_MGMT_PSK || ++ params.key_mgmt_suite == KEY_MGMT_FT_PSK)) { ++ params.passphrase = ssid->passphrase; ++ if (ssid->psk_set) ++ params.psk = ssid->psk; ++ } ++ ++ params.drop_unencrypted = use_crypt; ++ ++#ifdef CONFIG_IEEE80211W ++ params.mgmt_frame_protection = ++ ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? ++ wpa_s->conf->pmf : ssid->ieee80211w; ++ if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { ++ const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); ++ struct wpa_ie_data ie; ++ if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && ++ ie.capabilities & ++ (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports " ++ "MFP: require MFP"); ++ params.mgmt_frame_protection = ++ MGMT_FRAME_PROTECTION_REQUIRED; ++ } ++ } ++#endif /* CONFIG_IEEE80211W */ ++ ++ params.p2p = ssid->p2p_group; ++ ++ if (wpa_s->parent->set_sta_uapsd) ++ params.uapsd = wpa_s->parent->sta_uapsd; ++ else ++ params.uapsd = -1; ++ ++#ifdef CONFIG_HT_OVERRIDES ++ os_memset(&htcaps, 0, sizeof(htcaps)); ++ os_memset(&htcaps_mask, 0, sizeof(htcaps_mask)); ++ params.htcaps = (u8 *) &htcaps; ++ params.htcaps_mask = (u8 *) &htcaps_mask; ++ wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms); ++#endif /* CONFIG_HT_OVERRIDES */ ++ ++ ret = wpa_drv_associate(wpa_s, ¶ms); ++ if (ret < 0) { ++ wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " ++ "failed"); ++ if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) { ++ /* ++ * The driver is known to mean what is saying, so we ++ * can stop right here; the association will not ++ * succeed. ++ */ ++ wpas_connection_failed(wpa_s, wpa_s->pending_bssid); ++ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); ++ os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); ++ return; ++ } ++ /* try to continue anyway; new association will be tried again ++ * after timeout */ ++ assoc_failed = 1; ++ } ++ ++ if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { ++ /* Set the key after the association just in case association ++ * cleared the previously configured key. */ ++ wpa_supplicant_set_wpa_none_key(wpa_s, ssid); ++ /* No need to timeout authentication since there is no key ++ * management. */ ++ wpa_supplicant_cancel_auth_timeout(wpa_s); ++ wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); ++#ifdef CONFIG_IBSS_RSN ++ } else if (ssid->mode == WPAS_MODE_IBSS && ++ wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && ++ wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { ++ /* ++ * RSN IBSS authentication is per-STA and we can disable the ++ * per-BSSID authentication. ++ */ ++ wpa_supplicant_cancel_auth_timeout(wpa_s); ++#endif /* CONFIG_IBSS_RSN */ ++ } else { ++ /* Timeout for IEEE 802.11 authentication and association */ ++ int timeout = 60; ++ ++ if (assoc_failed) { ++ /* give IBSS a bit more time */ ++ timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; ++ } else if (wpa_s->conf->ap_scan == 1) { ++ /* give IBSS a bit more time */ ++ timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; ++ } ++ wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); ++ } ++ ++ if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 && ++ capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) { ++ /* Set static WEP keys again */ ++ wpa_set_wep_keys(wpa_s, ssid); ++ } ++ ++ if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) { ++ /* ++ * Do not allow EAP session resumption between different ++ * network configurations. ++ */ ++ eapol_sm_invalidate_cached_session(wpa_s->eapol); ++ } ++ old_ssid = wpa_s->current_ssid; ++ wpa_s->current_ssid = ssid; ++ wpa_s->current_bss = bss; ++ wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); ++ wpa_supplicant_initiate_eapol(wpa_s); ++ if (old_ssid != wpa_s->current_ssid) ++ wpas_notify_network_changed(wpa_s); ++} ++ ++ ++static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s, ++ const u8 *addr) ++{ ++ struct wpa_ssid *old_ssid; ++ ++ wpa_clear_keys(wpa_s, addr); ++ old_ssid = wpa_s->current_ssid; ++ wpa_supplicant_mark_disassoc(wpa_s); ++ wpa_sm_set_config(wpa_s->wpa, NULL); ++ eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); ++ if (old_ssid != wpa_s->current_ssid) ++ wpas_notify_network_changed(wpa_s); ++ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); ++} ++ ++ ++/** ++ * wpa_supplicant_deauthenticate - Deauthenticate the current connection ++ * @wpa_s: Pointer to wpa_supplicant data ++ * @reason_code: IEEE 802.11 reason code for the deauthenticate frame ++ * ++ * This function is used to request %wpa_supplicant to deauthenticate from the ++ * current AP. ++ */ ++void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, ++ int reason_code) ++{ ++ u8 *addr = NULL; ++ union wpa_event_data event; ++ int zero_addr = 0; ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR ++ " pending_bssid=" MACSTR " reason=%d state=%s", ++ MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), ++ reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state)); ++ ++ if (!is_zero_ether_addr(wpa_s->bssid)) ++ addr = wpa_s->bssid; ++ else if (!is_zero_ether_addr(wpa_s->pending_bssid) && ++ (wpa_s->wpa_state == WPA_AUTHENTICATING || ++ wpa_s->wpa_state == WPA_ASSOCIATING)) ++ addr = wpa_s->pending_bssid; ++ else if (wpa_s->wpa_state == WPA_ASSOCIATING) { ++ /* ++ * When using driver-based BSS selection, we may not know the ++ * BSSID with which we are currently trying to associate. We ++ * need to notify the driver of this disconnection even in such ++ * a case, so use the all zeros address here. ++ */ ++ addr = wpa_s->bssid; ++ zero_addr = 1; ++ } ++ ++ if (addr) { ++ wpa_drv_deauthenticate(wpa_s, addr, reason_code); ++ os_memset(&event, 0, sizeof(event)); ++ event.deauth_info.reason_code = (u16) reason_code; ++ event.deauth_info.locally_generated = 1; ++ wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event); ++ if (zero_addr) ++ addr = NULL; ++ } ++ ++ wpa_supplicant_clear_connection(wpa_s, addr); ++} ++ ++ ++/** ++ * wpa_supplicant_enable_network - Mark a configured network as enabled ++ * @wpa_s: wpa_supplicant structure for a network interface ++ * @ssid: wpa_ssid structure for a configured network or %NULL ++ * ++ * Enables the specified network or all networks if no network specified. ++ */ ++void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s, ++ struct wpa_ssid *ssid) ++{ ++ struct wpa_ssid *other_ssid; ++ int was_disabled; ++ ++ if (ssid == NULL) { ++ for (other_ssid = wpa_s->conf->ssid; other_ssid; ++ other_ssid = other_ssid->next) { ++ if (other_ssid->disabled == 2) ++ continue; /* do not change persistent P2P group ++ * data */ ++ if (other_ssid == wpa_s->current_ssid && ++ other_ssid->disabled) ++ wpa_s->reassociate = 1; ++ ++ was_disabled = other_ssid->disabled; ++ ++ other_ssid->disabled = 0; ++ if (was_disabled) ++ wpas_clear_temp_disabled(wpa_s, other_ssid, 0); ++ ++ if (was_disabled != other_ssid->disabled) ++ wpas_notify_network_enabled_changed( ++ wpa_s, other_ssid); ++ } ++ if (wpa_s->reassociate) ++ wpa_supplicant_req_scan(wpa_s, 0, 0); ++ } else if (ssid->disabled && ssid->disabled != 2) { ++ if (wpa_s->current_ssid == NULL) { ++ /* ++ * Try to reassociate since there is no current ++ * configuration and a new network was made available. ++ */ ++ wpa_s->reassociate = 1; ++ wpa_supplicant_req_scan(wpa_s, 0, 0); ++ } ++ ++ was_disabled = ssid->disabled; ++ ++ ssid->disabled = 0; ++ wpas_clear_temp_disabled(wpa_s, ssid, 1); ++ ++ if (was_disabled != ssid->disabled) ++ wpas_notify_network_enabled_changed(wpa_s, ssid); ++ } ++} ++ ++ ++/** ++ * wpa_supplicant_disable_network - Mark a configured network as disabled ++ * @wpa_s: wpa_supplicant structure for a network interface ++ * @ssid: wpa_ssid structure for a configured network or %NULL ++ * ++ * Disables the specified network or all networks if no network specified. ++ */ ++void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, ++ struct wpa_ssid *ssid) ++{ ++ struct wpa_ssid *other_ssid; ++ int was_disabled; ++ ++ if (ssid == NULL) { ++ for (other_ssid = wpa_s->conf->ssid; other_ssid; ++ other_ssid = other_ssid->next) { ++ was_disabled = other_ssid->disabled; ++ if (was_disabled == 2) ++ continue; /* do not change persistent P2P group ++ * data */ ++ ++ other_ssid->disabled = 1; ++ ++ if (was_disabled != other_ssid->disabled) ++ wpas_notify_network_enabled_changed( ++ wpa_s, other_ssid); ++ } ++ if (wpa_s->current_ssid) ++ wpa_supplicant_deauthenticate( ++ wpa_s, WLAN_REASON_DEAUTH_LEAVING); ++ } else if (ssid->disabled != 2) { ++ if (ssid == wpa_s->current_ssid) ++ wpa_supplicant_deauthenticate( ++ wpa_s, WLAN_REASON_DEAUTH_LEAVING); ++ ++ was_disabled = ssid->disabled; ++ ++ ssid->disabled = 1; ++ ++ if (was_disabled != ssid->disabled) ++ wpas_notify_network_enabled_changed(wpa_s, ssid); ++ } ++} ++ ++ ++/** ++ * wpa_supplicant_select_network - Attempt association with a network ++ * @wpa_s: wpa_supplicant structure for a network interface ++ * @ssid: wpa_ssid structure for a configured network or %NULL for any network ++ */ ++void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, ++ struct wpa_ssid *ssid) ++{ ++ ++ struct wpa_ssid *other_ssid; ++ int disconnected = 0; ++ ++ if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) { ++ wpa_supplicant_deauthenticate( ++ wpa_s, WLAN_REASON_DEAUTH_LEAVING); ++ disconnected = 1; ++ } ++ ++ if (ssid) ++ wpas_clear_temp_disabled(wpa_s, ssid, 1); ++ ++ /* ++ * Mark all other networks disabled or mark all networks enabled if no ++ * network specified. ++ */ ++ for (other_ssid = wpa_s->conf->ssid; other_ssid; ++ other_ssid = other_ssid->next) { ++ int was_disabled = other_ssid->disabled; ++ if (was_disabled == 2) ++ continue; /* do not change persistent P2P group data */ ++ ++ other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0; ++ if (was_disabled && !other_ssid->disabled) ++ wpas_clear_temp_disabled(wpa_s, other_ssid, 0); ++ ++ if (was_disabled != other_ssid->disabled) ++ wpas_notify_network_enabled_changed(wpa_s, other_ssid); ++ } ++ ++ if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) { ++ /* We are already associated with the selected network */ ++ wpa_printf(MSG_DEBUG, "Already associated with the " ++ "selected network - do nothing"); ++ return; ++ } ++ ++ if (ssid) ++ wpa_s->current_ssid = ssid; ++ wpa_s->connect_without_scan = NULL; ++ wpa_s->disconnected = 0; ++ wpa_s->reassociate = 1; ++ wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0); ++ ++ if (ssid) ++ wpas_notify_network_selected(wpa_s, ssid); ++} ++ ++ ++/** ++ * wpa_supplicant_set_ap_scan - Set AP scan mode for interface ++ * @wpa_s: wpa_supplicant structure for a network interface ++ * @ap_scan: AP scan mode ++ * Returns: 0 if succeed or -1 if ap_scan has an invalid value ++ * ++ */ ++int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) ++{ ++ ++ int old_ap_scan; ++ ++ if (ap_scan < 0 || ap_scan > 2) ++ return -1; ++ ++#ifdef ANDROID ++ if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && ++ wpa_s->wpa_state >= WPA_ASSOCIATING && ++ wpa_s->wpa_state < WPA_COMPLETED) { ++ wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while " ++ "associating", wpa_s->conf->ap_scan, ap_scan); ++ return 0; ++ } ++#endif /* ANDROID */ ++ ++ old_ap_scan = wpa_s->conf->ap_scan; ++ wpa_s->conf->ap_scan = ap_scan; ++ ++ if (old_ap_scan != wpa_s->conf->ap_scan) ++ wpas_notify_ap_scan_changed(wpa_s); ++ ++ return 0; ++} ++ ++ ++/** ++ * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age ++ * @wpa_s: wpa_supplicant structure for a network interface ++ * @expire_age: Expiration age in seconds ++ * Returns: 0 if succeed or -1 if expire_age has an invalid value ++ * ++ */ ++int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s, ++ unsigned