commit: 8674d592da2b6e61d522dc717fd6c502807cd195
Author: Zero_Chaos <zerochaos <AT> gentoo <DOT> org>
AuthorDate: Fri May 18 20:02:30 2018 +0000
Commit: Richard Farina <zerochaos <AT> gentoo <DOT> org>
CommitDate: Fri May 18 20:02:47 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8674d592
net-wireless/wpa_supplicant: add suiteb and warn
warn when use flag settings are less than ideal
Package-Manager: Portage-2.3.38, Repoman-2.3.9
net-wireless/wpa_supplicant/metadata.xml | 1 +
...-2.6-r7.ebuild => wpa_supplicant-2.6-r8.ebuild} | 22 ++++++++++++++++++++--
2 files changed, 21 insertions(+), 2 deletions(-)
diff --git a/net-wireless/wpa_supplicant/metadata.xml
b/net-wireless/wpa_supplicant/metadata.xml
index 77a7bbd4d69..885b7c3d6bb 100644
--- a/net-wireless/wpa_supplicant/metadata.xml
+++ b/net-wireless/wpa_supplicant/metadata.xml
@@ -14,6 +14,7 @@
<flag name="p2p">Add support for Wi-Fi Direct mode</flag>
<flag name="ps3">Add support for ps3 hypervisor driven gelic
wifi</flag>
<flag name="privsep">Enable wpa_priv privledge separation
binary</flag>
+ <flag name="suiteb">Enable enable NSA Suite B encryption</flag>
<flag name="tdls">Add support for Tunneled Direct Link Setup
(802.11z)</flag>
<flag name="uncommon-eap-types">Add support for GPSK, SAKE,
GPSK_SHA256, IKEV2 and EKE</flag>
<flag name="wps">Add support for Wi-Fi Protected Setup</flag>
diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r7.ebuild
b/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r8.ebuild
similarity index 94%
rename from net-wireless/wpa_supplicant/wpa_supplicant-2.6-r7.ebuild
rename to net-wireless/wpa_supplicant/wpa_supplicant-2.6-r8.ebuild
index 08686df3b1f..15d823b942f 100644
--- a/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r7.ebuild
+++ b/net-wireless/wpa_supplicant/wpa_supplicant-2.6-r8.ebuild
@@ -12,7 +12,7 @@ LICENSE="|| ( GPL-2 BSD )"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86
~x86-fbsd"
-IUSE="ap bindist dbus eap-sim eapol_test fasteap gnutls +hs2-0 libressl p2p
privsep ps3 qt5 readline selinux smartcard ssl tdls uncommon-eap-types wimax
wps kernel_linux kernel_FreeBSD"
+IUSE="ap bindist dbus eap-sim eapol_test fasteap gnutls +hs2-0 libressl p2p
privsep ps3 qt5 readline selinux smartcard ssl suiteb tdls uncommon-eap-types
wimax wps kernel_linux kernel_FreeBSD"
REQUIRED_USE="smartcard? ( ssl )"
CDEPEND="dbus? ( sys-apps/dbus )
@@ -231,18 +231,29 @@ src_configure() {
Kconfig_style_config WPA_CLI_EDIT
fi
+ if use suiteb; then
+ Kconfig_style_config SUITEB
+ fi
+
# SSL authentication methods
if use ssl ; then
if use gnutls ; then
Kconfig_style_config TLS gnutls
Kconfig_style_config GNUTLS_EXTRA
else
+ #this fails for gnutls
+ Kconfig_style_config SUITEB192
Kconfig_style_config TLS openssl
if ! use bindist; then
+ #this fails for gnutls
Kconfig_style_config EAP_PWD
+ # SAE fails on gnutls and everything below here needs
SAE
# Enabling mesh networks.
Kconfig_style_config MESH
- #we also need to disable OWE and FILS, except they
aren't enabled yet
+ #WPA3
+ Kconfig_style_config OWE
+ Kconfig_style_config SAE
+ #we also need to disable FILS, except that isn't
enabled yet
fi
fi
@@ -422,6 +433,13 @@ pkg_postinst() {
ewarn "needs to be moved to
${EROOT%/}/etc/wpa_supplicant/wpa_supplicant.conf"
fi
+ if use bindist || use gnutls; then
+ if ! use libressl; then
+ ewarn "Using bindist or gnutls use flags presently
breaks WPA3 (specifically SAE and OWE)."
+ ewarn "This is incredibly undesirable"
+ fi
+ fi
+
# Mea culpa, feel free to remove that after some time --mgorny.
local fn
for fn in wpa_supplicant{,@wlan0}.service; do