int bss_expire_age) ++{ ++ if (bss_expire_age < 10) { ++ wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u", ++ bss_expire_age); ++ return -1; ++ } ++ wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec", ++ bss_expire_age); ++ wpa_s->conf->bss_expiration_age = bss_expire_age; ++ ++ return 0; ++} ++ ++ ++/** ++ * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count ++ * @wpa_s: wpa_supplicant structure for a network interface ++ * @expire_count: number of scans after which an unseen BSS is reclaimed ++ * Returns: 0 if succeed or -1 if expire_count has an invalid value ++ * ++ */ ++int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s, ++ unsigned int bss_expire_count) ++{ ++ if (bss_expire_count < 1) { ++ wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u", ++ bss_expire_count); ++ return -1; ++ } ++ wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u", ++ bss_expire_count); ++ wpa_s->conf->bss_expiration_scan_count = bss_expire_count; ++ ++ return 0; ++} ++ ++ ++/** ++ * wpa_supplicant_set_scan_interval - Set scan interval ++ * @wpa_s: wpa_supplicant structure for a network interface ++ * @scan_interval: scan interval in seconds ++ * Returns: 0 if succeed or -1 if scan_interval has an invalid value ++ * ++ */ ++int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s, ++ int scan_interval) ++{ ++ if (scan_interval < 0) { ++ wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d", ++ scan_interval); ++ return -1; ++ } ++ wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec", ++ scan_interval); ++ wpa_s->scan_interval = scan_interval; ++ ++ return 0; ++} ++ ++ ++/** ++ * wpa_supplicant_set_debug_params - Set global debug params ++ * @global: wpa_global structure ++ * @debug_level: debug level ++ * @debug_timestamp: determines if show timestamp in debug data ++ * @debug_show_keys: determines if show keys in debug data ++ * Returns: 0 if succeed or -1 if debug_level has wrong value ++ */ ++int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, ++ int debug_timestamp, int debug_show_keys) ++{ ++ ++ int old_level, old_timestamp, old_show_keys; ++ ++ /* check for allowed debuglevels */ ++ if (debug_level != MSG_EXCESSIVE && ++ debug_level != MSG_MSGDUMP && ++ debug_level != MSG_DEBUG && ++ debug_level != MSG_INFO && ++ debug_level != MSG_WARNING && ++ debug_level != MSG_ERROR) ++ return -1; ++ ++ old_level = wpa_debug_level; ++ old_timestamp = wpa_debug_timestamp; ++ old_show_keys = wpa_debug_show_keys; ++ ++ wpa_debug_level = debug_level; ++ wpa_debug_timestamp = debug_timestamp ? 1 : 0; ++ wpa_debug_show_keys = debug_show_keys ? 1 : 0; ++ ++ if (wpa_debug_level != old_level) ++ wpas_notify_debug_level_changed(global); ++ if (wpa_debug_timestamp != old_timestamp) ++ wpas_notify_debug_timestamp_changed(global); ++ if (wpa_debug_show_keys != old_show_keys) ++ wpas_notify_debug_show_keys_changed(global); ++ ++ return 0; ++} ++ ++ ++/** ++ * wpa_supplicant_get_ssid - Get a pointer to the current network structure ++ * @wpa_s: Pointer to wpa_supplicant data ++ * Returns: A pointer to the current network structure or %NULL on failure ++ */ ++struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) ++{ ++ struct wpa_ssid *entry; ++ u8 ssid[MAX_SSID_LEN]; ++ int res; ++ size_t ssid_len; ++ u8 bssid[ETH_ALEN]; ++ int wired; ++ ++ res = wpa_drv_get_ssid(wpa_s, ssid); ++ if (res < 0) { ++ wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from " ++ "driver"); ++ return NULL; ++ } ++ ssid_len = res; ++ ++ if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { ++ wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from " ++ "driver"); ++ return NULL; ++ } ++ ++ wired = wpa_s->conf->ap_scan == 0 && ++ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED); ++ ++ entry = wpa_s->conf->ssid; ++ while (entry) { ++ if (!wpas_network_disabled(wpa_s, entry) && ++ ((ssid_len == entry->ssid_len && ++ os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) && ++ (!entry->bssid_set || ++ os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) ++ return entry; ++#ifdef CONFIG_WPS ++ if (!wpas_network_disabled(wpa_s, entry) && ++ (entry->key_mgmt & WPA_KEY_MGMT_WPS) && ++ (entry->ssid == NULL || entry->ssid_len == 0) && ++ (!entry->bssid_set || ++ os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) ++ return entry; ++#endif /* CONFIG_WPS */ ++ ++ if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set && ++ entry->ssid_len == 0 && ++ os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0) ++ return entry; ++ ++ entry = entry->next; ++ } ++ ++ return NULL; ++} ++ ++ ++static int select_driver(struct wpa_supplicant *wpa_s, int i) ++{ ++ struct wpa_global *global = wpa_s->global; ++ ++ if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) { ++ global->drv_priv[i] = wpa_drivers[i]->global_init(); ++ if (global->drv_priv[i] == NULL) { ++ wpa_printf(MSG_ERROR, "Failed to initialize driver " ++ "'%s'", wpa_drivers[i]->name); ++ return -1; ++ } ++ } ++ ++ wpa_s->driver = wpa_drivers[i]; ++ wpa_s->global_drv_priv = global->drv_priv[i]; ++ ++ return 0; ++} ++ ++ ++static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, ++ const char *name) ++{ ++ int i; ++ size_t len; ++ const char *pos, *driver = name; ++ ++ if (wpa_s == NULL) ++ return -1; ++ ++ if (wpa_drivers[0] == NULL) { ++ wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into " ++ "wpa_supplicant"); ++ return -1; ++ } ++ ++ if (name == NULL) { ++ /* default to first driver in the list */ ++ return select_driver(wpa_s, 0); ++ } ++ ++ do { ++ pos = os_strchr(driver, ','); ++ if (pos) ++ len = pos - driver; ++ else ++ len = os_strlen(driver); ++ ++ for (i = 0; wpa_drivers[i]; i++) { ++ if (os_strlen(wpa_drivers[i]->name) == len && ++ os_strncmp(driver, wpa_drivers[i]->name, len) == ++ 0) { ++ /* First driver that succeeds wins */ ++ if (select_driver(wpa_s, i) == 0) ++ return 0; ++ } ++ } ++ ++ driver = pos + 1; ++ } while (pos); ++ ++ wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name); ++ return -1; ++} ++ ++ ++/** ++ * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant ++ * @ctx: Context pointer (wpa_s); this is the ctx variable registered ++ * with struct wpa_driver_ops::init() ++ * @src_addr: Source address of the EAPOL frame ++ * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header) ++ * @len: Length of the EAPOL data ++ * ++ * This function is called for each received EAPOL frame. Most driver ++ * interfaces rely on more generic OS mechanism for receiving frames through ++ * l2_packet, but if such a mechanism is not available, the driver wrapper may ++ * take care of received EAPOL frames and deliver them to the core supplicant ++ * code by calling this function. ++ */ ++void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, ++ const u8 *buf, size_t len) ++{ ++ struct wpa_supplicant *wpa_s = ctx; ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr)); ++ wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); ++ ++ if (wpa_s->wpa_state < WPA_ASSOCIATED || ++ (wpa_s->last_eapol_matches_bssid && ++#ifdef CONFIG_AP ++ !wpa_s->ap_iface && ++#endif /* CONFIG_AP */ ++ os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) { ++ /* ++ * There is possible race condition between receiving the ++ * association event and the EAPOL frame since they are coming ++ * through different paths from the driver. In order to avoid ++ * issues in trying to process the EAPOL frame before receiving ++ * association information, lets queue it for processing until ++ * the association event is received. This may also be needed in ++ * driver-based roaming case, so also use src_addr != BSSID as a ++ * trigger if we have previously confirmed that the ++ * Authenticator uses BSSID as the src_addr (which is not the ++ * case with wired IEEE 802.1X). ++ */ ++ wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing " ++ "of received EAPOL frame (state=%s bssid=" MACSTR ")", ++ wpa_supplicant_state_txt(wpa_s->wpa_state), ++ MAC2STR(wpa_s->bssid)); ++ wpabuf_free(wpa_s->pending_eapol_rx); ++ wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); ++ if (wpa_s->pending_eapol_rx) { ++ os_get_time(&wpa_s->pending_eapol_rx_time); ++ os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, ++ ETH_ALEN); ++ } ++ return; ++ } ++ ++ wpa_s->last_eapol_matches_bssid = ++ os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0; ++ ++#ifdef CONFIG_AP ++ if (wpa_s->ap_iface) { ++ wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len); ++ return; ++ } ++#endif /* CONFIG_AP */ ++ ++ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since " ++ "no key management is configured"); ++ return; ++ } ++ ++ if (wpa_s->eapol_received == 0 && ++ (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) || ++ !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ++ wpa_s->wpa_state != WPA_COMPLETED) && ++ (wpa_s->current_ssid == NULL || ++ wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) { ++ /* Timeout for completing IEEE 802.1X and WPA authentication */ ++ wpa_supplicant_req_auth_timeout( ++ wpa_s, ++ (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || ++ wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || ++ wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ? ++ 70 : 10, 0); ++ } ++ wpa_s->eapol_received++; ++ ++ if (wpa_s->countermeasures) { ++ wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped " ++ "EAPOL packet"); ++ return; ++ } ++ ++#ifdef CONFIG_IBSS_RSN ++ if (wpa_s->current_ssid && ++ wpa_s->current_ssid->mode == WPAS_MODE_IBSS) { ++ ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len); ++ return; ++ } ++#endif /* CONFIG_IBSS_RSN */ ++ ++ /* Source address of the incoming EAPOL frame could be compared to the ++ * current BSSID. However, it is possible that a centralized ++ * Authenticator could be using another MAC address than the BSSID of ++ * an AP, so just allow any address to be used for now. The replies are ++ * still sent to the current BSSID (if available), though. */ ++ ++ os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); ++ if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && ++ eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) ++ return; ++ wpa_drv_poll(wpa_s); ++ if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) ++ wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len); ++ else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { ++ /* ++ * Set portValid = TRUE here since we are going to skip 4-way ++ * handshake processing which would normally set portValid. We ++ * need this to allow the EAPOL state machines to be completed ++ * without going through EAPOL-Key handshake. ++ */ ++ eapol_sm_notify_portValid(wpa_s->eapol, TRUE); ++ } ++} ++ ++ ++int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) ++{ ++ if (wpa_s->driver->send_eapol) { ++ const u8 *addr = wpa_drv_get_mac_addr(wpa_s); ++ if (addr) ++ os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); ++ } else if (!(wpa_s->drv_flags & ++ WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) { ++ l2_packet_deinit(wpa_s->l2); ++ wpa_s->l2 = l2_packet_init(wpa_s->ifname, ++ wpa_drv_get_mac_addr(wpa_s), ++ ETH_P_EAPOL, ++ wpa_supplicant_rx_eapol, wpa_s, 0); ++ if (wpa_s->l2 == NULL) ++ return -1; ++ } else { ++ const u8 *addr = wpa_drv_get_mac_addr(wpa_s); ++ if (addr) ++ os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); ++ } ++ ++ if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { ++ wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address"); ++ return -1; ++ } ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR, ++ MAC2STR(wpa_s->own_addr)); ++ wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); ++ ++ return 0; ++} ++ ++ ++static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr, ++ const u8 *buf, size_t len) ++{ ++ struct wpa_supplicant *wpa_s = ctx; ++ const struct l2_ethhdr *eth; ++ ++ if (len < sizeof(*eth)) ++ return; ++ eth = (const struct l2_ethhdr *) buf; ++ ++ if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 && ++ !(eth->h_dest[0] & 0x01)) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR ++ " (bridge - not for this interface - ignore)", ++ MAC2STR(src_addr), MAC2STR(eth->h_dest)); ++ return; ++ } ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR ++ " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest)); ++ wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth), ++ len - sizeof(*eth)); ++} ++ ++ ++/** ++ * wpa_supplicant_driver_init - Initialize driver interface parameters ++ * @wpa_s: Pointer to wpa_supplicant data ++ * Returns: 0 on success, -1 on failure ++ * ++ * This function is called to initialize driver interface parameters. ++ * wpa_drv_init() must have been called before this function to initialize the ++ * driver interface. ++ */ ++int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) ++{ ++ static int interface_count = 0; ++ ++ if (wpa_supplicant_update_mac_addr(wpa_s) < 0) ++ return -1; ++ ++ if (wpa_s->bridge_ifname[0]) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge " ++ "interface '%s'", wpa_s->bridge_ifname); ++ wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname, ++ wpa_s->own_addr, ++ ETH_P_EAPOL, ++ wpa_supplicant_rx_eapol_bridge, ++ wpa_s, 1); ++ if (wpa_s->l2_br == NULL) { ++ wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet " ++ "connection for the bridge interface '%s'", ++ wpa_s->bridge_ifname); ++ return -1; ++ } ++ } ++ ++ wpa_clear_keys(wpa_s, NULL); ++ ++ /* Make sure that TKIP countermeasures are not left enabled (could ++ * happen if wpa_supplicant is killed during countermeasures. */ ++ wpa_drv_set_countermeasures(wpa_s, 0); ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver"); ++ wpa_drv_flush_pmkid(wpa_s); ++ ++ wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; ++ wpa_s->prev_scan_wildcard = 0; ++ ++ if (wpa_supplicant_enabled_networks(wpa_s)) { ++ if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count, ++ 100000)) ++ wpa_supplicant_req_scan(wpa_s, interface_count, ++ 100000); ++ interface_count++; ++ } else ++ wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); ++ ++ return 0; ++} ++ ++ ++static int wpa_supplicant_daemon(const char *pid_file) ++{ ++ wpa_printf(MSG_DEBUG, "Daemonize.."); ++ return os_daemonize(pid_file); ++} ++ ++ ++static struct wpa_supplicant * wpa_supplicant_alloc(void) ++{ ++ struct wpa_supplicant *wpa_s; ++ ++ wpa_s = os_zalloc(sizeof(*wpa_s)); ++ if (wpa_s == NULL) ++ return NULL; ++ wpa_s->scan_req = INITIAL_SCAN_REQ; ++ wpa_s->scan_interval = 5; ++ wpa_s->new_connection = 1; ++ wpa_s->parent = wpa_s; ++ wpa_s->sched_scanning = 0; ++ ++ return wpa_s; ++} ++ ++ ++#ifdef CONFIG_HT_OVERRIDES ++ ++static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, ++ struct ieee80211_ht_capabilities *htcaps, ++ struct ieee80211_ht_capabilities *htcaps_mask, ++ const char *ht_mcs) ++{ ++ /* parse ht_mcs into hex array */ ++ int i; ++ const char *tmp = ht_mcs; ++ char *end = NULL; ++ ++ /* If ht_mcs is null, do not set anything */ ++ if (!ht_mcs) ++ return 0; ++ ++ /* This is what we are setting in the kernel */ ++ os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN); ++ ++ wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); ++ ++ for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { ++ errno = 0; ++ long v = strtol(tmp, &end, 16); ++ if (errno == 0) { ++ wpa_msg(wpa_s, MSG_DEBUG, ++ "htcap value[%i]: %ld end: %p tmp: %p", ++ i, v, end, tmp); ++ if (end == tmp) ++ break; ++ ++ htcaps->supported_mcs_set[i] = v; ++ tmp = end; ++ } else { ++ wpa_msg(wpa_s, MSG_ERROR, ++ "Failed to parse ht-mcs: %s, error: %s\n", ++ ht_mcs, strerror(errno)); ++ return -1; ++ } ++ } ++ ++ /* ++ * If we were able to parse any values, then set mask for the MCS set. ++ */ ++ if (i) { ++ os_memset(&htcaps_mask->supported_mcs_set, 0xff, ++ IEEE80211_HT_MCS_MASK_LEN - 1); ++ /* skip the 3 reserved bits */ ++ htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] = ++ 0x1f; ++ } ++ ++ return 0; ++} ++ ++ ++static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s, ++ struct ieee80211_ht_capabilities *htcaps, ++ struct ieee80211_ht_capabilities *htcaps_mask, ++ int disabled) ++{ ++ u16 msk; ++ ++ wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled); ++ ++ if (disabled == -1) ++ return 0; ++ ++ msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE); ++ htcaps_mask->ht_capabilities_info |= msk; ++ if (disabled) ++ htcaps->ht_capabilities_info &= msk; ++ else ++ htcaps->ht_capabilities_info |= msk; ++ ++ return 0; ++} ++ ++ ++static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s, ++ struct ieee80211_ht_capabilities *htcaps, ++ struct ieee80211_ht_capabilities *htcaps_mask, ++ int factor) ++{ ++ wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor); ++ ++ if (factor == -1) ++ return 0; ++ ++ if (factor < 0 || factor > 3) { ++ wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. " ++ "Must be 0-3 or -1", factor); ++ return -EINVAL; ++ } ++ ++ htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */ ++ htcaps->a_mpdu_params &= ~0x3; ++ htcaps->a_mpdu_params |= factor & 0x3; ++ ++ return 0; ++} ++ ++ ++static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s, ++ struct ieee80211_ht_capabilities *htcaps, ++ struct ieee80211_ht_capabilities *htcaps_mask, ++ int density) ++{ ++ wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density); ++ ++ if (density == -1) ++ return 0; ++ ++ if (density < 0 || density > 7) { ++ wpa_msg(wpa_s, MSG_ERROR, ++ "ampdu_density: %d out of range. Must be 0-7 or -1.", ++ density); ++ return -EINVAL; ++ } ++ ++ htcaps_mask->a_mpdu_params |= 0x1C; ++ htcaps->a_mpdu_params &= ~(0x1C); ++ htcaps->a_mpdu_params |= (density << 2) & 0x1C; ++ ++ return 0; ++} ++ ++ ++static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, ++ struct ieee80211_ht_capabilities *htcaps, ++ struct ieee80211_ht_capabilities *htcaps_mask, ++ int disabled) ++{ ++ /* Masking these out disables HT40 */ ++ u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET | ++ HT_CAP_INFO_SHORT_GI40MHZ); ++ ++ wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); ++ ++ if (disabled) ++ htcaps->ht_capabilities_info &= ~msk; ++ else ++ htcaps->ht_capabilities_info |= msk; ++ ++ htcaps_mask->ht_capabilities_info |= msk; ++ ++ return 0; ++} ++ ++ ++static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s, ++ struct ieee80211_ht_capabilities *htcaps, ++ struct ieee80211_ht_capabilities *htcaps_mask, ++ int disabled) ++{ ++ /* Masking these out disables SGI */ ++ u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ | ++ HT_CAP_INFO_SHORT_GI40MHZ); ++ ++ wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled); ++ ++ if (disabled) ++ htcaps->ht_capabilities_info &= ~msk; ++ else ++ htcaps->ht_capabilities_info |= msk; ++ ++ htcaps_mask->ht_capabilities_info |= msk; ++ ++ return 0; ++} ++ ++ ++void wpa_supplicant_apply_ht_overrides( ++ struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, ++ struct wpa_driver_associate_params *params) ++{ ++ struct ieee80211_ht_capabilities *htcaps; ++ struct ieee80211_ht_capabilities *htcaps_mask; ++ ++ if (!ssid) ++ return; ++ ++ params->disable_ht = ssid->disable_ht; ++ if (!params->htcaps || !params->htcaps_mask) ++ return; ++ ++ htcaps = (struct ieee80211_ht_capabilities *) params->htcaps; ++ htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask; ++ wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs); ++ wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask, ++ ssid->disable_max_amsdu); ++ wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor); ++ wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density); ++ wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40); ++ wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi); ++} ++ ++#endif /* CONFIG_HT_OVERRIDES */ ++ ++ ++static int pcsc_reader_init(struct wpa_supplicant *wpa_s) ++{ ++#ifdef PCSC_FUNCS ++ size_t len; ++ ++ if (!wpa_s->conf->pcsc_reader) ++ return 0; ++ ++ wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader); ++ if (!wpa_s->scard) ++ return 1; ++ ++ if (wpa_s->conf->pcsc_pin && ++ scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) { ++ scard_deinit(wpa_s->scard); ++ wpa_s->scard = NULL; ++ wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed"); ++ return -1; ++ } ++ ++ len = sizeof(wpa_s->imsi) - 1; ++ if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) { ++ scard_deinit(wpa_s->scard); ++ wpa_s->scard = NULL; ++ wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI"); ++ return -1; ++ } ++ wpa_s->imsi[len] = '\0'; ++ ++ wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard); ++ ++ wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)", ++ wpa_s->imsi, wpa_s->mnc_len); ++ ++ wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); ++ eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); ++#endif /* PCSC_FUNCS */ ++ ++ return 0; ++} ++ ++ ++int wpas_init_ext_pw(struct wpa_supplicant *wpa_s) ++{ ++ char *val, *pos; ++ ++ ext_password_deinit(wpa_s->ext_pw); ++ wpa_s->ext_pw = NULL; ++ eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL); ++ ++ if (!wpa_s->conf->ext_password_backend) ++ return 0; ++ ++ val = os_strdup(wpa_s->conf->ext_password_backend); ++ if (val == NULL) ++ return -1; ++ pos = os_strchr(val, ':'); ++ if (pos) ++ *pos++ = '\0'; ++ ++ wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val); ++ ++ wpa_s->ext_pw = ext_password_init(val, pos); ++ os_free(val); ++ if (wpa_s->ext_pw == NULL) { ++ wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend"); ++ return -1; ++ } ++ eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw); ++ ++ return 0; ++} ++ ++ ++static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, ++ struct wpa_interface *iface) ++{ ++ const char *ifname, *driver; ++ struct wpa_driver_capa capa; ++ ++ wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " ++ "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, ++ iface->confname ? iface->confname : "N/A", ++ iface->driver ? iface->driver : "default", ++ iface->ctrl_interface ? iface->ctrl_interface : "N/A", ++ iface->bridge_ifname ? iface->bridge_ifname : "N/A"); ++ ++ if (iface->confname) { ++#ifdef CONFIG_BACKEND_FILE ++ wpa_s->confname = os_rel2abs_path(iface->confname); ++ if (wpa_s->confname == NULL) { ++ wpa_printf(MSG_ERROR, "Failed to get absolute path " ++ "for configuration file '%s'.", ++ iface->confname); ++ return -1; ++ } ++ wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", ++ iface->confname, wpa_s->confname); ++#else /* CONFIG_BACKEND_FILE */ ++ wpa_s->confname = os_strdup(iface->confname); ++#endif /* CONFIG_BACKEND_FILE */ ++ wpa_s->conf = wpa_config_read(wpa_s->confname); ++ if (wpa_s->conf == NULL) { ++ wpa_printf(MSG_ERROR, "Failed to read or parse " ++ "configuration '%s'.", wpa_s->confname); ++ return -1; ++ } ++ ++ /* ++ * Override ctrl_interface and driver_param if set on command ++ * line. ++ */ ++ if (iface->ctrl_interface) { ++ os_free(wpa_s->conf->ctrl_interface); ++ wpa_s->conf->ctrl_interface = ++ os_strdup(iface->ctrl_interface); ++ } ++ ++ if (iface->driver_param) { ++ os_free(wpa_s->conf->driver_param); ++ wpa_s->conf->driver_param = ++ os_strdup(iface->driver_param); ++ } ++ } else ++ wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, ++ iface->driver_param); ++ ++ if (wpa_s->conf == NULL) { ++ wpa_printf(MSG_ERROR, "\nNo configuration found."); ++ return -1; ++ } ++ ++ if (iface->ifname == NULL) { ++ wpa_printf(MSG_ERROR, "\nInterface name is required."); ++ return -1; ++ } ++ if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { ++ wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", ++ iface->ifname); ++ return -1; ++ } ++ os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); ++ ++ if (iface->bridge_ifname) { ++ if (os_strlen(iface->bridge_ifname) >= ++ sizeof(wpa_s->bridge_ifname)) { ++ wpa_printf(MSG_ERROR, "\nToo long bridge interface " ++ "name '%s'.", iface->bridge_ifname); ++ return -1; ++ } ++ os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, ++ sizeof(wpa_s->bridge_ifname)); ++ } ++ ++ /* RSNA Supplicant Key Management - INITIALIZE */ ++ eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); ++ eapol_sm_notify_portValid(wpa_s->eapol, FALSE); ++ ++ /* Initialize driver interface and register driver event handler before ++ * L2 receive handler so that association events are processed before ++ * EAPOL-Key packets if both become available for the same select() ++ * call. */ ++ driver = iface->driver; ++next_driver: ++ if (wpa_supplicant_set_driver(wpa_s, driver) < 0) ++ return -1; ++ ++ wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); ++ if (wpa_s->drv_priv == NULL) { ++ const char *pos; ++ pos = driver ? os_strchr(driver, ',') : NULL; ++ if (pos) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " ++ "driver interface - try next driver wrapper"); ++ driver = pos + 1; ++ goto next_driver; ++ } ++ wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver " ++ "interface"); ++ return -1; ++ } ++ if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { ++ wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected " ++ "driver_param '%s'", wpa_s->conf->driver_param); ++ return -1; ++ } ++ ++ ifname = wpa_drv_get_ifname(wpa_s); ++ if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced " ++ "interface name with '%s'", ifname); ++ os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); ++ } ++ ++ if (wpa_supplicant_init_wpa(wpa_s) < 0) ++ return -1; ++ ++ wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, ++ wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : ++ NULL); ++ wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); ++ ++ if (wpa_s->conf->dot11RSNAConfigPMKLifetime && ++ wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, ++ wpa_s->conf->dot11RSNAConfigPMKLifetime)) { ++ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " ++ "dot11RSNAConfigPMKLifetime"); ++ return -1; ++ } ++ ++ if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && ++ wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, ++ wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { ++ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " ++ "dot11RSNAConfigPMKReauthThreshold"); ++ return -1; ++ } ++ ++ if (wpa_s->conf->dot11RSNAConfigSATimeout && ++ wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, ++ wpa_s->conf->dot11RSNAConfigSATimeout)) { ++ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " ++ "dot11RSNAConfigSATimeout"); ++ return -1; ++ } ++ ++ wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, ++ &wpa_s->hw.num_modes, ++ &wpa_s->hw.flags); ++ ++ if (wpa_drv_get_capa(wpa_s, &capa) == 0) { ++ wpa_s->drv_capa_known = 1; ++ wpa_s->drv_flags = capa.flags; ++ wpa_s->drv_enc = capa.enc; ++ wpa_s->probe_resp_offloads = capa.probe_resp_offloads; ++ wpa_s->max_scan_ssids = capa.max_scan_ssids; ++ wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids; ++ wpa_s->sched_scan_supported = capa.sched_scan_supported; ++ wpa_s->max_match_sets = capa.max_match_sets; ++ wpa_s->max_remain_on_chan = capa.max_remain_on_chan; ++ wpa_s->max_stations = capa.max_stations; ++ } ++ if (wpa_s->max_remain_on_chan == 0) ++ wpa_s->max_remain_on_chan = 1000; ++ ++ if (wpa_supplicant_driver_init(wpa_s) < 0) ++ return -1; ++ ++#ifdef CONFIG_TDLS ++ if (wpa_tdls_init(wpa_s->wpa)) ++ return -1; ++#endif /* CONFIG_TDLS */ ++ ++ if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && ++ wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country"); ++ return -1; ++ } ++ ++ if (wpas_wps_init(wpa_s)) ++ return -1; ++ ++ if (wpa_supplicant_init_eapol(wpa_s) < 0) ++ return -1; ++ wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); ++ ++ wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); ++ if (wpa_s->ctrl_iface == NULL) { ++ wpa_printf(MSG_ERROR, ++ "Failed to initialize control interface '%s'.\n" ++ "You may have another wpa_supplicant process " ++ "already running or the file was\n" ++ "left by an unclean termination of wpa_supplicant " ++ "in which case you will need\n" ++ "to manually remove this file before starting " ++ "wpa_supplicant again.\n", ++ wpa_s->conf->ctrl_interface); ++ return -1; ++ } ++ ++ wpa_s->gas = gas_query_init(wpa_s); ++ if (wpa_s->gas == NULL) { ++ wpa_printf(MSG_ERROR, "Failed to initialize GAS query"); ++ return -1; ++ } ++ ++#ifdef CONFIG_P2P ++ if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) { ++ wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); ++ return -1; ++ } ++#endif /* CONFIG_P2P */ ++ ++ if (wpa_bss_init(wpa_s) < 0) ++ return -1; ++ ++ if (pcsc_reader_init(wpa_s) < 0) ++ return -1; ++ ++ if (wpas_init_ext_pw(wpa_s) < 0) ++ return -1; ++ ++ return 0; ++} ++ ++ ++static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s, ++ int notify, int terminate) ++{ ++ if (wpa_s->drv_priv) { ++ wpa_supplicant_deauthenticate(wpa_s, ++ WLAN_REASON_DEAUTH_LEAVING); ++ ++ wpa_drv_set_countermeasures(wpa_s, 0); ++ wpa_clear_keys(wpa_s, NULL); ++ } ++ ++ wpa_supplicant_cleanup(wpa_s); ++ ++#ifdef CONFIG_P2P ++ if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing " ++ "the management interface is being removed"); ++ wpas_p2p_deinit_global(wpa_s->global); ++ } ++#endif /* CONFIG_P2P */ ++ ++ if (wpa_s->drv_priv) ++ wpa_drv_deinit(wpa_s); ++ ++ if (notify) ++ wpas_notify_iface_removed(wpa_s); ++ ++ if (terminate) ++ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); ++ ++ if (wpa_s->ctrl_iface) { ++ wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); ++ wpa_s->ctrl_iface = NULL; ++ } ++ ++ if (wpa_s->conf != NULL) { ++ wpa_config_free(wpa_s->conf); ++ wpa_s->conf = NULL; ++ } ++} ++ ++ ++/** ++ * wpa_supplicant_add_iface - Add a new network interface ++ * @global: Pointer to global data from wpa_supplicant_init() ++ * @iface: Interface configuration options ++ * Returns: Pointer to the created interface or %NULL on failure ++ * ++ * This function is used to add new network interfaces for %wpa_supplicant. ++ * This can be called before wpa_supplicant_run() to add interfaces before the ++ * main event loop has been started. In addition, new interfaces can be added ++ * dynamically while %wpa_supplicant is already running. This could happen, ++ * e.g., when a hotplug network adapter is inserted. ++ */ ++struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, ++ struct wpa_interface *iface) ++{ ++ struct wpa_supplicant *wpa_s; ++ struct wpa_interface t_iface; ++ struct wpa_ssid *ssid; ++ ++ if (global == NULL || iface == NULL) ++ return NULL; ++ ++ wpa_s = wpa_supplicant_alloc(); ++ if (wpa_s == NULL) ++ return NULL; ++ ++ wpa_s->global = global; ++ ++ t_iface = *iface; ++ if (global->params.override_driver) { ++ wpa_printf(MSG_DEBUG, "Override interface parameter: driver " ++ "('%s' -> '%s')", ++ iface->driver, global->params.override_driver); ++ t_iface.driver = global->params.override_driver; ++ } ++ if (global->params.override_ctrl_interface) { ++ wpa_printf(MSG_DEBUG, "Override interface parameter: " ++ "ctrl_interface ('%s' -> '%s')", ++ iface->ctrl_interface, ++ global->params.override_ctrl_interface); ++ t_iface.ctrl_interface = ++ global->params.override_ctrl_interface; ++ } ++ if (wpa_supplicant_init_iface(wpa_s, &t_iface)) { ++ wpa_printf(MSG_DEBUG, "Failed to add interface %s", ++ iface->ifname); ++ wpa_supplicant_deinit_iface(wpa_s, 0, 0); ++ os_free(wpa_s); ++ return NULL; ++ } ++ ++ /* Notify the control interfaces about new iface */ ++ if (wpas_notify_iface_added(wpa_s)) { ++ wpa_supplicant_deinit_iface(wpa_s, 1, 0); ++ os_free(wpa_s); ++ return NULL; ++ } ++ ++ for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) ++ wpas_notify_network_added(wpa_s, ssid); ++ ++ wpa_s->next = global->ifaces; ++ global->ifaces = wpa_s; ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname); ++ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); ++ ++ return wpa_s; ++} ++ ++ ++/** ++ * wpa_supplicant_remove_iface - Remove a network interface ++ * @global: Pointer to global data from wpa_supplicant_init() ++ * @wpa_s: Pointer to the network interface to be removed ++ * Returns: 0 if interface was removed, -1 if interface was not found ++ * ++ * This function can be used to dynamically remove network interfaces from ++ * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In ++ * addition, this function is used to remove all remaining interfaces when ++ * %wpa_supplicant is terminated. ++ */ ++int wpa_supplicant_remove_iface(struct wpa_global *global, ++ struct wpa_supplicant *wpa_s, ++ int terminate) ++{ ++ struct wpa_supplicant *prev; ++ ++ /* Remove interface from the global list of interfaces */ ++ prev = global->ifaces; ++ if (prev == wpa_s) { ++ global->ifaces = wpa_s->next; ++ } else { ++ while (prev && prev->next != wpa_s) ++ prev = prev->next; ++ if (prev == NULL) ++ return -1; ++ prev->next = wpa_s->next; ++ } ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname); ++ ++ if (global->p2p_group_formation == wpa_s) ++ global->p2p_group_formation = NULL; ++ wpa_supplicant_deinit_iface(wpa_s, 1, terminate); ++ os_free(wpa_s); ++ ++ return 0; ++} ++ ++ ++/** ++ * wpa_supplicant_get_eap_mode - Get the current EAP mode ++ * @wpa_s: Pointer to the network interface ++ * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found ++ */ ++const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s) ++{ ++ const char *eapol_method; ++ ++ if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 && ++ wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) { ++ return "NO-EAP"; ++ } ++ ++ eapol_method = eapol_sm_get_method_name(wpa_s->eapol); ++ if (eapol_method == NULL) ++ return "UNKNOWN-EAP"; ++ ++ return eapol_method; ++} ++ ++ ++/** ++ * wpa_supplicant_get_iface - Get a new network interface ++ * @global: Pointer to global data from wpa_supplicant_init() ++ * @ifname: Interface name ++ * Returns: Pointer to the interface or %NULL if not found ++ */ ++struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, ++ const char *ifname) ++{ ++ struct wpa_supplicant *wpa_s; ++ ++ for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { ++ if (os_strcmp(wpa_s->ifname, ifname) == 0) ++ return wpa_s; ++ } ++ return NULL; ++} ++ ++ ++#ifndef CONFIG_NO_WPA_MSG ++static const char * wpa_supplicant_msg_ifname_cb(void *ctx) ++{ ++ struct wpa_supplicant *wpa_s = ctx; ++ if (wpa_s == NULL) ++ return NULL; ++ return wpa_s->ifname; ++} ++#endif /* CONFIG_NO_WPA_MSG */ ++ ++ ++/** ++ * wpa_supplicant_init - Initialize %wpa_supplicant ++ * @params: Parameters for %wpa_supplicant ++ * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure ++ * ++ * This function is used to initialize %wpa_supplicant. After successful ++ * initialization, the returned data pointer can be used to add and remove ++ * network interfaces, and eventually, to deinitialize %wpa_supplicant. ++ */ ++struct wpa_global * wpa_supplicant_init(struct wpa_params *params) ++{ ++ struct wpa_global *global; ++ int ret, i; ++ ++ if (params == NULL) ++ return NULL; ++ ++#ifdef CONFIG_DRIVER_NDIS ++ { ++ void driver_ndis_init_ops(void); ++ driver_ndis_init_ops(); ++ } ++#endif /* CONFIG_DRIVER_NDIS */ ++ ++#ifndef CONFIG_NO_WPA_MSG ++ wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); ++#endif /* CONFIG_NO_WPA_MSG */ ++ ++ wpa_debug_open_file(params->wpa_debug_file_path); ++ if (params->wpa_debug_syslog) ++ wpa_debug_open_syslog(); ++ if (params->wpa_debug_tracing) { ++ ret = wpa_debug_open_linux_tracing(); ++ if (ret) { ++ wpa_printf(MSG_ERROR, ++ "Failed to enable trace logging"); ++ return NULL; ++ } ++ } ++ ++ ret = eap_register_methods(); ++ if (ret) { ++ wpa_printf(MSG_ERROR, "Failed to register EAP methods"); ++ if (ret == -2) ++ wpa_printf(MSG_ERROR, "Two or more EAP methods used " ++ "the same EAP type."); ++ return NULL; ++ } ++ ++ global = os_zalloc(sizeof(*global)); ++ if (global == NULL) ++ return NULL; ++ dl_list_init(&global->p2p_srv_bonjour); ++ dl_list_init(&global->p2p_srv_upnp); ++ global->params.daemonize = params->daemonize; ++ global->params.wait_for_monitor = params->wait_for_monitor; ++ global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; ++ if (params->pid_file) ++ global->params.pid_file = os_strdup(params->pid_file); ++ if (params->ctrl_interface) ++ global->params.ctrl_interface = ++ os_strdup(params->ctrl_interface); ++ if (params->override_driver) ++ global->params.override_driver = ++ os_strdup(params->override_driver); ++ if (params->override_ctrl_interface) ++ global->params.override_ctrl_interface = ++ os_strdup(params->override_ctrl_interface); ++ wpa_debug_level = global->params.wpa_debug_level = ++ params->wpa_debug_level; ++ wpa_debug_show_keys = global->params.wpa_debug_show_keys = ++ params->wpa_debug_show_keys; ++ wpa_debug_timestamp = global->params.wpa_debug_timestamp = ++ params->wpa_debug_timestamp; ++ ++ wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR); ++ ++ if (eloop_init()) { ++ wpa_printf(MSG_ERROR, "Failed to initialize event loop"); ++ wpa_supplicant_deinit(global); ++ return NULL; ++ } ++ ++ random_init(params->entropy_file); ++ ++ global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); ++ if (global->ctrl_iface == NULL) { ++ wpa_supplicant_deinit(global); ++ return NULL; ++ } ++ ++ if (wpas_notify_supplicant_initialized(global)) { ++ wpa_supplicant_deinit(global); ++ return NULL; ++ } ++ ++ for (i = 0; wpa_drivers[i]; i++) ++ global->drv_count++; ++ if (global->drv_count == 0) { ++ wpa_printf(MSG_ERROR, "No drivers enabled"); ++ wpa_supplicant_deinit(global); ++ return NULL; ++ } ++ global->drv_priv = os_zalloc(global->drv_count * sizeof(void *)); ++ if (global->drv_priv == NULL) { ++ wpa_supplicant_deinit(global); ++ return NULL; ++ } ++ ++#ifdef CONFIG_WIFI_DISPLAY ++ if (wifi_display_init(global) < 0) { ++ wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display"); ++ wpa_supplicant_deinit(global); ++ return NULL; ++ } ++#endif /* CONFIG_WIFI_DISPLAY */ ++ ++ return global; ++} ++ ++ ++/** ++ * wpa_supplicant_run - Run the %wpa_supplicant main event loop ++ * @global: Pointer to global data from wpa_supplicant_init() ++ * Returns: 0 after successful event loop run, -1 on failure ++ * ++ * This function starts the main event loop and continues running as long as ++ * there are any remaining events. In most cases, this function is running as ++ * long as the %wpa_supplicant process in still in use. ++ */ ++int wpa_supplicant_run(struct wpa_global *global) ++{ ++ struct wpa_supplicant *wpa_s; ++ ++ if (global->params.daemonize && ++ wpa_supplicant_daemon(global->params.pid_file)) ++ return -1; ++ ++ if (global->params.wait_for_monitor) { ++ for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) ++ if (wpa_s->ctrl_iface) ++ wpa_supplicant_ctrl_iface_wait( ++ wpa_s->ctrl_iface); ++ } ++ ++ eloop_register_signal_terminate(wpa_supplicant_terminate, global); ++ eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); ++ ++ eloop_run(); ++ ++ return 0; ++} ++ ++ ++/** ++ * wpa_supplicant_deinit - Deinitialize %wpa_supplicant ++ * @global: Pointer to global data from wpa_supplicant_init() ++ * ++ * This function is called to deinitialize %wpa_supplicant and to free all ++ * allocated resources. Remaining network interfaces will also be removed. ++ */ ++void wpa_supplicant_deinit(struct wpa_global *global) ++{ ++ int i; ++ ++ if (global == NULL) ++ return; ++ ++#ifdef CONFIG_WIFI_DISPLAY ++ wifi_display_deinit(global); ++#endif /* CONFIG_WIFI_DISPLAY */ ++#ifdef CONFIG_P2P ++ wpas_p2p_deinit_global(global); ++#endif /* CONFIG_P2P */ ++ ++ while (global->ifaces) ++ wpa_supplicant_remove_iface(global, global->ifaces, 1); ++ ++ if (global->ctrl_iface) ++ wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); ++ ++ wpas_notify_supplicant_deinitialized(global); ++ ++ eap_peer_unregister_methods(); ++#ifdef CONFIG_AP ++ eap_server_unregister_methods(); ++#endif /* CONFIG_AP */ ++ ++ for (i = 0; wpa_drivers[i] && global->drv_priv; i++) { ++ if (!global->drv_priv[i]) ++ continue; ++ wpa_drivers[i]->global_deinit(global->drv_priv[i]); ++ } ++ os_free(global->drv_priv); ++ ++ random_deinit(); ++ ++ eloop_destroy(); ++ ++ if (global->params.pid_file) { ++ os_daemonize_terminate(global->params.pid_file); ++ os_free(global->params.pid_file); ++ } ++ os_free(global->params.ctrl_interface); ++ os_free(global->params.override_driver); ++ os_free(global->params.override_ctrl_interface); ++ ++ os_free(global->p2p_disallow_freq); ++ ++ os_free(global); ++ wpa_debug_close_syslog(); ++ wpa_debug_close_file(); ++ wpa_debug_close_linux_tracing(); ++} ++ ++ ++void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) ++{ ++ if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) && ++ wpa_s->conf->country[0] && wpa_s->conf->country[1]) { ++ char country[3]; ++ country[0] = wpa_s->conf->country[0]; ++ country[1] = wpa_s->conf->country[1]; ++ country[2] = '\0'; ++ if (wpa_drv_set_country(wpa_s, country) < 0) { ++ wpa_printf(MSG_ERROR, "Failed to set country code " ++ "'%s'", country); ++ } ++ } ++ ++ if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND) ++ wpas_init_ext_pw(wpa_s); ++ ++#ifdef CONFIG_WPS ++ wpas_wps_update_config(wpa_s); ++#endif /* CONFIG_WPS */ ++ ++#ifdef CONFIG_P2P ++ wpas_p2p_update_config(wpa_s); ++#endif /* CONFIG_P2P */ ++ ++ wpa_s->conf->changed_parameters = 0; ++} ++ ++ ++static void add_freq(int *freqs, int *num_freqs, int freq) ++{ ++ int i; ++ ++ for (i = 0; i < *num_freqs; i++) { ++ if (freqs[i] == freq) ++ return; ++ } ++ ++ freqs[*num_freqs] = freq; ++ (*num_freqs)++; ++} ++ ++ ++static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s) ++{ ++ struct wpa_bss *bss, *cbss; ++ const int max_freqs = 10; ++ int *freqs; ++ int num_freqs = 0; ++ ++ freqs = os_zalloc(sizeof(int) * (max_freqs + 1)); ++ if (freqs == NULL) ++ return NULL; ++ ++ cbss = wpa_s->current_bss; ++ ++ dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { ++ if (bss == cbss) ++ continue; ++ if (bss->ssid_len == cbss->ssid_len && ++ os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 && ++ wpa_blacklist_get(wpa_s, bss->bssid) == NULL) { ++ add_freq(freqs, &num_freqs, bss->freq); ++ if (num_freqs == max_freqs) ++ break; ++ } ++ } ++ ++ if (num_freqs == 0) { ++ os_free(freqs); ++ freqs = NULL; ++ } ++ ++ return freqs; ++} ++ ++ ++void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid) ++{ ++ int timeout; ++ int count; ++ int *freqs = NULL; ++ ++ /* ++ * Remove possible authentication timeout since the connection failed. ++ */ ++ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); ++ ++ /* ++ * Add the failed BSSID into the blacklist and speed up next scan ++ * attempt if there could be other APs that could accept association. ++ * The current blacklist count indicates how many times we have tried ++ * connecting to this AP and multiple attempts mean that other APs are ++ * either not available or has already been tried, so that we can start ++ * increasing the delay here to avoid constant scanning. ++ */ ++ count = wpa_blacklist_add(wpa_s, bssid); ++ if (count == 1 && wpa_s->current_bss) { ++ /* ++ * This BSS was not in the blacklist before. If there is ++ * another BSS available for the same ESS, we should try that ++ * next. Otherwise, we may as well try this one once more ++ * before allowing other, likely worse, ESSes to be considered. ++ */ ++ freqs = get_bss_freqs_in_ess(wpa_s); ++ if (freqs) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS " ++ "has been seen; try it next"); ++ wpa_blacklist_add(wpa_s, bssid); ++ /* ++ * On the next scan, go through only the known channels ++ * used in this ESS based on previous scans to speed up ++ * common load balancing use case. ++ */ ++ os_free(wpa_s->next_scan_freqs); ++ wpa_s->next_scan_freqs = freqs; ++ } ++ } ++ ++ /* ++ * Add previous failure count in case the temporary blacklist was ++ * cleared due to no other BSSes being available. ++ */ ++ count += wpa_s->extra_blacklist_count; ++ ++ switch (count) { ++ case 1: ++ timeout = 100; ++ break; ++ case 2: ++ timeout = 500; ++ break; ++ case 3: ++ timeout = 1000; ++ break; ++ case 4: ++ timeout = 5000; ++ break; ++ default: ++ timeout = 10000; ++ break; ++ } ++ ++ wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d " ++ "ms", count, timeout); ++ ++ /* ++ * TODO: if more than one possible AP is available in scan results, ++ * could try the other ones before requesting a new scan. ++ */ ++ wpa_supplicant_req_scan(wpa_s, timeout / 1000, ++ 1000 * (timeout % 1000)); ++ ++#ifdef CONFIG_P2P ++ if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled && ++ wpa_s->global->p2p != NULL) { ++ wpa_s->global->p2p_cb_on_scan_complete = 0; ++ if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) { ++ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation " ++ "continued after failed association"); ++ } ++ } ++#endif /* CONFIG_P2P */ ++} ++ ++ ++int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) ++{ ++ return wpa_s->conf->ap_scan == 2 || ++ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION); ++} ++ ++ ++#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) ++int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s, ++ struct wpa_ssid *ssid, ++ const char *field, ++ const char *value) ++{ ++#ifdef IEEE8021X_EAPOL ++ struct eap_peer_config *eap = &ssid->eap; ++ ++ wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field); ++ wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value", ++ (const u8 *) value, os_strlen(value)); ++ ++ switch (wpa_supplicant_ctrl_req_from_string(field)) { ++ case WPA_CTRL_REQ_EAP_IDENTITY: ++ os_free(eap->identity); ++ eap->identity = (u8 *) os_strdup(value); ++ eap->identity_len = os_strlen(value); ++ eap->pending_req_identity = 0; ++ if (ssid == wpa_s->current_ssid) ++ wpa_s->reassociate = 1; ++ break; ++ case WPA_CTRL_REQ_EAP_PASSWORD: ++ os_free(eap->password); ++ eap->password = (u8 *) os_strdup(value); ++ eap->password_len = os_strlen(value); ++ eap->pending_req_password = 0; ++ if (ssid == wpa_s->current_ssid) ++ wpa_s->reassociate = 1; ++ break; ++ case WPA_CTRL_REQ_EAP_NEW_PASSWORD: ++ os_free(eap->new_password); ++ eap->new_password = (u8 *) os_strdup(value); ++ eap->new_password_len = os_strlen(value); ++ eap->pending_req_new_password = 0; ++ if (ssid == wpa_s->current_ssid) ++ wpa_s->reassociate = 1; ++ break; ++ case WPA_CTRL_REQ_EAP_PIN: ++ os_free(eap->pin); ++ eap->pin = os_strdup(value); ++ eap->pending_req_pin = 0; ++ if (ssid == wpa_s->current_ssid) ++ wpa_s->reassociate = 1; ++ break; ++ case WPA_CTRL_REQ_EAP_OTP: ++ os_free(eap->otp); ++ eap->otp = (u8 *) os_strdup(value); ++ eap->otp_len = os_strlen(value); ++ os_free(eap->pending_req_otp); ++ eap->pending_req_otp = NULL; ++ eap->pending_req_otp_len = 0; ++ break; ++ case WPA_CTRL_REQ_EAP_PASSPHRASE: ++ os_free(eap->private_key_passwd); ++ eap->private_key_passwd = (u8 *) os_strdup(value); ++ eap->pending_req_passphrase = 0; ++ if (ssid == wpa_s->current_ssid) ++ wpa_s->reassociate = 1; ++ break; ++ default: ++ wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field); ++ return -1; ++ } ++ ++ return 0; ++#else /* IEEE8021X_EAPOL */ ++ wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included"); ++ return -1; ++#endif /* IEEE8021X_EAPOL */ ++} ++#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */ ++ ++ ++int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) ++{ ++ int i; ++ unsigned int drv_enc; ++ ++ if (ssid == NULL) ++ return 1; ++ ++ if (ssid->disabled) ++ return 1; ++ ++ if (wpa_s && wpa_s->drv_capa_known) ++ drv_enc = wpa_s->drv_enc; ++ else ++ drv_enc = (unsigned int) -1; ++ ++ for (i = 0; i < NUM_WEP_KEYS; i++) { ++ size_t len = ssid->wep_key_len[i]; ++ if (len == 0) ++ continue; ++ if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40)) ++ continue; ++ if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104)) ++ continue; ++ if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128)) ++ continue; ++ return 1; /* invalid WEP key */ ++ } ++ ++ if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && ++ !ssid->ext_psk) ++ return 1; ++ ++ return 0; ++} ++ ++ ++int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s) ++{ ++ if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P) ++ return 1; ++ if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA) ++ return 0; ++ return -1; ++} ++ ++ ++void wpas_auth_failed(struct wpa_supplicant *wpa_s) ++{ ++ struct wpa_ssid *ssid = wpa_s->current_ssid; ++ int dur; ++ struct os_time now; ++ ++ if (ssid == NULL) { ++ wpa_printf(MSG_DEBUG, "Authentication failure but no known " ++ "SSID block"); ++ return; ++ } ++ ++ if (ssid->key_mgmt == WPA_KEY_MGMT_WPS) ++ return; ++ ++ ssid->auth_failures++; ++ if (ssid->auth_failures > 50) ++ dur = 300; ++ else if (ssid->auth_failures > 20) ++ dur = 120; ++ else if (ssid->auth_failures > 10) ++ dur = 60; ++ else if (ssid->auth_failures > 5) ++ dur = 30; ++ else if (ssid->auth_failures > 1) ++ dur = 20; ++ else ++ dur = 10; ++ ++ os_get_time(&now); ++ if (now.sec + dur <= ssid->disabled_until.sec) ++ return; ++ ++ ssid->disabled_until.sec = now.sec + dur; ++ ++ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED ++ "id=%d ssid=\"%s\" auth_failures=%u duration=%d", ++ ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len), ++ ssid->auth_failures, dur); ++} ++ ++ ++void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s, ++ struct wpa_ssid *ssid, int clear_failures) ++{ ++ if (ssid == NULL) ++ return; ++ ++ if (ssid->disabled_until.sec) { ++ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED ++ "id=%d ssid=\"%s\"", ++ ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); ++ } ++ ssid->disabled_until.sec = 0; ++ ssid->disabled_until.usec = 0; ++ if (clear_failures) ++ ssid->auth_failures = 0; ++} ++ ++ ++int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid) ++{ ++ size_t i; ++ ++ if (wpa_s->disallow_aps_bssid == NULL) ++ return 0; ++ ++ for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) { ++ if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN, ++ bssid, ETH_ALEN) == 0) ++ return 1; ++ } ++ ++ return 0; ++} ++ ++ ++int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid, ++ size_t ssid_len) ++{ ++ size_t i; ++ ++ if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL) ++ return 0; ++ ++ for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) { ++ struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i]; ++ if (ssid_len == s->ssid_len && ++ os_memcmp(ssid, s->ssid, ssid_len) == 0) ++ return 1; ++ } ++ ++ return 0; ++} ++ ++ ++/** ++ * wpas_request_connection - Request a new connection ++ * @wpa_s: Pointer to the network interface ++ * ++ * This function is used to request a new connection to be found. It will mark ++ * the interface to allow reassociation and request a new scan to find a ++ * suitable network to connect to. ++ */ ++void wpas_request_connection(struct wpa_supplicant *wpa_s) ++{ ++ wpa_s->normal_scans = 0; ++ wpa_supplicant_reinit_autoscan(wpa_s); ++ wpa_s->extra_blacklist_count = 0; ++ wpa_s->disconnected = 0; ++ wpa_s->reassociate = 1; ++ wpa_supplicant_req_scan(wpa_s, 0, 0); ++} diff --git a/source/n/wpa_supplicant/patches/flush-debug-output.diff b/source/n/wpa_supplicant/patches/flush-debug-output.diff new file mode 100644 index 000000000..f85d37800 --- /dev/null +++ b/source/n/wpa_supplicant/patches/flush-debug-output.diff @@ -0,0 +1,742 @@ +diff -Nur wpa_supplicant-2.0.orig/src/utils/wpa_debug.c wpa_supplicant-2.0/src/utils/wpa_debug.c +--- wpa_supplicant-2.0.orig/src/utils/wpa_debug.c 2013-01-12 09:42:53.000000000 -0600 ++++ wpa_supplicant-2.0/src/utils/wpa_debug.c 2013-05-11 14:10:37.886101742 -0500 +@@ -75,6 +75,7 @@ + if (out_file) { + fprintf(out_file, "%ld.%06u: ", (long) tv.sec, + (unsigned int) tv.usec); ++ fflush(out_file); + } else + #endif /* CONFIG_DEBUG_FILE */ + printf("%ld.%06u: ", (long) tv.sec, (unsigned int) tv.usec); +@@ -221,6 +222,7 @@ + if (out_file) { + vfprintf(out_file, fmt, ap); + fprintf(out_file, "\n"); ++ fflush(out_file); + } else { + #endif /* CONFIG_DEBUG_FILE */ + vprintf(fmt, ap); +@@ -357,6 +359,7 @@ + fprintf(out_file, " [REMOVED]"); + } + fprintf(out_file, "\n"); ++ fflush(out_file); + } else { + #endif /* CONFIG_DEBUG_FILE */ + printf("%s - hexdump(len=%lu):", title, (unsigned long) len); +@@ -425,12 +428,14 @@ + fprintf(out_file, + "%s - hexdump_ascii(len=%lu): [REMOVED]\n", + title, (unsigned long) len); ++ fflush(out_file); + return; + } + if (buf == NULL) { + fprintf(out_file, + "%s - hexdump_ascii(len=%lu): [NULL]\n", + title, (unsigned long) len); ++ fflush(out_file); + return; + } + fprintf(out_file, "%s - hexdump_ascii(len=%lu):\n", +@@ -455,6 +460,7 @@ + pos += llen; + len -= llen; + } ++ fflush(out_file); + } else { + #endif /* CONFIG_DEBUG_FILE */ + if (!show) { +diff -Nur wpa_supplicant-2.0.orig/src/utils/wpa_debug.c.orig wpa_supplicant-2.0/src/utils/wpa_debug.c.orig +--- wpa_supplicant-2.0.orig/src/utils/wpa_debug.c.orig 1969-12-31 18:00:00.000000000 -0600 ++++ wpa_supplicant-2.0/src/utils/wpa_debug.c.orig 2013-01-12 09:42:53.000000000 -0600 +@@ -0,0 +1,688 @@ ++/* ++ * wpa_supplicant/hostapd / Debug prints ++ * Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi> ++ * ++ * This software may be distributed under the terms of the BSD license. ++ * See README for more details. ++ */ ++ ++#include "includes.h" ++ ++#include "common.h" ++ ++#ifdef CONFIG_DEBUG_SYSLOG ++#include <syslog.h> ++ ++static int wpa_debug_syslog = 0; ++#endif /* CONFIG_DEBUG_SYSLOG */ ++ ++#ifdef CONFIG_DEBUG_LINUX_TRACING ++#include <sys/types.h> ++#include <sys/stat.h> ++#include <fcntl.h> ++#include <string.h> ++#include <stdio.h> ++ ++static FILE *wpa_debug_tracing_file = NULL; ++ ++#define WPAS_TRACE_PFX "wpas <%d>: " ++#endif /* CONFIG_DEBUG_LINUX_TRACING */ ++ ++ ++int wpa_debug_level = MSG_INFO; ++int wpa_debug_show_keys = 0; ++int wpa_debug_timestamp = 0; ++ ++ ++#ifdef CONFIG_ANDROID_LOG ++ ++#include <android/log.h> ++ ++#ifndef ANDROID_LOG_NAME ++#define ANDROID_LOG_NAME "wpa_supplicant" ++#endif /* ANDROID_LOG_NAME */ ++ ++static int wpa_to_android_level(int level) ++{ ++ if (level == MSG_ERROR) ++ return ANDROID_LOG_ERROR; ++ if (level == MSG_WARNING) ++ return ANDROID_LOG_WARN; ++ if (level == MSG_INFO) ++ return ANDROID_LOG_INFO; ++ return ANDROID_LOG_DEBUG; ++} ++ ++#endif /* CONFIG_ANDROID_LOG */ ++ ++#ifndef CONFIG_NO_STDOUT_DEBUG ++ ++#ifdef CONFIG_DEBUG_FILE ++static FILE *out_file = NULL; ++#endif /* CONFIG_DEBUG_FILE */ ++ ++ ++void wpa_debug_print_timestamp(void) ++{ ++#ifndef CONFIG_ANDROID_LOG ++ struct os_time tv; ++ ++ if (!wpa_debug_timestamp) ++ return; ++ ++ os_get_time(&tv); ++#ifdef CONFIG_DEBUG_FILE ++ if (out_file) { ++ fprintf(out_file, "%ld.%06u: ", (long) tv.sec, ++ (unsigned int) tv.usec); ++ } else ++#endif /* CONFIG_DEBUG_FILE */ ++ printf("%ld.%06u: ", (long) tv.sec, (unsigned int) tv.usec); ++#endif /* CONFIG_ANDROID_LOG */ ++} ++ ++ ++#ifdef CONFIG_DEBUG_SYSLOG ++#ifndef LOG_HOSTAPD ++#define LOG_HOSTAPD LOG_DAEMON ++#endif /* LOG_HOSTAPD */ ++ ++void wpa_debug_open_syslog(void) ++{ ++ openlog("wpa_supplicant", LOG_PID | LOG_NDELAY, LOG_HOSTAPD); ++ wpa_debug_syslog++; ++} ++ ++ ++void wpa_debug_close_syslog(void) ++{ ++ if (wpa_debug_syslog) ++ closelog(); ++} ++ ++ ++static int syslog_priority(int level) ++{ ++ switch (level) { ++ case MSG_MSGDUMP: ++ case MSG_DEBUG: ++ return LOG_DEBUG; ++ case MSG_INFO: ++ return LOG_NOTICE; ++ case MSG_WARNING: ++ return LOG_WARNING; ++ case MSG_ERROR: ++ return LOG_ERR; ++ } ++ return LOG_INFO; ++} ++#endif /* CONFIG_DEBUG_SYSLOG */ ++ ++ ++#ifdef CONFIG_DEBUG_LINUX_TRACING ++ ++int wpa_debug_open_linux_tracing(void) ++{ ++ int mounts, trace_fd; ++ char buf[4096] = {}; ++ ssize_t buflen; ++ char *line, *tmp1, *path = NULL; ++ ++ mounts = open("/proc/mounts", O_RDONLY); ++ if (mounts < 0) { ++ printf("no /proc/mounts\n"); ++ return -1; ++ } ++ ++ buflen = read(mounts, buf, sizeof(buf) - 1); ++ close(mounts); ++ if (buflen < 0) { ++ printf("failed to read /proc/mounts\n"); ++ return -1; ++ } ++ ++ line = strtok_r(buf, "\n", &tmp1); ++ while (line) { ++ char *tmp2, *tmp_path, *fstype; ++ /* "<dev> <mountpoint> <fs type> ..." */ ++ strtok_r(line, " ", &tmp2); ++ tmp_path = strtok_r(NULL, " ", &tmp2); ++ fstype = strtok_r(NULL, " ", &tmp2); ++ if (strcmp(fstype, "debugfs") == 0) { ++ path = tmp_path; ++ break; ++ } ++ ++ line = strtok_r(NULL, "\n", &tmp1); ++ } ++ ++ if (path == NULL) { ++ printf("debugfs mountpoint not found\n"); ++ return -1; ++ } ++ ++ snprintf(buf, sizeof(buf) - 1, "%s/tracing/trace_marker", path); ++ ++ trace_fd = open(buf, O_WRONLY); ++ if (trace_fd < 0) { ++ printf("failed to open trace_marker file\n"); ++ return -1; ++ } ++ wpa_debug_tracing_file = fdopen(trace_fd, "w"); ++ if (wpa_debug_tracing_file == NULL) { ++ close(trace_fd); ++ printf("failed to fdopen()\n"); ++ return -1; ++ } ++ ++ return 0; ++} ++ ++ ++void wpa_debug_close_linux_tracing(void) ++{ ++ if (wpa_debug_tracing_file == NULL) ++ return; ++ fclose(wpa_debug_tracing_file); ++ wpa_debug_tracing_file = NULL; ++} ++ ++#endif /* CONFIG_DEBUG_LINUX_TRACING */ ++ ++ ++/** ++ * wpa_printf - conditional printf ++ * @level: priority level (MSG_*) of the message ++ * @fmt: printf format string, followed by optional arguments ++ * ++ * This function is used to print conditional debugging and error messages. The ++ * output may be directed to stdout, stderr, and/or syslog based on ++ * configuration. ++ * ++ * Note: New line '\n' is added to the end of the text when printing to stdout. ++ */ ++void wpa_printf(int level, const char *fmt, ...) ++{ ++ va_list ap; ++ ++ va_start(ap, fmt); ++ if (level >= wpa_debug_level) { ++#ifdef CONFIG_ANDROID_LOG ++ __android_log_vprint(wpa_to_android_level(level), ++ ANDROID_LOG_NAME, fmt, ap); ++#else /* CONFIG_ANDROID_LOG */ ++#ifdef CONFIG_DEBUG_SYSLOG ++ if (wpa_debug_syslog) { ++ vsyslog(syslog_priority(level), fmt, ap); ++ } else { ++#endif /* CONFIG_DEBUG_SYSLOG */ ++ wpa_debug_print_timestamp(); ++#ifdef CONFIG_DEBUG_FILE ++ if (out_file) { ++ vfprintf(out_file, fmt, ap); ++ fprintf(out_file, "\n"); ++ } else { ++#endif /* CONFIG_DEBUG_FILE */ ++ vprintf(fmt, ap); ++ printf("\n"); ++#ifdef CONFIG_DEBUG_FILE ++ } ++#endif /* CONFIG_DEBUG_FILE */ ++#ifdef CONFIG_DEBUG_SYSLOG ++ } ++#endif /* CONFIG_DEBUG_SYSLOG */ ++#endif /* CONFIG_ANDROID_LOG */ ++ } ++ va_end(ap); ++ ++#ifdef CONFIG_DEBUG_LINUX_TRACING ++ if (wpa_debug_tracing_file != NULL) { ++ va_start(ap, fmt); ++ fprintf(wpa_debug_tracing_file, WPAS_TRACE_PFX, level); ++ vfprintf(wpa_debug_tracing_file, fmt, ap); ++ fprintf(wpa_debug_tracing_file, "\n"); ++ fflush(wpa_debug_tracing_file); ++ va_end(ap); ++ } ++#endif /* CONFIG_DEBUG_LINUX_TRACING */ ++} ++ ++ ++static void _wpa_hexdump(int level, const char *title, const u8 *buf, ++ size_t len, int show) ++{ ++ size_t i; ++ ++#ifdef CONFIG_DEBUG_LINUX_TRACING ++ if (wpa_debug_tracing_file != NULL) { ++ fprintf(wpa_debug_tracing_file, ++ WPAS_TRACE_PFX "%s - hexdump(len=%lu):", ++ level, title, (unsigned long) len); ++ if (buf == NULL) { ++ fprintf(wpa_debug_tracing_file, " [NULL]\n"); ++ } else if (!show) { ++ fprintf(wpa_debug_tracing_file, " [REMOVED]\n"); ++ } else { ++ for (i = 0; i < len; i++) ++ fprintf(wpa_debug_tracing_file, ++ " %02x", buf[i]); ++ } ++ fflush(wpa_debug_tracing_file); ++ } ++#endif /* CONFIG_DEBUG_LINUX_TRACING */ ++ ++ if (level < wpa_debug_level) ++ return; ++#ifdef CONFIG_ANDROID_LOG ++ { ++ const char *display; ++ char *strbuf = NULL; ++ size_t slen = len; ++ if (buf == NULL) { ++ display = " [NULL]"; ++ } else if (len == 0) { ++ display = ""; ++ } else if (show && len) { ++ /* Limit debug message length for Android log */ ++ if (slen > 32) ++ slen = 32; ++ strbuf = os_malloc(1 + 3 * slen); ++ if (strbuf == NULL) { ++ wpa_printf(MSG_ERROR, "wpa_hexdump: Failed to " ++ "allocate message buffer"); ++ return; ++ } ++ ++ for (i = 0; i < slen; i++) ++ os_snprintf(&strbuf[i * 3], 4, " %02x", ++ buf[i]); ++ ++ display = strbuf; ++ } else { ++ display = " [REMOVED]"; ++ } ++ ++ __android_log_print(wpa_to_android_level(level), ++ ANDROID_LOG_NAME, ++ "%s - hexdump(len=%lu):%s%s", ++ title, (long unsigned int) len, display, ++ len > slen ? " ..." : ""); ++ os_free(strbuf); ++ return; ++ } ++#else /* CONFIG_ANDROID_LOG */ ++#ifdef CONFIG_DEBUG_SYSLOG ++ if (wpa_debug_syslog) { ++ const char *display; ++ char *strbuf = NULL; ++ ++ if (buf == NULL) { ++ display = " [NULL]"; ++ } else if (len == 0) { ++ display = ""; ++ } else if (show && len) { ++ strbuf = os_malloc(1 + 3 * len); ++ if (strbuf == NULL) { ++ wpa_printf(MSG_ERROR, "wpa_hexdump: Failed to " ++ "allocate message buffer"); ++ return; ++ } ++ ++ for (i = 0; i < len; i++) ++ os_snprintf(&strbuf[i * 3], 4, " %02x", ++ buf[i]); ++ ++ display = strbuf; ++ } else { ++ display = " [REMOVED]"; ++ } ++ ++ syslog(syslog_priority(level), "%s - hexdump(len=%lu):%s", ++ title, (unsigned long) len, display); ++ os_free(strbuf); ++ return; ++ } ++#endif /* CONFIG_DEBUG_SYSLOG */ ++ wpa_debug_print_timestamp(); ++#ifdef CONFIG_DEBUG_FILE ++ if (out_file) { ++ fprintf(out_file, "%s - hexdump(len=%lu):", ++ title, (unsigned long) len); ++ if (buf == NULL) { ++ fprintf(out_file, " [NULL]"); ++ } else if (show) { ++ for (i = 0; i < len; i++) ++ fprintf(out_file, " %02x", buf[i]); ++ } else { ++ fprintf(out_file, " [REMOVED]"); ++ } ++ fprintf(out_file, "\n"); ++ } else { ++#endif /* CONFIG_DEBUG_FILE */ ++ printf("%s - hexdump(len=%lu):", title, (unsigned long) len); ++ if (buf == NULL) { ++ printf(" [NULL]"); ++ } else if (show) { ++ for (i = 0; i < len; i++) ++ printf(" %02x", buf[i]); ++ } else { ++ printf(" [REMOVED]"); ++ } ++ printf("\n"); ++#ifdef CONFIG_DEBUG_FILE ++ } ++#endif /* CONFIG_DEBUG_FILE */ ++#endif /* CONFIG_ANDROID_LOG */ ++} ++ ++void wpa_hexdump(int level, const char *title, const u8 *buf, size_t len) ++{ ++ _wpa_hexdump(level, title, buf, len, 1); ++} ++ ++ ++void wpa_hexdump_key(int level, const char *title, const u8 *buf, size_t len) ++{ ++ _wpa_hexdump(level, title, buf, len, wpa_debug_show_keys); ++} ++ ++ ++static void _wpa_hexdump_ascii(int level, const char *title, const u8 *buf, ++ size_t len, int show) ++{ ++ size_t i, llen; ++ const u8 *pos = buf; ++ const size_t line_len = 16; ++ ++#ifdef CONFIG_DEBUG_LINUX_TRACING ++ if (wpa_debug_tracing_file != NULL) { ++ fprintf(wpa_debug_tracing_file, ++ WPAS_TRACE_PFX "%s - hexdump_ascii(len=%lu):", ++ level, title, (unsigned long) len); ++ if (buf == NULL) { ++ fprintf(wpa_debug_tracing_file, " [NULL]\n"); ++ } else if (!show) { ++ fprintf(wpa_debug_tracing_file, " [REMOVED]\n"); ++ } else { ++ /* can do ascii processing in userspace */ ++ for (i = 0; i < len; i++) ++ fprintf(wpa_debug_tracing_file, ++ " %02x", buf[i]); ++ } ++ fflush(wpa_debug_tracing_file); ++ } ++#endif /* CONFIG_DEBUG_LINUX_TRACING */ ++ ++ if (level < wpa_debug_level) ++ return; ++#ifdef CONFIG_ANDROID_LOG ++ _wpa_hexdump(level, title, buf, len, show); ++#else /* CONFIG_ANDROID_LOG */ ++ wpa_debug_print_timestamp(); ++#ifdef CONFIG_DEBUG_FILE ++ if (out_file) { ++ if (!show) { ++ fprintf(out_file, ++ "%s - hexdump_ascii(len=%lu): [REMOVED]\n", ++ title, (unsigned long) len); ++ return; ++ } ++ if (buf == NULL) { ++ fprintf(out_file, ++ "%s - hexdump_ascii(len=%lu): [NULL]\n", ++ title, (unsigned long) len); ++ return; ++ } ++ fprintf(out_file, "%s - hexdump_ascii(len=%lu):\n", ++ title, (unsigned long) len); ++ while (len) { ++ llen = len > line_len ? line_len : len; ++ fprintf(out_file, " "); ++ for (i = 0; i < llen; i++) ++ fprintf(out_file, " %02x", pos[i]); ++ for (i = llen; i < line_len; i++) ++ fprintf(out_file, " "); ++ fprintf(out_file, " "); ++ for (i = 0; i < llen; i++) { ++ if (isprint(pos[i])) ++ fprintf(out_file, "%c", pos[i]); ++ else ++ fprintf(out_file, "_"); ++ } ++ for (i = llen; i < line_len; i++) ++ fprintf(out_file, " "); ++ fprintf(out_file, "\n"); ++ pos += llen; ++ len -= llen; ++ } ++ } else { ++#endif /* CONFIG_DEBUG_FILE */ ++ if (!show) { ++ printf("%s - hexdump_ascii(len=%lu): [REMOVED]\n", ++ title, (unsigned long) len); ++ return; ++ } ++ if (buf == NULL) { ++ printf("%s - hexdump_ascii(len=%lu): [NULL]\n", ++ title, (unsigned long) len); ++ return; ++ } ++ printf("%s - hexdump_ascii(len=%lu):\n", title, (unsigned long) len); ++ while (len) { ++ llen = len > line_len ? line_len : len; ++ printf(" "); ++ for (i = 0; i < llen; i++) ++ printf(" %02x", pos[i]); ++ for (i = llen; i < line_len; i++) ++ printf(" "); ++ printf(" "); ++ for (i = 0; i < llen; i++) { ++ if (isprint(pos[i])) ++ printf("%c", pos[i]); ++ else ++ printf("_"); ++ } ++ for (i = llen; i < line_len; i++) ++ printf(" "); ++ printf("\n"); ++ pos += llen; ++ len -= llen; ++ } ++#ifdef CONFIG_DEBUG_FILE ++ } ++#endif /* CONFIG_DEBUG_FILE */ ++#endif /* CONFIG_ANDROID_LOG */ ++} ++ ++ ++void wpa_hexdump_ascii(int level, const char *title, const u8 *buf, size_t len) ++{ ++ _wpa_hexdump_ascii(level, title, buf, len, 1); ++} ++ ++ ++void wpa_hexdump_ascii_key(int level, const char *title, const u8 *buf, ++ size_t len) ++{ ++ _wpa_hexdump_ascii(level, title, buf, len, wpa_debug_show_keys); ++} ++ ++ ++#ifdef CONFIG_DEBUG_FILE ++static char *last_path = NULL; ++#endif /* CONFIG_DEBUG_FILE */ ++ ++int wpa_debug_reopen_file(void) ++{ ++#ifdef CONFIG_DEBUG_FILE ++ int rv; ++ if (last_path) { ++ char *tmp = os_strdup(last_path); ++ wpa_debug_close_file(); ++ rv = wpa_debug_open_file(tmp); ++ os_free(tmp); ++ } else { ++ wpa_printf(MSG_ERROR, "Last-path was not set, cannot " ++ "re-open log file."); ++ rv = -1; ++ } ++ return rv; ++#else /* CONFIG_DEBUG_FILE */ ++ return 0; ++#endif /* CONFIG_DEBUG_FILE */ ++} ++ ++ ++int wpa_debug_open_file(const char *path) ++{ ++#ifdef CONFIG_DEBUG_FILE ++ if (!path) ++ return 0; ++ ++ if (last_path == NULL || os_strcmp(last_path, path) != 0) { ++ /* Save our path to enable re-open */ ++ os_free(last_path); ++ last_path = os_strdup(path); ++ } ++ ++ out_file = fopen(path, "a"); ++ if (out_file == NULL) { ++ wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to open " ++ "output file, using standard output"); ++ return -1; ++ } ++#ifndef _WIN32 ++ setvbuf(out_file, NULL, _IOLBF, 0); ++#endif /* _WIN32 */ ++#endif /* CONFIG_DEBUG_FILE */ ++ return 0; ++} ++ ++ ++void wpa_debug_close_file(void) ++{ ++#ifdef CONFIG_DEBUG_FILE ++ if (!out_file) ++ return; ++ fclose(out_file); ++ out_file = NULL; ++ os_free(last_path); ++ last_path = NULL; ++#endif /* CONFIG_DEBUG_FILE */ ++} ++ ++#endif /* CONFIG_NO_STDOUT_DEBUG */ ++ ++ ++#ifndef CONFIG_NO_WPA_MSG ++static wpa_msg_cb_func wpa_msg_cb = NULL; ++ ++void wpa_msg_register_cb(wpa_msg_cb_func func) ++{ ++ wpa_msg_cb = func; ++} ++ ++ ++static wpa_msg_get_ifname_func wpa_msg_ifname_cb = NULL; ++ ++void wpa_msg_register_ifname_cb(wpa_msg_get_ifname_func func) ++{ ++ wpa_msg_ifname_cb = func; ++} ++ ++ ++void wpa_msg(void *ctx, int level, const char *fmt, ...) ++{ ++ va_list ap; ++ char *buf; ++ const int buflen = 2048; ++ int len; ++ char prefix[130]; ++ ++ buf = os_malloc(buflen); ++ if (buf == NULL) { ++ wpa_printf(MSG_ERROR, "wpa_msg: Failed to allocate message " ++ "buffer"); ++ return; ++ } ++ va_start(ap, fmt); ++ prefix[0] = '\0'; ++ if (wpa_msg_ifname_cb) { ++ const char *ifname = wpa_msg_ifname_cb(ctx); ++ if (ifname) { ++ int res = os_snprintf(prefix, sizeof(prefix), "%s: ", ++ ifname); ++ if (res < 0 || res >= (int) sizeof(prefix)) ++ prefix[0] = '\0'; ++ } ++ } ++ len = vsnprintf(buf, buflen, fmt, ap); ++ va_end(ap); ++ wpa_printf(level, "%s%s", prefix, buf); ++ if (wpa_msg_cb) ++ wpa_msg_cb(ctx, level, buf, len); ++ os_free(buf); ++} ++ ++ ++void wpa_msg_ctrl(void *ctx, int level, const char *fmt, ...) ++{ ++ va_list ap; ++ char *buf; ++ const int buflen = 2048; ++ int len; ++ ++ if (!wpa_msg_cb) ++ return; ++ ++ buf = os_malloc(buflen); ++ if (buf == NULL) { ++ wpa_printf(MSG_ERROR, "wpa_msg_ctrl: Failed to allocate " ++ "message buffer"); ++ return; ++ } ++ va_start(ap, fmt); ++ len = vsnprintf(buf, buflen, fmt, ap); ++ va_end(ap); ++ wpa_msg_cb(ctx, level, buf, len); ++ os_free(buf); ++} ++#endif /* CONFIG_NO_WPA_MSG */ ++ ++ ++#ifndef CONFIG_NO_HOSTAPD_LOGGER ++static hostapd_logger_cb_func hostapd_logger_cb = NULL; ++ ++void hostapd_logger_register_cb(hostapd_logger_cb_func func) ++{ ++ hostapd_logger_cb = func; ++} ++ ++ ++void hostapd_logger(void *ctx, const u8 *addr, unsigned int module, int level, ++ const char *fmt, ...) ++{ ++ va_list ap; ++ char *buf; ++ const int buflen = 2048; ++ int len; ++ ++ buf = os_malloc(buflen); ++ if (buf == NULL) { ++ wpa_printf(MSG_ERROR, "hostapd_logger: Failed to allocate " ++ "message buffer"); ++ return; ++ } ++ va_start(ap, fmt); ++ len = vsnprintf(buf, buflen, fmt, ap); ++ va_end(ap); ++ if (hostapd_logger_cb) ++ hostapd_logger_cb(ctx, addr, module, level, buf, len); ++ else if (addr) ++ wpa_printf(MSG_DEBUG, "hostapd_logger: STA " MACSTR " - %s", ++ MAC2STR(addr), buf); ++ else ++ wpa_printf(MSG_DEBUG, "hostapd_logger: %s", buf); ++ os_free(buf); ++} ++#endif /* CONFIG_NO_HOSTAPD_LOGGER */ diff --git a/source/n/wpa_supplicant/patches/include-unistd_h.diff b/source/n/wpa_supplicant/patches/include-unistd_h.diff deleted file mode 100644 index a3c6ae83f..000000000 --- a/source/n/wpa_supplicant/patches/include-unistd_h.diff +++ /dev/null @@ -1,15 +0,0 @@ -diff -Nur wpa_supplicant-1.0-rc3.orig/wpa_supplicant/wpa_gui-qt4/wpagui.cpp wpa_supplicant-1.0-rc3/wpa_supplicant/wpa_gui-qt4/wpagui.cpp ---- wpa_supplicant-1.0-rc3.orig/wpa_supplicant/wpa_gui-qt4/wpagui.cpp 2012-04-16 15:15:40.000000000 -0500 -+++ wpa_supplicant-1.0-rc3/wpa_supplicant/wpa_gui-qt4/wpagui.cpp 2012-05-05 17:04:40.706570034 -0500 -@@ -12,10 +12,8 @@ - * See README and COPYING for more details. - */ - --#ifdef __MINGW32__ --/* Need to get getopt() */ -+/* Need to get getopt() regardless with gcc-4.7.x */ - #include <unistd.h> --#endif - - #ifdef CONFIG_NATIVE_WINDOWS - #include <windows.h> diff --git a/source/n/wpa_supplicant/patches/libnl3-includes.diff b/source/n/wpa_supplicant/patches/libnl3-includes.diff deleted file mode 100644 index f8ff01c18..000000000 --- a/source/n/wpa_supplicant/patches/libnl3-includes.diff +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nur wpa_supplicant-1.0-rc3.orig/src/drivers/drivers.mak wpa_supplicant-1.0-rc3/src/drivers/drivers.mak ---- wpa_supplicant-1.0-rc3.orig/src/drivers/drivers.mak 2012-04-16 15:15:40.000000000 -0500 -+++ wpa_supplicant-1.0-rc3/src/drivers/drivers.mak 2012-05-05 17:16:01.933597117 -0500 -@@ -48,7 +48,7 @@ - ifdef CONFIG_LIBNL32 - DRV_LIBS += -lnl-3 - DRV_LIBS += -lnl-genl-3 -- DRV_CFLAGS += -DCONFIG_LIBNL20 -+ DRV_CFLAGS += -DCONFIG_LIBNL20 `pkg-config --cflags libnl-3.0` - else - ifdef CONFIG_LIBNL_TINY - DRV_LIBS += -lnl-tiny diff --git a/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff b/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff index 2b3eb6726..eda38c772 100644 --- a/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff +++ b/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff @@ -1,7 +1,7 @@ -diff -Nur wpa_supplicant-1.0-rc3.orig/wpa_supplicant/events.c wpa_supplicant-1.0-rc3/wpa_supplicant/events.c ---- wpa_supplicant-1.0-rc3.orig/wpa_supplicant/events.c 2012-04-16 15:15:40.000000000 -0500 -+++ wpa_supplicant-1.0-rc3/wpa_supplicant/events.c 2012-05-05 17:02:38.061179720 -0500 -@@ -1076,7 +1076,7 @@ +diff -Nur wpa_supplicant-2.0.orig/wpa_supplicant/events.c wpa_supplicant-2.0/wpa_supplicant/events.c +--- wpa_supplicant-2.0.orig/wpa_supplicant/events.c 2013-01-12 09:42:53.000000000 -0600 ++++ wpa_supplicant-2.0/wpa_supplicant/events.c 2013-05-11 14:08:26.813457800 -0500 +@@ -1147,7 +1147,7 @@ } wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available"); diff --git a/source/n/wpa_supplicant/patches/squelch-driver-disconnect-spam.diff b/source/n/wpa_supplicant/patches/squelch-driver-disconnect-spam.diff deleted file mode 100644 index b8d2be6ad..000000000 --- a/source/n/wpa_supplicant/patches/squelch-driver-disconnect-spam.diff +++ /dev/null @@ -1,95 +0,0 @@ -diff -Nur wpa_supplicant-1.0-rc3.orig/wpa_supplicant/events.c wpa_supplicant-1.0-rc3/wpa_supplicant/events.c ---- wpa_supplicant-1.0-rc3.orig/wpa_supplicant/events.c 2012-04-16 15:15:40.000000000 -0500 -+++ wpa_supplicant-1.0-rc3/wpa_supplicant/events.c 2012-05-06 01:01:17.529134316 -0500 -@@ -1593,6 +1593,15 @@ - wpa_s->keys_cleared = 0; - wpa_clear_keys(wpa_s, wpa_s->bssid); - } -+ -+ if (wpa_s->wpa_state == WPA_DISCONNECTED) { -+ wpa_s->disconnect_count++; -+ if (!eloop_is_timeout_registered(wpa_disconnect_spam_handle, wpa_s, NULL)) { -+ eloop_register_timeout(6, 0, wpa_disconnect_spam_handle, wpa_s, NULL); -+ wpa_printf(MSG_DEBUG, "%s: scheduled DISCONNECT spam handler", __FUNCTION__); -+ } -+ } -+ - wpa_supplicant_mark_disassoc(wpa_s); - - if (authenticating && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) -diff -Nur wpa_supplicant-1.0-rc3.orig/wpa_supplicant/wpa_supplicant.c wpa_supplicant-1.0-rc3/wpa_supplicant/wpa_supplicant.c ---- wpa_supplicant-1.0-rc3.orig/wpa_supplicant/wpa_supplicant.c 2012-04-16 15:15:40.000000000 -0500 -+++ wpa_supplicant-1.0-rc3/wpa_supplicant/wpa_supplicant.c 2012-05-06 01:01:17.530134303 -0500 -@@ -434,6 +434,9 @@ - - wpa_supplicant_cancel_scan(wpa_s); - wpa_supplicant_cancel_auth_timeout(wpa_s); -+ if (eloop_is_timeout_registered(wpa_disconnect_spam_handle, wpa_s, NULL)) -+ eloop_cancel_timeout(wpa_disconnect_spam_handle, wpa_s, NULL); -+ - eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); - #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT - eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, -@@ -592,6 +595,23 @@ - #endif /* CONFIG_BGSCAN */ - - -+void wpa_disconnect_spam_handle(void *eloop_ctx, void *timeout_ctx) -+{ -+ struct wpa_supplicant *wpa_s = eloop_ctx; -+ const u8 bssid[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; -+ -+ wpa_printf(MSG_DEBUG, "%s: %d disconnect events in 6 seconds", -+ __FUNCTION__, wpa_s->disconnect_count); -+ -+ if (wpa_s->disconnect_count >= 3) { -+ wpa_printf(MSG_DEBUG, "%s: forcing SSID/BSSID reset", __FUNCTION__); -+ wpa_drv_disassociate(wpa_s, bssid, WLAN_REASON_DEAUTH_LEAVING); -+ wpa_supplicant_req_scan(wpa_s, 1, 0); -+ } -+ wpa_s->disconnect_count = 0; -+} -+ -+ - /** - * wpa_supplicant_set_state - Set current connection state - * @wpa_s: Pointer to wpa_supplicant data -@@ -612,6 +632,18 @@ - if (state != WPA_SCANNING) - wpa_supplicant_notify_scanning(wpa_s, 0); - -+ if (state != WPA_DISCONNECTED && state != WPA_SCANNING) { -+ /* If the state isn't disconnected, cancel any registered -+ * disconnect spam handler, which should only live while -+ * disconnect events are coming in quickly. -+ */ -+ wpa_s->disconnect_count = 0; -+ if (eloop_is_timeout_registered(wpa_disconnect_spam_handle, wpa_s, NULL)) { -+ wpa_printf(MSG_DEBUG, "%s: canceling DISCONNECT spam handler", __FUNCTION__); -+ eloop_cancel_timeout(wpa_disconnect_spam_handle, wpa_s, NULL); -+ } -+ } -+ - if (state == WPA_COMPLETED && wpa_s->new_connection) { - #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) - struct wpa_ssid *ssid = wpa_s->current_ssid; -diff -Nur wpa_supplicant-1.0-rc3.orig/wpa_supplicant/wpa_supplicant_i.h wpa_supplicant-1.0-rc3/wpa_supplicant/wpa_supplicant_i.h ---- wpa_supplicant-1.0-rc3.orig/wpa_supplicant/wpa_supplicant_i.h 2012-04-16 15:15:40.000000000 -0500 -+++ wpa_supplicant-1.0-rc3/wpa_supplicant/wpa_supplicant_i.h 2012-05-06 01:01:17.530134303 -0500 -@@ -355,6 +355,8 @@ - struct wps_er *wps_er; - int blacklist_cleared; - -+ int disconnect_count; -+ - struct wpabuf *pending_eapol_rx; - struct os_time pending_eapol_rx_time; - u8 pending_eapol_rx_src[ETH_ALEN]; -@@ -535,6 +537,7 @@ - int sec, int usec); - void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, - enum wpa_states state); -+void wpa_disconnect_spam_handle(void *eloop_ctx, void *timeout_ctx); - struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s); - const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s); - void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s); diff --git a/source/n/wpa_supplicant/wpa_supplicant.SlackBuild b/source/n/wpa_supplicant/wpa_supplicant.SlackBuild index 32165fa90..5cb22daa3 100755 --- a/source/n/wpa_supplicant/wpa_supplicant.SlackBuild +++ b/source/n/wpa_supplicant/wpa_supplicant.SlackBuild @@ -22,7 +22,7 @@ # ----------------------------------------------------------------------------- PKGNAM=wpa_supplicant -VERSION=1.0 +VERSION=2.0 BUILD=${BUILD:-1} SRCVERSION=$(printf $VERSION | tr _ -) @@ -76,18 +76,16 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; + # Fixup various paths in the dbus service file patch -p1 < $CWD/patches/dbus-service-file-args.diff -# Include unistd.h -patch -p1 < $CWD/patches/include-unistd_h.diff - -# Add libnl3 includes -patch -p1 < $CWD/patches/libnl3-includes.diff - # Eliminate some logspam patch -p1 < $CWD/patches/quiet-scan-results-message.diff -patch -p1 < $CWD/patches/squelch-driver-disconnect-spam.diff + +# Apply a couple of other patches from Fedora +patch -p1 < $CWD/patches/assoc-timeout.diff +patch -p1 < $CWD/patches/flush-debug-output.diff cd wpa_supplicant diff --git a/source/n/yptools/yp-tools-2.12.tar.bz2.sign b/source/n/yptools/yp-tools-2.12.tar.bz2.sign deleted file mode 100644 index a06fde67a..000000000 --- a/source/n/yptools/yp-tools-2.12.tar.bz2.sign +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.9 (GNU/Linux) -Comment: See http://www.kernel.org/signature.html for info - -iD8DBQBLzsykyGugalF9Dw4RAtmgAJ4sG0TJzmNkAz7Z+JJFfOjvGlbTGACgir1a -+uaNv6XQNH7Vu+Saqy/OsL8= -=EcSX ------END PGP SIGNATURE----- diff --git a/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff b/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff new file mode 100644 index 000000000..cce3ad44a --- /dev/null +++ b/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff @@ -0,0 +1,86 @@ +Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL +(w/ NULL return) if the salt violates specifications. Additionally, +on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords +passed to crypt() fail with EPERM (w/ NULL return). + +If using glibc's crypt(), check return value to avoid a possible +NULL pointer dereference. + +Author: mancha + +==== + +--- yp-tools-2.14/src/yppasswd.c.orig 2010-04-21 ++++ yp-tools-2.14/src/yppasswd.c 2013-05-22 +@@ -423,6 +423,7 @@ static int /* return values: 0 = not ok, + verifypassword (struct passwd *pwd, char *pwdstr, uid_t uid) + { + char *p, *q; ++ char *crypted_pass; + int ucase, lcase, other, r; + int passwdlen; + +@@ -448,12 +449,19 @@ verifypassword (struct passwd *pwd, char + } + + passwdlen = get_passwd_len (pwd->pw_passwd); +- if (pwd->pw_passwd[0] +- && !strncmp (pwd->pw_passwd, crypt (pwdstr, pwd->pw_passwd), passwdlen) +- && uid) ++ if (pwd->pw_passwd[0] && uid) + { +- fputs (_("You cannot reuse the old password.\n"), stderr); +- return 0; ++ crypted_pass = crypt (pwdstr, pwd->pw_passwd); ++ if (crypted_pass == NULL) ++ { ++ fputs (_("crypt() call failed.\n"), stderr); ++ return 0; ++ } ++ if (!strncmp (pwd->pw_passwd, crypted_pass, passwdlen)) ++ { ++ fputs (_("You cannot reuse the old password.\n"), stderr); ++ return 0; ++ } + } + + r = 0; +@@ -517,6 +525,7 @@ int + main (int argc, char **argv) + { + char *s, *progname, *domainname = NULL, *user = NULL, *master = NULL; ++ char *crypted_pass; + int f_flag = 0, l_flag = 0, p_flag = 0, error, status; + int hash_id = DES; + char rounds[11] = "\0"; /* max length is '999999999$' */ +@@ -738,7 +747,13 @@ main (int argc, char **argv) + char *sane_passwd = alloca (passwdlen + 1); + strncpy (sane_passwd, pwd->pw_passwd, passwdlen); + sane_passwd[passwdlen] = 0; +- if (strcmp (crypt (s, sane_passwd), sane_passwd)) ++ crypted_pass = crypt (s, sane_passwd); ++ if (crypted_pass == NULL) ++ { ++ fprintf (stderr, _("crypt() call failed.\n")); ++ return 1; ++ } ++ if (strcmp (crypted_pass, sane_passwd)) + { + fprintf (stderr, _("Sorry.\n")); + return 1; +@@ -833,7 +848,14 @@ main (int argc, char **argv) + break; + } + +- yppwd.newpw.pw_passwd = strdup (crypt (buf, salt)); ++ crypted_pass = crypt (buf, salt); ++ if (crypted_pass == NULL); ++ { ++ printf (_("crypt() call failed - password unchanged.\n")); ++ return 1; ++ } ++ ++ yppwd.newpw.pw_passwd = strdup (crypted_pass); + } + + if (f_flag) diff --git a/source/n/yptools/ypbind-mt-1.32.tar.sign b/source/n/yptools/ypbind-mt-1.32.tar.sign deleted file mode 100644 index 4db7167ee..000000000 --- a/source/n/yptools/ypbind-mt-1.32.tar.sign +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.9 (GNU/Linux) -Comment: See http://www.kernel.org/signature.html for info - -iD8DBQBMNHqQyGugalF9Dw4RAiHyAKCMjVXlCljwufPauK/O88jDzHZzsQCePyhN -lqHDK8Fw5zaXPE4744ydtXY= -=JpZO ------END PGP SIGNATURE----- diff --git a/source/n/yptools/ypserv-2.24.tar.sign b/source/n/yptools/ypserv-2.24.tar.sign deleted file mode 100644 index 061f09789..000000000 --- a/source/n/yptools/ypserv-2.24.tar.sign +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.9 (GNU/Linux) -Comment: See http://www.kernel.org/signature.html for info - -iD8DBQBMnHqzyGugalF9Dw4RAtUtAJ4gowJGR0cUlcNEhtLR1EOs6BDvcgCfRu0r -yTGYZzi5YnUQctBC1d9qgs0= -=r3GH ------END PGP SIGNATURE----- diff --git a/source/n/yptools/yptools.SlackBuild b/source/n/yptools/yptools.SlackBuild index 42d96a30b..7baeeb619 100755 --- a/source/n/yptools/yptools.SlackBuild +++ b/source/n/yptools/yptools.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,13 +22,13 @@ # Package version number: -VERSION=2.12 -BUILD=${BUILD:-3} +VERSION=2.14 +BUILD=${BUILD:-2} YPTOOLS=$VERSION -YPBINDMT=1.32 +YPBINDMT=1.37.1 #YPMAKE=0.11 -YPSERV=2.24 +YPSERV=2.31 # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -70,6 +70,7 @@ zcat $CWD/nsswitch.conf-nis.gz > $PKG/etc/nsswitch.conf-nis.new rm -rf yp-tools-$YPTOOLS tar xvf $CWD/yp-tools-$YPTOOLS.tar.bz2 || exit 1 cd yp-tools-$YPTOOLS || exit 1 +zcat $CWD/yp-tools-2.14-glibc217-crypt.diff.gz | patch -p1 --verbose || exit 1 ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ |