Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-02-01 19:57:45 +01:00
Code Issues Projects Releases Packages Wiki Activity

Sat Dec 8 04:10:45 UTC 2018

Browse source 
a/btrfs-progs-v4.19.1-x86_64-1.txz:  Upgraded.
a/dbus-1.12.12-x86_64-1.txz:  Upgraded.
ap/cups-2.2.10-x86_64-1.txz:  Upgraded.
ap/cups-filters-1.21.5-x86_64-1.txz:  Upgraded.
ap/hplip-3.18.12-x86_64-1.txz:  Upgraded.
d/mercurial-4.8.1-x86_64-1.txz:  Upgraded.
d/rust-1.31.0-x86_64-1.txz:  Upgraded.
l/libpng-1.6.36-x86_64-1.txz:  Upgraded.
l/python-idna-2.8-x86_64-1.txz:  Upgraded.
n/ntp-4.2.8p12-x86_64-5.txz:  Rebuilt.
  Fixed logrotate file. Thanks to allend and rworkman.
n/php-7.2.13-x86_64-1.txz:  Upgraded.
  This is a security release which also contains several minor bug fixes.
  For more information, see:
    https://php.net/ChangeLog-7.php#7.2.13
  (* Security fix *)
n/wpa_supplicant-2.7-x86_64-1.txz:  Upgraded.
x/mesa-18.3.0-x86_64-1.txz:  Upgraded.
x/xf86-video-i740-1.4.0-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-60.3.3-x86_64-1.txz:  Upgraded.
  This is a bugfix release. For more information, see:
  https://www.mozilla.org/en-US/thunderbird/60.3.3/releasenotes/
xfce/thunar-volman-0.9.1-x86_64-1.txz:  Upgraded.
This commit is contained in:
Patrick J Volkerding 2018-12-08 04:10:45 +00:00 committed by Eric Hameleers
parent 37eaf40ce5
commit ad59f7ca92
32 changed files with 842 additions and 1826 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
ChangeLog.rss
View file

@ -11,9 +11,42 @@
<description>Tracking Slackware development in git.</description>
<language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
<pubDate>Thu, 6 Dec 2018 04:38:11 GMT</pubDate>
<lastBuildDate>Thu, 6 Dec 2018 16:59:27 GMT</lastBuildDate>
<pubDate>Sat, 8 Dec 2018 04:10:45 GMT</pubDate>
<lastBuildDate>Sat, 8 Dec 2018 07:59:41 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.10</generator>
<item>
<title>Sat, 8 Dec 2018 04:10:45 GMT</title>
<pubDate>Sat, 8 Dec 2018 04:10:45 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20181208041045</link>
<guid isPermaLink="false">20181208041045</guid>
<description>
<![CDATA[<pre>
a/btrfs-progs-v4.19.1-x86_64-1.txz: Upgraded.
a/dbus-1.12.12-x86_64-1.txz: Upgraded.
ap/cups-2.2.10-x86_64-1.txz: Upgraded.
ap/cups-filters-1.21.5-x86_64-1.txz: Upgraded.
ap/hplip-3.18.12-x86_64-1.txz: Upgraded.
d/mercurial-4.8.1-x86_64-1.txz: Upgraded.
d/rust-1.31.0-x86_64-1.txz: Upgraded.
l/libpng-1.6.36-x86_64-1.txz: Upgraded.
l/python-idna-2.8-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p12-x86_64-5.txz: Rebuilt.
Fixed logrotate file. Thanks to allend and rworkman.
n/php-7.2.13-x86_64-1.txz: Upgraded.
This is a security release which also contains several minor bug fixes.
For more information, see:
https://php.net/ChangeLog-7.php#7.2.13
(* Security fix *)
n/wpa_supplicant-2.7-x86_64-1.txz: Upgraded.
x/mesa-18.3.0-x86_64-1.txz: Upgraded.
x/xf86-video-i740-1.4.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.3.3-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.3.3/releasenotes/
xfce/thunar-volman-0.9.1-x86_64-1.txz: Upgraded.
</pre>]]>
</description>
</item>
<item>
<title>Thu, 6 Dec 2018 04:38:11 GMT</title>
<pubDate>Thu, 6 Dec 2018 04:38:11 GMT</pubDate>

25
ChangeLog.txt
View file

@ -1,3 +1,28 @@
Sat Dec 8 04:10:45 UTC 2018
a/btrfs-progs-v4.19.1-x86_64-1.txz: Upgraded.
a/dbus-1.12.12-x86_64-1.txz: Upgraded.
ap/cups-2.2.10-x86_64-1.txz: Upgraded.
ap/cups-filters-1.21.5-x86_64-1.txz: Upgraded.
ap/hplip-3.18.12-x86_64-1.txz: Upgraded.
d/mercurial-4.8.1-x86_64-1.txz: Upgraded.
d/rust-1.31.0-x86_64-1.txz: Upgraded.
l/libpng-1.6.36-x86_64-1.txz: Upgraded.
l/python-idna-2.8-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p12-x86_64-5.txz: Rebuilt.
Fixed logrotate file. Thanks to allend and rworkman.
n/php-7.2.13-x86_64-1.txz: Upgraded.
This is a security release which also contains several minor bug fixes.
For more information, see:
https://php.net/ChangeLog-7.php#7.2.13
(* Security fix *)
n/wpa_supplicant-2.7-x86_64-1.txz: Upgraded.
x/mesa-18.3.0-x86_64-1.txz: Upgraded.
x/xf86-video-i740-1.4.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.3.3-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.3.3/releasenotes/
xfce/thunar-volman-0.9.1-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Dec 6 04:38:11 UTC 2018
a/kernel-generic-4.19.7-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.7-x86_64-1.txz: Upgraded.

264
FILELIST.TXT
View file

@ -1,20 +1,20 @@
Thu Dec 6 04:55:05 UTC 2018
Sat Dec 8 04:35:35 UTC 2018
Here is the file list for this directory. If you are using a
mirror site and find missing or extra files in the disk
subdirectories, please have the archive administrator refresh
the mirror.
drwxr-xr-x 12 root root 4096 2018-12-06 04:38 .
drwxr-xr-x 12 root root 4096 2018-12-08 04:10 .
-rw-r--r-- 1 root root 10064 2016-06-30 18:39 ./ANNOUNCE.14_2
-rw-r--r-- 1 root root 14341 2018-11-29 05:40 ./CHANGES_AND_HINTS.TXT
-rw-r--r-- 1 root root 912792 2018-12-03 21:20 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2018-12-03 21:20 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 912800 2018-12-06 04:55 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2018-12-06 04:55 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING
-rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3
-rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT
-rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r-- 1 root root 525237 2018-12-06 04:38 ./ChangeLog.txt
-rw-r--r-- 1 root root 526337 2018-12-08 04:10 ./ChangeLog.txt
drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI
drwxr-xr-x 2 root root 4096 2018-12-06 04:37 ./EFI/BOOT
-rw-r--r-- 1 root root 1253376 2018-02-24 20:49 ./EFI/BOOT/bootx64.efi
@ -25,9 +25,9 @@ drwxr-xr-x 2 root root 4096 2018-12-06 04:37 ./EFI/BOOT
-rwxr-xr-x 1 root root 2494 2018-02-24 20:49 ./EFI/BOOT/make-grub.sh
-rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
-rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r-- 1 root root 1201457 2018-12-03 21:19 ./FILELIST.TXT
-rw-r--r-- 1 root root 1201465 2018-12-06 04:55 ./FILELIST.TXT
-rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY
-rw-r--r-- 1 root root 731002 2018-12-06 04:53 ./PACKAGES.TXT
-rw-r--r-- 1 root root 731006 2018-12-08 04:33 ./PACKAGES.TXT
-rw-r--r-- 1 root root 8564 2016-06-28 21:33 ./README.TXT
-rw-r--r-- 1 root root 3628 2018-12-06 03:17 ./README.initrd
-rw-r--r-- 1 root root 34412 2017-12-01 17:44 ./README_CRYPT.TXT
@ -798,13 +798,13 @@ drwxr-xr-x 2 root root 4096 2012-09-20 18:06 ./patches
-rw-r--r-- 1 root root 575 2012-09-20 18:06 ./patches/FILE_LIST
-rw-r--r-- 1 root root 14 2012-09-20 18:06 ./patches/MANIFEST.bz2
-rw-r--r-- 1 root root 224 2012-09-20 18:06 ./patches/PACKAGES.TXT
drwxr-xr-x 18 root root 4096 2018-12-06 04:53 ./slackware64
-rw-r--r-- 1 root root 289831 2018-12-06 04:53 ./slackware64/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2018-12-06 04:53 ./slackware64/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 361073 2018-12-06 04:50 ./slackware64/FILE_LIST
-rw-r--r-- 1 root root 3620967 2018-12-06 04:51 ./slackware64/MANIFEST.bz2
drwxr-xr-x 18 root root 4096 2018-12-08 04:33 ./slackware64
-rw-r--r-- 1 root root 289846 2018-12-08 04:33 ./slackware64/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2018-12-08 04:33 ./slackware64/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 361088 2018-12-08 04:30 ./slackware64/FILE_LIST
-rw-r--r-- 1 root root 3616702 2018-12-08 04:31 ./slackware64/MANIFEST.bz2
lrwxrwxrwx 1 root root 15 2009-08-23 23:34 ./slackware64/PACKAGES.TXT -> ../PACKAGES.TXT
drwxr-xr-x 2 root root 28672 2018-12-06 04:50 ./slackware64/a
drwxr-xr-x 2 root root 28672 2018-12-08 04:30 ./slackware64/a
-rw-r--r-- 1 root root 327 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txt
-rw-r--r-- 1 root root 10820 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txz
-rw-r--r-- 1 root root 163 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txz.asc
@ -829,9 +829,9 @@ drwxr-xr-x 2 root root 28672 2018-12-06 04:50 ./slackware64/a
-rw-r--r-- 1 root root 226 2018-10-17 03:06 ./slackware64/a/bin-11.1-x86_64-3.txt
-rw-r--r-- 1 root root 39576 2018-10-17 03:06 ./slackware64/a/bin-11.1-x86_64-3.txz
-rw-r--r-- 1 root root 163 2018-10-17 03:06 ./slackware64/a/bin-11.1-x86_64-3.txz.asc
-rw-r--r-- 1 root root 482 2018-11-04 19:07 ./slackware64/a/btrfs-progs-v4.19-x86_64-1.txt
-rw-r--r-- 1 root root 705844 2018-11-04 19:07 ./slackware64/a/btrfs-progs-v4.19-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-04 19:07 ./slackware64/a/btrfs-progs-v4.19-x86_64-1.txz.asc
-rw-r--r-- 1 root root 482 2018-12-06 20:51 ./slackware64/a/btrfs-progs-v4.19.1-x86_64-1.txt
-rw-r--r-- 1 root root 707032 2018-12-06 20:51 ./slackware64/a/btrfs-progs-v4.19.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-06 20:51 ./slackware64/a/btrfs-progs-v4.19.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 477 2018-05-12 00:12 ./slackware64/a/bzip2-1.0.6-x86_64-3.txt
-rw-r--r-- 1 root root 92680 2018-05-12 00:12 ./slackware64/a/bzip2-1.0.6-x86_64-3.txz
-rw-r--r-- 1 root root 163 2018-05-12 00:12 ./slackware64/a/bzip2-1.0.6-x86_64-3.txz.asc
@ -847,9 +847,9 @@ drwxr-xr-x 2 root root 28672 2018-12-06 04:50 ./slackware64/a
-rw-r--r-- 1 root root 585 2018-04-13 13:01 ./slackware64/a/cryptsetup-1.7.5-x86_64-2.txt
-rw-r--r-- 1 root root 289768 2018-04-13 13:01 ./slackware64/a/cryptsetup-1.7.5-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 13:01 ./slackware64/a/cryptsetup-1.7.5-x86_64-2.txz.asc
-rw-r--r-- 1 root root 531 2018-08-04 01:17 ./slackware64/a/dbus-1.12.10-x86_64-1.txt
-rw-r--r-- 1 root root 515036 2018-08-04 01:17 ./slackware64/a/dbus-1.12.10-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-08-04 01:17 ./slackware64/a/dbus-1.12.10-x86_64-1.txz.asc
-rw-r--r-- 1 root root 531 2018-12-06 19:54 ./slackware64/a/dbus-1.12.12-x86_64-1.txt
-rw-r--r-- 1 root root 511320 2018-12-06 19:54 ./slackware64/a/dbus-1.12.12-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-06 19:54 ./slackware64/a/dbus-1.12.12-x86_64-1.txz.asc
-rw-r--r-- 1 root root 358 2018-06-28 16:51 ./slackware64/a/dcron-4.5-x86_64-9.txt
-rw-r--r-- 1 root root 34352 2018-06-28 16:51 ./slackware64/a/dcron-4.5-x86_64-9.txz
-rw-r--r-- 1 root root 163 2018-06-28 16:51 ./slackware64/a/dcron-4.5-x86_64-9.txz.asc
@ -1155,7 +1155,7 @@ drwxr-xr-x 2 root root 28672 2018-12-06 04:50 ./slackware64/a
-rw-r--r-- 1 root root 540 2018-04-13 13:15 ./slackware64/a/zoo-2.10_22-x86_64-2.txt
-rw-r--r-- 1 root root 56156 2018-04-13 13:15 ./slackware64/a/zoo-2.10_22-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 13:15 ./slackware64/a/zoo-2.10_22-x86_64-2.txz.asc
drwxr-xr-x 2 root root 20480 2018-12-03 21:15 ./slackware64/ap
drwxr-xr-x 2 root root 20480 2018-12-08 04:30 ./slackware64/ap
-rw-r--r-- 1 root root 291 2018-04-13 13:17 ./slackware64/ap/a2ps-4.14-x86_64-7.txt
-rw-r--r-- 1 root root 694880 2018-04-13 13:17 ./slackware64/ap/a2ps-4.14-x86_64-7.txz
-rw-r--r-- 1 root root 163 2018-04-13 13:17 ./slackware64/ap/a2ps-4.14-x86_64-7.txz.asc
@ -1189,12 +1189,12 @@ drwxr-xr-x 2 root root 20480 2018-12-03 21:15 ./slackware64/ap
-rw-r--r-- 1 root root 531 2018-04-13 13:17 ./slackware64/ap/cgmanager-0.41-x86_64-4.txt
-rw-r--r-- 1 root root 114300 2018-04-13 13:17 ./slackware64/ap/cgmanager-0.41-x86_64-4.txz
-rw-r--r-- 1 root root 163 2018-04-13 13:17 ./slackware64/ap/cgmanager-0.41-x86_64-4.txz.asc
-rw-r--r-- 1 root root 642 2018-11-08 22:44 ./slackware64/ap/cups-2.2.9-x86_64-1.txt
-rw-r--r-- 1 root root 1468408 2018-11-08 22:44 ./slackware64/ap/cups-2.2.9-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-08 22:44 ./slackware64/ap/cups-2.2.9-x86_64-1.txz.asc
-rw-r--r-- 1 root root 416 2018-11-24 18:57 ./slackware64/ap/cups-filters-1.21.4-x86_64-1.txt
-rw-r--r-- 1 root root 749608 2018-11-24 18:57 ./slackware64/ap/cups-filters-1.21.4-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-24 18:57 ./slackware64/ap/cups-filters-1.21.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root 642 2018-12-08 00:58 ./slackware64/ap/cups-2.2.10-x86_64-1.txt
-rw-r--r-- 1 root root 1468384 2018-12-08 00:58 ./slackware64/ap/cups-2.2.10-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-08 00:58 ./slackware64/ap/cups-2.2.10-x86_64-1.txz.asc
-rw-r--r-- 1 root root 416 2018-12-06 20:52 ./slackware64/ap/cups-filters-1.21.5-x86_64-1.txt
-rw-r--r-- 1 root root 749936 2018-12-06 20:52 ./slackware64/ap/cups-filters-1.21.5-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-06 20:52 ./slackware64/ap/cups-filters-1.21.5-x86_64-1.txz.asc
-rw-r--r-- 1 root root 576 2018-11-07 23:24 ./slackware64/ap/dash-0.5.10.2-x86_64-1.txt
-rw-r--r-- 1 root root 85340 2018-11-07 23:24 ./slackware64/ap/dash-0.5.10.2-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-07 23:24 ./slackware64/ap/dash-0.5.10.2-x86_64-1.txz.asc
@ -1240,9 +1240,9 @@ drwxr-xr-x 2 root root 20480 2018-12-03 21:15 ./slackware64/ap
-rw-r--r-- 1 root root 547 2018-05-14 18:55 ./slackware64/ap/gutenprint-5.2.14-x86_64-2.txt
-rw-r--r-- 1 root root 2613904 2018-05-14 18:55 ./slackware64/ap/gutenprint-5.2.14-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-05-14 18:55 ./slackware64/ap/gutenprint-5.2.14-x86_64-2.txz.asc
-rw-r--r-- 1 root root 459 2018-11-09 20:48 ./slackware64/ap/hplip-3.18.10-x86_64-2.txt
-rw-r--r-- 1 root root 18075240 2018-11-09 20:48 ./slackware64/ap/hplip-3.18.10-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-11-09 20:48 ./slackware64/ap/hplip-3.18.10-x86_64-2.txz.asc
-rw-r--r-- 1 root root 459 2018-12-06 20:01 ./slackware64/ap/hplip-3.18.12-x86_64-1.txt
-rw-r--r-- 1 root root 18096776 2018-12-06 20:01 ./slackware64/ap/hplip-3.18.12-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-06 20:01 ./slackware64/ap/hplip-3.18.12-x86_64-1.txz.asc
-rw-r--r-- 1 root root 481 2018-04-13 13:22 ./slackware64/ap/htop-2.2.0-x86_64-2.txt
-rw-r--r-- 1 root root 86676 2018-04-13 13:22 ./slackware64/ap/htop-2.2.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 13:22 ./slackware64/ap/htop-2.2.0-x86_64-2.txz.asc
@ -1401,7 +1401,7 @@ drwxr-xr-x 2 root root 20480 2018-12-03 21:15 ./slackware64/ap
-rw-r--r-- 1 root root 506 2018-09-14 17:54 ./slackware64/ap/zsh-5.6.2-x86_64-1.txt
-rw-r--r-- 1 root root 2973268 2018-09-14 17:54 ./slackware64/ap/zsh-5.6.2-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-09-14 17:54 ./slackware64/ap/zsh-5.6.2-x86_64-1.txz.asc
drwxr-xr-x 2 root root 16384 2018-12-06 04:50 ./slackware64/d
drwxr-xr-x 2 root root 16384 2018-12-08 04:30 ./slackware64/d
-rw-r--r-- 1 root root 360 2018-11-24 19:01 ./slackware64/d/Cython-0.29.1-x86_64-1.txt
-rw-r--r-- 1 root root 3073656 2018-11-24 19:01 ./slackware64/d/Cython-0.29.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-24 19:01 ./slackware64/d/Cython-0.29.1-x86_64-1.txz.asc
@ -1514,9 +1514,9 @@ drwxr-xr-x 2 root root 16384 2018-12-06 04:50 ./slackware64/d
-rw-r--r-- 1 root root 163 2018-10-08 18:29 ./slackware64/d/make-4.2.1-x86_64-4.txz.asc
-rw-r--r-- 1 root root 4973 2018-11-21 20:59 ./slackware64/d/maketag
-rw-r--r-- 1 root root 4973 2018-11-21 20:59 ./slackware64/d/maketag.ez
-rw-r--r-- 1 root root 659 2018-11-02 19:09 ./slackware64/d/mercurial-4.8-x86_64-1.txt
-rw-r--r-- 1 root root 4025620 2018-11-02 19:09 ./slackware64/d/mercurial-4.8-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-02 19:09 ./slackware64/d/mercurial-4.8-x86_64-1.txz.asc
-rw-r--r-- 1 root root 659 2018-12-06 20:12 ./slackware64/d/mercurial-4.8.1-x86_64-1.txt
-rw-r--r-- 1 root root 4026648 2018-12-06 20:12 ./slackware64/d/mercurial-4.8.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-06 20:12 ./slackware64/d/mercurial-4.8.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 410 2018-11-09 03:25 ./slackware64/d/meson-0.48.2-x86_64-1.txt
-rw-r--r-- 1 root root 569236 2018-11-09 03:25 ./slackware64/d/meson-0.48.2-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-09 03:25 ./slackware64/d/meson-0.48.2-x86_64-1.txz.asc
@ -1571,9 +1571,9 @@ drwxr-xr-x 2 root root 16384 2018-12-06 04:50 ./slackware64/d
-rw-r--r-- 1 root root 408 2018-10-18 17:29 ./slackware64/d/ruby-2.5.3-x86_64-1.txt
-rw-r--r-- 1 root root 5274940 2018-10-18 17:29 ./slackware64/d/ruby-2.5.3-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-10-18 17:29 ./slackware64/d/ruby-2.5.3-x86_64-1.txz.asc
-rw-r--r-- 1 root root 426 2018-11-08 23:30 ./slackware64/d/rust-1.30.1-x86_64-1.txt
-rw-r--r-- 1 root root 85678836 2018-11-08 23:30 ./slackware64/d/rust-1.30.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-08 23:30 ./slackware64/d/rust-1.30.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 426 2018-12-07 07:04 ./slackware64/d/rust-1.31.0-x86_64-1.txt
-rw-r--r-- 1 root root 87692100 2018-12-07 07:04 ./slackware64/d/rust-1.31.0-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-07 07:04 ./slackware64/d/rust-1.31.0-x86_64-1.txz.asc
-rw-r--r-- 1 root root 456 2018-04-13 14:09 ./slackware64/d/scons-3.0.1-x86_64-2.txt
-rw-r--r-- 1 root root 803204 2018-04-13 14:09 ./slackware64/d/scons-3.0.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 14:09 ./slackware64/d/scons-3.0.1-x86_64-2.txz.asc
@ -2466,7 +2466,7 @@ drwxr-xr-x 2 root root 20480 2016-03-10 03:11 ./slackware64/kdei
-rw-r--r-- 1 root root 7544 2018-03-01 07:54 ./slackware64/kdei/maketag
-rw-r--r-- 1 root root 7544 2018-03-01 07:54 ./slackware64/kdei/maketag.ez
-rw-r--r-- 1 root root 1500 2018-03-01 07:54 ./slackware64/kdei/tagfile
drwxr-xr-x 2 root root 69632 2018-12-03 21:14 ./slackware64/l
drwxr-xr-x 2 root root 69632 2018-12-08 04:30 ./slackware64/l
-rw-r--r-- 1 root root 338 2018-04-13 14:13 ./slackware64/l/ConsoleKit2-1.0.0-x86_64-4.txt
-rw-r--r-- 1 root root 149752 2018-04-13 14:13 ./slackware64/l/ConsoleKit2-1.0.0-x86_64-4.txz
-rw-r--r-- 1 root root 163 2018-04-13 14:13 ./slackware64/l/ConsoleKit2-1.0.0-x86_64-4.txz.asc
@ -3012,9 +3012,9 @@ drwxr-xr-x 2 root root 69632 2018-12-03 21:14 ./slackware64/l
-rw-r--r-- 1 root root 335 2018-04-17 07:57 ./slackware64/l/libplist-2.0.0-x86_64-2.txt
-rw-r--r-- 1 root root 119500 2018-04-17 07:57 ./slackware64/l/libplist-2.0.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-17 07:57 ./slackware64/l/libplist-2.0.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 489 2018-10-22 17:56 ./slackware64/l/libpng-1.6.35-x86_64-1.txt
-rw-r--r-- 1 root root 314308 2018-10-22 17:56 ./slackware64/l/libpng-1.6.35-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-10-22 17:56 ./slackware64/l/libpng-1.6.35-x86_64-1.txz.asc
-rw-r--r-- 1 root root 489 2018-12-06 20:10 ./slackware64/l/libpng-1.6.36-x86_64-1.txt
-rw-r--r-- 1 root root 310304 2018-12-06 20:10 ./slackware64/l/libpng-1.6.36-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-06 20:10 ./slackware64/l/libpng-1.6.36-x86_64-1.txz.asc
-rw-r--r-- 1 root root 499 2018-04-17 07:57 ./slackware64/l/libproxy-0.4.15-x86_64-2.txt
-rw-r--r-- 1 root root 91688 2018-04-17 07:57 ./slackware64/l/libproxy-0.4.15-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-17 07:57 ./slackware64/l/libproxy-0.4.15-x86_64-2.txz.asc
@ -3269,9 +3269,9 @@ drwxr-xr-x 2 root root 69632 2018-12-03 21:14 ./slackware64/l
-rw-r--r-- 1 root root 560 2018-04-13 15:15 ./slackware64/l/python-docutils-0.14-x86_64-2.txt
-rw-r--r-- 1 root root 945364 2018-04-13 15:15 ./slackware64/l/python-docutils-0.14-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 15:15 ./slackware64/l/python-docutils-0.14-x86_64-2.txz.asc
-rw-r--r-- 1 root root 537 2018-08-27 18:20 ./slackware64/l/python-idna-2.7-x86_64-1.txt
-rw-r--r-- 1 root root 122476 2018-08-27 18:20 ./slackware64/l/python-idna-2.7-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-08-27 18:20 ./slackware64/l/python-idna-2.7-x86_64-1.txz.asc
-rw-r--r-- 1 root root 537 2018-12-07 04:48 ./slackware64/l/python-idna-2.8-x86_64-1.txt
-rw-r--r-- 1 root root 122780 2018-12-07 04:48 ./slackware64/l/python-idna-2.8-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-07 04:48 ./slackware64/l/python-idna-2.8-x86_64-1.txz.asc
-rw-r--r-- 1 root root 502 2018-04-13 15:15 ./slackware64/l/python-notify2-0.3.1-x86_64-2.txt
-rw-r--r-- 1 root root 11676 2018-04-13 15:15 ./slackware64/l/python-notify2-0.3.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 15:15 ./slackware64/l/python-notify2-0.3.1-x86_64-2.txz.asc
@ -3426,7 +3426,7 @@ drwxr-xr-x 2 root root 69632 2018-12-03 21:14 ./slackware64/l
-rw-r--r-- 1 root root 463 2018-11-08 01:07 ./slackware64/l/zstd-1.3.7-x86_64-1.txt
-rw-r--r-- 1 root root 380944 2018-11-08 01:07 ./slackware64/l/zstd-1.3.7-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-08 01:07 ./slackware64/l/zstd-1.3.7-x86_64-1.txz.asc
drwxr-xr-x 2 root root 32768 2018-12-06 04:50 ./slackware64/n
drwxr-xr-x 2 root root 32768 2018-12-08 04:30 ./slackware64/n
-rw-r--r-- 1 root root 357 2018-09-24 19:22 ./slackware64/n/ModemManager-1.8.2-x86_64-1.txt
-rw-r--r-- 1 root root 1519620 2018-09-24 19:22 ./slackware64/n/ModemManager-1.8.2-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-09-24 19:22 ./slackware64/n/ModemManager-1.8.2-x86_64-1.txz.asc
@ -3731,9 +3731,9 @@ drwxr-xr-x 2 root root 32768 2018-12-06 04:50 ./slackware64/n
-rw-r--r-- 1 root root 261 2018-11-08 00:36 ./slackware64/n/npth-1.6-x86_64-1.txt
-rw-r--r-- 1 root root 34828 2018-11-08 00:36 ./slackware64/n/npth-1.6-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-08 00:36 ./slackware64/n/npth-1.6-x86_64-1.txz.asc
-rw-r--r-- 1 root root 561 2018-11-30 21:53 ./slackware64/n/ntp-4.2.8p12-x86_64-4.txt
-rw-r--r-- 1 root root 2012152 2018-11-30 21:53 ./slackware64/n/ntp-4.2.8p12-x86_64-4.txz
-rw-r--r-- 1 root root 163 2018-11-30 21:53 ./slackware64/n/ntp-4.2.8p12-x86_64-4.txz.asc
-rw-r--r-- 1 root root 561 2018-12-06 21:22 ./slackware64/n/ntp-4.2.8p12-x86_64-5.txt
-rw-r--r-- 1 root root 2012120 2018-12-06 21:22 ./slackware64/n/ntp-4.2.8p12-x86_64-5.txz
-rw-r--r-- 1 root root 163 2018-12-06 21:22 ./slackware64/n/ntp-4.2.8p12-x86_64-5.txz.asc
-rw-r--r-- 1 root root 531 2018-04-13 15:45 ./slackware64/n/obexftp-0.24.2-x86_64-3.txt
-rw-r--r-- 1 root root 106128 2018-04-13 15:45 ./slackware64/n/obexftp-0.24.2-x86_64-3.txz
-rw-r--r-- 1 root root 163 2018-04-13 15:45 ./slackware64/n/obexftp-0.24.2-x86_64-3.txz.asc
@ -3758,9 +3758,9 @@ drwxr-xr-x 2 root root 32768 2018-12-06 04:50 ./slackware64/n
-rw-r--r-- 1 root root 485 2018-09-02 19:34 ./slackware64/n/p11-kit-0.23.14-x86_64-1.txt
-rw-r--r-- 1 root root 443860 2018-09-02 19:34 ./slackware64/n/p11-kit-0.23.14-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-09-02 19:34 ./slackware64/n/p11-kit-0.23.14-x86_64-1.txz.asc
-rw-r--r-- 1 root root 374 2018-11-09 20:55 ./slackware64/n/php-7.2.12-x86_64-2.txt
-rw-r--r-- 1 root root 6528328 2018-11-09 20:55 ./slackware64/n/php-7.2.12-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-11-09 20:55 ./slackware64/n/php-7.2.12-x86_64-2.txz.asc
-rw-r--r-- 1 root root 374 2018-12-06 21:12 ./slackware64/n/php-7.2.13-x86_64-1.txt
-rw-r--r-- 1 root root 6534668 2018-12-06 21:12 ./slackware64/n/php-7.2.13-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-06 21:12 ./slackware64/n/php-7.2.13-x86_64-1.txz.asc
-rw-r--r-- 1 root root 576 2018-05-08 04:25 ./slackware64/n/pidentd-3.0.19-x86_64-4.txt
-rw-r--r-- 1 root root 43000 2018-05-08 04:25 ./slackware64/n/pidentd-3.0.19-x86_64-4.txz
-rw-r--r-- 1 root root 163 2018-05-08 04:25 ./slackware64/n/pidentd-3.0.19-x86_64-4.txz.asc
@ -3855,9 +3855,9 @@ drwxr-xr-x 2 root root 32768 2018-12-06 04:50 ./slackware64/n
-rw-r--r-- 1 root root 677 2018-04-13 15:56 ./slackware64/n/wireless_tools-29-x86_64-12.txt
-rw-r--r-- 1 root root 128284 2018-04-13 15:56 ./slackware64/n/wireless_tools-29-x86_64-12.txz
-rw-r--r-- 1 root root 163 2018-04-13 15:56 ./slackware64/n/wireless_tools-29-x86_64-12.txz.asc
-rw-r--r-- 1 root root 601 2018-05-10 13:06 ./slackware64/n/wpa_supplicant-2.6-x86_64-6.txt
-rw-r--r-- 1 root root 1089212 2018-05-10 13:06 ./slackware64/n/wpa_supplicant-2.6-x86_64-6.txz
-rw-r--r-- 1 root root 163 2018-05-10 13:06 ./slackware64/n/wpa_supplicant-2.6-x86_64-6.txz.asc
-rw-r--r-- 1 root root 600 2018-12-06 20:47 ./slackware64/n/wpa_supplicant-2.7-x86_64-1.txt
-rw-r--r-- 1 root root 1098604 2018-12-06 20:47 ./slackware64/n/wpa_supplicant-2.7-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-06 20:47 ./slackware64/n/wpa_supplicant-2.7-x86_64-1.txz.asc
-rw-r--r-- 1 root root 406 2018-06-18 04:09 ./slackware64/n/yptools-2.14-x86_64-11.txt
-rw-r--r-- 1 root root 189104 2018-06-18 04:09 ./slackware64/n/yptools-2.14-x86_64-11.txz
-rw-r--r-- 1 root root 163 2018-06-18 04:09 ./slackware64/n/yptools-2.14-x86_64-11.txz.asc
@ -3906,7 +3906,7 @@ drwxr-xr-x 2 root root 4096 2018-11-24 20:50 ./slackware64/tcl
-rw-r--r-- 1 root root 227 2018-11-24 19:32 ./slackware64/tcl/tk-8.6.9.1-x86_64-1.txt
-rw-r--r-- 1 root root 1771556 2018-11-24 19:32 ./slackware64/tcl/tk-8.6.9.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-24 19:32 ./slackware64/tcl/tk-8.6.9.1-x86_64-1.txz.asc
drwxr-xr-x 2 root root 65536 2018-11-29 06:13 ./slackware64/x
drwxr-xr-x 2 root root 65536 2018-12-08 04:30 ./slackware64/x
-rw-r--r-- 1 root root 257 2018-04-13 16:03 ./slackware64/x/anthy-9100h-x86_64-2.txt
-rw-r--r-- 1 root root 5074404 2018-04-13 16:03 ./slackware64/x/anthy-9100h-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 16:03 ./slackware64/x/anthy-9100h-x86_64-2.txz.asc
@ -4265,9 +4265,9 @@ drwxr-xr-x 2 root root 65536 2018-11-29 06:13 ./slackware64/x
-rw-r--r-- 1 root root 163 2018-04-13 05:49 ./slackware64/x/makedepend-1.0.5-x86_64-3.txz.asc
-rw-r--r-- 1 root root 22414 2018-07-20 06:28 ./slackware64/x/maketag
-rw-r--r-- 1 root root 22414 2018-07-20 06:28 ./slackware64/x/maketag.ez
-rw-r--r-- 1 root root 333 2018-11-28 21:16 ./slackware64/x/mesa-18.2.6-x86_64-1.txt
-rw-r--r-- 1 root root 9264624 2018-11-28 21:16 ./slackware64/x/mesa-18.2.6-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-28 21:16 ./slackware64/x/mesa-18.2.6-x86_64-1.txz.asc
-rw-r--r-- 1 root root 333 2018-12-07 19:47 ./slackware64/x/mesa-18.3.0-x86_64-1.txt
-rw-r--r-- 1 root root 9429712 2018-12-07 19:47 ./slackware64/x/mesa-18.3.0-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-07 19:47 ./slackware64/x/mesa-18.3.0-x86_64-1.txz.asc
-rw-r--r-- 1 root root 425 2018-04-13 06:03 ./slackware64/x/mkcomposecache-1.2.1-x86_64-3.txt
-rw-r--r-- 1 root root 9448 2018-04-13 06:03 ./slackware64/x/mkcomposecache-1.2.1-x86_64-3.txz
-rw-r--r-- 1 root root 163 2018-04-13 06:03 ./slackware64/x/mkcomposecache-1.2.1-x86_64-3.txz.asc
@ -4530,9 +4530,9 @@ drwxr-xr-x 2 root root 65536 2018-11-29 06:13 ./slackware64/x
-rw-r--r-- 1 root root 441 2018-05-11 23:32 ./slackware64/x/xf86-video-i128-1.3.6-x86_64-11.txt
-rw-r--r-- 1 root root 34824 2018-05-11 23:32 ./slackware64/x/xf86-video-i128-1.3.6-x86_64-11.txz
-rw-r--r-- 1 root root 163 2018-05-11 23:32 ./slackware64/x/xf86-video-i128-1.3.6-x86_64-11.txz.asc
-rw-r--r-- 1 root root 435 2018-05-11 23:32 ./slackware64/x/xf86-video-i740-1.3.6-x86_64-3.txt
-rw-r--r-- 1 root root 35404 2018-05-11 23:32 ./slackware64/x/xf86-video-i740-1.3.6-x86_64-3.txz
-rw-r--r-- 1 root root 163 2018-05-11 23:32 ./slackware64/x/xf86-video-i740-1.3.6-x86_64-3.txz.asc
-rw-r--r-- 1 root root 435 2018-12-07 04:57 ./slackware64/x/xf86-video-i740-1.4.0-x86_64-1.txt
-rw-r--r-- 1 root root 36124 2018-12-07 04:57 ./slackware64/x/xf86-video-i740-1.4.0-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-07 04:57 ./slackware64/x/xf86-video-i740-1.4.0-x86_64-1.txz.asc
-rw-r--r-- 1 root root 443 2018-09-26 17:24 ./slackware64/x/xf86-video-intel-20180906_25c9a2fc-x86_64-1.txt
-rw-r--r-- 1 root root 673248 2018-09-26 17:24 ./slackware64/x/xf86-video-intel-20180906_25c9a2fc-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-09-26 17:24 ./slackware64/x/xf86-video-intel-20180906_25c9a2fc-x86_64-1.txz.asc
@ -4764,7 +4764,7 @@ drwxr-xr-x 2 root root 65536 2018-11-29 06:13 ./slackware64/x
-rw-r--r-- 1 root root 213 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txt
-rw-r--r-- 1 root root 25288 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txz.asc
drwxr-xr-x 2 root root 12288 2018-12-01 03:29 ./slackware64/xap
drwxr-xr-x 2 root root 12288 2018-12-08 04:30 ./slackware64/xap
-rw-r--r-- 1 root root 625 2018-07-20 18:36 ./slackware64/xap/MPlayer-20180720-x86_64-1.txt
-rw-r--r-- 1 root root 2733036 2018-07-20 18:36 ./slackware64/xap/MPlayer-20180720-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-07-20 18:36 ./slackware64/xap/MPlayer-20180720-x86_64-1.txz.asc
@ -4832,9 +4832,9 @@ drwxr-xr-x 2 root root 12288 2018-12-01 03:29 ./slackware64/xap
-rw-r--r-- 1 root root 492 2018-10-22 21:46 ./slackware64/xap/mozilla-firefox-60.3.0esr-x86_64-1.txt
-rw-r--r-- 1 root root 39634304 2018-10-22 21:46 ./slackware64/xap/mozilla-firefox-60.3.0esr-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-10-22 21:46 ./slackware64/xap/mozilla-firefox-60.3.0esr-x86_64-1.txz.asc
-rw-r--r-- 1 root root 663 2018-11-30 21:04 ./slackware64/xap/mozilla-thunderbird-60.3.2-x86_64-1.txt
-rw-r--r-- 1 root root 36634552 2018-11-30 21:04 ./slackware64/xap/mozilla-thunderbird-60.3.2-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-30 21:04 ./slackware64/xap/mozilla-thunderbird-60.3.2-x86_64-1.txz.asc
-rw-r--r-- 1 root root 663 2018-12-06 20:00 ./slackware64/xap/mozilla-thunderbird-60.3.3-x86_64-1.txt
-rw-r--r-- 1 root root 36634740 2018-12-06 20:00 ./slackware64/xap/mozilla-thunderbird-60.3.3-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-06 20:00 ./slackware64/xap/mozilla-thunderbird-60.3.3-x86_64-1.txz.asc
-rw-r--r-- 1 root root 359 2018-09-15 17:22 ./slackware64/xap/network-manager-applet-1.8.18-x86_64-1.txt
-rw-r--r-- 1 root root 1104676 2018-09-15 17:22 ./slackware64/xap/network-manager-applet-1.8.18-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-09-15 17:22 ./slackware64/xap/network-manager-applet-1.8.18-x86_64-1.txz.asc
@ -4911,7 +4911,7 @@ drwxr-xr-x 2 root root 12288 2018-12-01 03:29 ./slackware64/xap
-rw-r--r-- 1 root root 233 2018-04-13 18:00 ./slackware64/xap/xv-3.10a-x86_64-9.txt
-rw-r--r-- 1 root root 953308 2018-04-13 18:00 ./slackware64/xap/xv-3.10a-x86_64-9.txz
-rw-r--r-- 1 root root 163 2018-04-13 18:00 ./slackware64/xap/xv-3.10a-x86_64-9.txz.asc
drwxr-xr-x 2 root root 4096 2018-12-03 21:15 ./slackware64/xfce
drwxr-xr-x 2 root root 4096 2018-12-08 04:30 ./slackware64/xfce
-rw-r--r-- 1 root root 460 2018-10-02 22:04 ./slackware64/xfce/Thunar-1.8.2-x86_64-1.txt
-rw-r--r-- 1 root root 1162632 2018-10-02 22:04 ./slackware64/xfce/Thunar-1.8.2-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-10-02 22:04 ./slackware64/xfce/Thunar-1.8.2-x86_64-1.txz.asc
@ -4938,9 +4938,9 @@ drwxr-xr-x 2 root root 4096 2018-12-03 21:15 ./slackware64/xfce
-rw-r--r-- 1 root root 1580792 2018-04-13 18:04 ./slackware64/xfce/orage-4.12.1-x86_64-5.txz
-rw-r--r-- 1 root root 163 2018-04-13 18:04 ./slackware64/xfce/orage-4.12.1-x86_64-5.txz.asc
-rw-r--r-- 1 root root 463 2018-03-01 07:55 ./slackware64/xfce/tagfile
-rw-r--r-- 1 root root 345 2018-04-13 18:04 ./slackware64/xfce/thunar-volman-0.8.1-x86_64-3.txt
-rw-r--r-- 1 root root 126140 2018-04-13 18:04 ./slackware64/xfce/thunar-volman-0.8.1-x86_64-3.txz
-rw-r--r-- 1 root root 163 2018-04-13 18:04 ./slackware64/xfce/thunar-volman-0.8.1-x86_64-3.txz.asc
-rw-r--r-- 1 root root 345 2018-12-07 04:36 ./slackware64/xfce/thunar-volman-0.9.1-x86_64-1.txt
-rw-r--r-- 1 root root 131868 2018-12-07 04:36 ./slackware64/xfce/thunar-volman-0.9.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-12-07 04:36 ./slackware64/xfce/thunar-volman-0.9.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 509 2018-09-13 16:56 ./slackware64/xfce/tumbler-0.2.3-x86_64-1.txt
-rw-r--r-- 1 root root 163348 2018-09-13 16:56 ./slackware64/xfce/tumbler-0.2.3-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-09-13 16:56 ./slackware64/xfce/tumbler-0.2.3-x86_64-1.txz.asc
@ -5004,11 +5004,11 @@ drwxr-xr-x 2 root root 4096 2018-04-18 08:35 ./slackware64/y
-rw-r--r-- 1 root root 1147 2018-03-01 07:55 ./slackware64/y/maketag
-rw-r--r-- 1 root root 1147 2018-03-01 07:55 ./slackware64/y/maketag.ez
-rw-r--r-- 1 root root 14 2018-03-01 07:55 ./slackware64/y/tagfile
drwxr-xr-x 19 root root 4096 2018-12-06 04:55 ./source
-rw-r--r-- 1 root root 462234 2018-12-06 04:55 ./source/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2018-12-06 04:55 ./source/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 653916 2018-12-06 04:54 ./source/FILE_LIST
-rw-r--r-- 1 root root 16681550 2018-12-06 04:54 ./source/MANIFEST.bz2
drwxr-xr-x 19 root root 4096 2018-12-08 04:35 ./source
-rw-r--r-- 1 root root 460586 2018-12-08 04:35 ./source/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2018-12-08 04:35 ./source/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 651956 2018-12-08 04:34 ./source/FILE_LIST
-rw-r--r-- 1 root root 16591942 2018-12-08 04:34 ./source/MANIFEST.bz2
-rw-r--r-- 1 root root 1314 2006-10-02 04:40 ./source/README.TXT
drwxr-xr-x 111 root root 4096 2018-11-27 19:01 ./source/a
-rw-r--r-- 1 root root 877 2018-11-21 18:49 ./source/a/FTBFSlog
@ -5111,9 +5111,9 @@ drwxr-xr-x 2 root root 4096 2006-12-23 06:28 ./source/a/bin/scripts
-rw-r--r-- 1 root root 595 1993-05-02 00:04 ./source/a/bin/scripts/xx.gz
-rw-r--r-- 1 root root 677 2018-02-27 06:13 ./source/a/bin/slack-desc
-rw-r--r-- 1 root root 2403 1997-06-15 20:38 ./source/a/bin/todos.tar.gz
drwxr-xr-x 2 root root 4096 2018-11-04 19:03 ./source/a/btrfs-progs
-rw-r--r-- 1 root root 566 2018-11-03 19:26 ./source/a/btrfs-progs/btrfs-progs-v4.19.tar.sign
-rw-r--r-- 1 root root 2001340 2018-11-03 19:26 ./source/a/btrfs-progs/btrfs-progs-v4.19.tar.xz
drwxr-xr-x 2 root root 4096 2018-12-06 20:51 ./source/a/btrfs-progs
-rw-r--r-- 1 root root 566 2018-12-05 14:06 ./source/a/btrfs-progs/btrfs-progs-v4.19.1.tar.sign
-rw-r--r-- 1 root root 2007160 2018-12-05 14:06 ./source/a/btrfs-progs/btrfs-progs-v4.19.1.tar.xz
-rwxr-xr-x 1 root root 5130 2018-09-18 22:04 ./source/a/btrfs-progs/btrfs-progs.SlackBuild
-rw-r--r-- 1 root root 66 2017-04-23 04:56 ./source/a/btrfs-progs/btrfs-progs.url
-rw-r--r-- 1 root root 942 2018-11-04 19:06 ./source/a/btrfs-progs/slack-desc
@ -5148,8 +5148,8 @@ drwxr-xr-x 2 root root 4096 2018-04-23 17:20 ./source/a/cryptsetup
-rw-r--r-- 1 root root 1232696 2017-04-27 08:46 ./source/a/cryptsetup/cryptsetup-1.7.5.tar.xz
-rwxr-xr-x 1 root root 5017 2018-04-23 17:20 ./source/a/cryptsetup/cryptsetup.SlackBuild
-rw-r--r-- 1 root root 1045 2018-02-27 06:13 ./source/a/cryptsetup/slack-desc
drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/a/dbus
-rw-r--r-- 1 root root 1406412 2018-08-02 23:50 ./source/a/dbus/dbus-1.12.10.tar.lz
drwxr-xr-x 2 root root 4096 2018-12-06 19:08 ./source/a/dbus
-rw-r--r-- 1 root root 1408956 2018-12-04 17:22 ./source/a/dbus/dbus-1.12.12.tar.lz
-rw-r--r-- 1 root root 504 2017-10-31 05:18 ./source/a/dbus/dbus-1.12.x-allow_root_globally.diff.gz
-rwxr-xr-x 1 root root 4948 2018-09-18 22:04 ./source/a/dbus/dbus.SlackBuild
-rw-r--r-- 1 root root 43 2017-11-14 19:24 ./source/a/dbus/dbus.url
@ -5991,14 +5991,14 @@ drwxr-xr-x 2 root root 4096 2015-11-21 23:21 ./source/ap/cgmanager/config
-rw-r--r-- 1 root root 1306 2017-11-18 17:55 ./source/ap/cgmanager/config/rc.cgproxy
-rw-r--r-- 1 root root 334 2015-11-20 01:59 ./source/ap/cgmanager/doinst.sh.gz
-rw-r--r-- 1 root root 988 2018-02-27 06:13 ./source/ap/cgmanager/slack-desc
drwxr-xr-x 2 root root 4096 2018-11-08 22:42 ./source/ap/cups
drwxr-xr-x 2 root root 4096 2018-11-24 18:56 ./source/ap/cups-filters
-rw-r--r-- 1 root root 1474564 2018-11-23 21:19 ./source/ap/cups-filters/cups-filters-1.21.4.tar.xz
drwxr-xr-x 2 root root 4096 2018-12-08 00:51 ./source/ap/cups
drwxr-xr-x 2 root root 4096 2018-12-06 20:51 ./source/ap/cups-filters
-rw-r--r-- 1 root root 1474388 2018-12-05 17:10 ./source/ap/cups-filters/cups-filters-1.21.5.tar.xz
-rwxr-xr-x 1 root root 4441 2018-09-18 22:04 ./source/ap/cups-filters/cups-filters.SlackBuild
-rw-r--r-- 1 root root 51 2014-07-21 02:53 ./source/ap/cups-filters/cups-filters.url
-rw-r--r-- 1 root root 339 2018-01-08 22:54 ./source/ap/cups-filters/doinst.sh.gz
-rw-r--r-- 1 root root 908 2018-02-27 06:12 ./source/ap/cups-filters/slack-desc
-rw-r--r-- 1 root root 8403206 2018-11-08 13:55 ./source/ap/cups/cups-2.2.9-source.tar.lz
-rw-r--r-- 1 root root 8404169 2018-12-07 19:57 ./source/ap/cups/cups-2.2.10-source.tar.lz
-rw-r--r-- 1 root root 525 2013-10-10 20:50 ./source/ap/cups/cups-blacklist-usblp.conf
-rw-r--r-- 1 root root 199167 2004-01-03 18:49 ./source/ap/cups/cups-samba-5.0rc3.tar.gz
-rw-r--r-- 1 root root 33700 2006-04-19 23:55 ./source/ap/cups/cups-windows-6.0-source.tar.xz
@ -6090,12 +6090,12 @@ drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/ap/gutenprint
-rwxr-xr-x 1 root root 4776 2018-09-18 22:04 ./source/ap/gutenprint/gutenprint.SlackBuild
-rw-r--r-- 1 root root 121 2016-02-03 04:22 ./source/ap/gutenprint/setup.cups-genppdupdate
-rw-r--r-- 1 root root 1005 2018-02-27 06:13 ./source/ap/gutenprint/slack-desc
drwxr-xr-x 2 root root 4096 2018-11-09 20:41 ./source/ap/hplip
drwxr-xr-x 2 root root 4096 2018-12-06 19:59 ./source/ap/hplip
-rw-r--r-- 1 root root 869 2018-09-30 10:10 ./source/ap/hplip/0021-Add-include-cups-ppd.h-in-various-places-as-CUPS-2.2.patch.gz
-rw-r--r-- 1 root root 1759 2018-09-30 10:10 ./source/ap/hplip/0025-Remove-all-ImageProcessor-functionality-which-is-clo.patch.gz
-rw-r--r-- 1 root root 118 2009-03-05 16:38 ./source/ap/hplip/doinst.sh.gz
-rw-r--r-- 1 root root 20005555 2018-10-29 05:41 ./source/ap/hplip/hplip-3.18.10.tar.lz
-rwxr-xr-x 1 root root 5940 2018-11-09 20:41 ./source/ap/hplip/hplip.SlackBuild
-rw-r--r-- 1 root root 20024980 2018-12-03 13:09 ./source/ap/hplip/hplip-3.18.12.tar.lz
-rwxr-xr-x 1 root root 5940 2018-12-06 19:57 ./source/ap/hplip/hplip.SlackBuild
-rw-r--r-- 1 root root 419 2013-03-20 04:46 ./source/ap/hplip/hplip.no.upgrade.diff.gz
-rw-r--r-- 1 root root 291 2017-11-28 00:41 ./source/ap/hplip/hplip.python3.shebang.diff.gz
-rw-r--r-- 1 root root 217 2016-06-01 18:56 ./source/ap/hplip/setup.py.lc_all.c.diff.gz
@ -6406,7 +6406,7 @@ drwxr-xr-x 2 root root 4096 2018-11-08 22:08 ./source/ap/sysstat
-rw-r--r-- 1 root root 527 2009-08-30 05:02 ./source/ap/sysstat/doinst.sh.gz
-rw-r--r-- 1 root root 897 2018-02-27 06:12 ./source/ap/sysstat/slack-desc
-rw-r--r-- 1 root root 602408 2018-10-13 08:27 ./source/ap/sysstat/sysstat-12.0.2.tar.xz
-rwxr-xr-x 1 root root 5459 2018-11-26 22:10 ./source/ap/sysstat/sysstat.SlackBuild
-rwxr-xr-x 1 root root 5755 2018-12-06 19:06 ./source/ap/sysstat/sysstat.SlackBuild
-rw-r--r-- 1 root root 40 2018-11-08 22:08 ./source/ap/sysstat/sysstat.url
drwxr-xr-x 2 root root 4096 2018-06-05 22:38 ./source/ap/terminus-font
-rw-r--r-- 1 root root 159 2018-06-05 22:38 ./source/ap/terminus-font/doinst.sh.gz
@ -6674,9 +6674,9 @@ drwxr-xr-x 2 root root 4096 2018-10-08 18:28 ./source/d/make
-rw-r--r-- 1 root root 438 2018-02-16 20:42 ./source/d/make/make.glibc-2.27.glob.diff.gz
-rw-r--r-- 1 root root 304 2017-12-02 18:21 ./source/d/make/make.guile22.diff.gz
-rw-r--r-- 1 root root 918 2018-02-27 06:13 ./source/d/make/slack-desc
drwxr-xr-x 2 root root 4096 2018-11-02 19:08 ./source/d/mercurial
drwxr-xr-x 2 root root 4096 2018-12-06 20:11 ./source/d/mercurial
-rw-r--r-- 1 root root 279 2010-05-18 06:20 ./source/d/mercurial/doinst.sh.gz
-rw-r--r-- 1 root root 3960982 2018-11-02 18:19 ./source/d/mercurial/mercurial-4.8.tar.lz
-rw-r--r-- 1 root root 3963371 2018-12-04 22:07 ./source/d/mercurial/mercurial-4.8.1.tar.lz
-rwxr-xr-x 1 root root 4113 2018-07-04 20:29 ./source/d/mercurial/mercurial.SlackBuild
-rw-r--r-- 1 root root 38 2017-12-02 19:13 ./source/d/mercurial/mercurial.url
-rw-r--r-- 1 root root 1245 2018-02-27 06:13 ./source/d/mercurial/slack-desc
@ -6799,11 +6799,11 @@ drwxr-xr-x 2 root root 4096 2018-10-18 17:23 ./source/d/ruby
-rw-r--r-- 1 root root 11108814 2018-10-18 11:04 ./source/d/ruby/ruby-2.5.3.tar.lz
-rwxr-xr-x 1 root root 4795 2018-10-18 17:24 ./source/d/ruby/ruby.SlackBuild
-rw-r--r-- 1 root root 860 2018-02-27 06:13 ./source/d/ruby/slack-desc
drwxr-xr-x 2 root root 4096 2018-11-09 00:55 ./source/d/rust
drwxr-xr-x 2 root root 4096 2018-12-07 07:48 ./source/d/rust
-rw-r--r-- 1 root root 300 2017-10-16 20:00 ./source/d/rust/link_libffi.diff.gz
-rwxr-xr-x 1 root root 9816 2018-11-08 21:38 ./source/d/rust/rust.SlackBuild
-rw-r--r-- 1 root root 1147 2018-11-08 21:32 ./source/d/rust/rust.url
-rw-r--r-- 1 root root 89722292 2018-11-08 17:42 ./source/d/rust/rustc-1.30.1-src.tar.lz
-rwxr-xr-x 1 root root 9816 2018-12-07 04:51 ./source/d/rust/rust.SlackBuild
-rw-r--r-- 1 root root 1147 2018-12-07 04:53 ./source/d/rust/rust.url
-rw-r--r-- 1 root root 92114942 2018-12-06 16:51 ./source/d/rust/rustc-1.31.0-src.tar.lz
-rw-r--r-- 1 root root 910 2018-02-27 06:49 ./source/d/rust/slack-desc
drwxr-xr-x 2 root root 4096 2018-04-23 17:20 ./source/d/scons
-rw-r--r-- 1 root root 479800 2017-11-14 22:44 ./source/d/scons/scons-3.0.1.tar.xz
@ -9028,8 +9028,8 @@ drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/l/libplist
-rw-r--r-- 1 root root 324404 2017-04-26 19:28 ./source/l/libplist/libplist-2.0.0.tar.xz
-rwxr-xr-x 1 root root 4486 2018-09-18 22:04 ./source/l/libplist/libplist.SlackBuild
-rw-r--r-- 1 root root 791 2018-02-27 06:12 ./source/l/libplist/slack-desc
drwxr-xr-x 2 root root 4096 2018-10-22 17:55 ./source/l/libpng
-rw-r--r-- 1 root root 1014320 2018-07-16 03:58 ./source/l/libpng/libpng-1.6.35.tar.xz
drwxr-xr-x 2 root root 4096 2018-12-06 20:10 ./source/l/libpng
-rw-r--r-- 1 root root 1012544 2018-12-01 14:36 ./source/l/libpng/libpng-1.6.36.tar.xz
-rwxr-xr-x 1 root root 4705 2018-10-22 17:55 ./source/l/libpng/libpng.SlackBuild
-rw-r--r-- 1 root root 30 2018-10-22 17:54 ./source/l/libpng/libpng.url
-rw-r--r-- 1 root root 943 2018-02-27 06:12 ./source/l/libpng/slack-desc
@ -9502,8 +9502,8 @@ drwxr-xr-x 2 root root 4096 2018-04-23 17:20 ./source/l/python-docutils
-rw-r--r-- 1 root root 1311196 2017-08-03 09:07 ./source/l/python-docutils/docutils-0.14.tar.xz
-rwxr-xr-x 1 root root 3229 2018-04-23 17:20 ./source/l/python-docutils/python-docutils.SlackBuild
-rw-r--r-- 1 root root 1055 2018-02-27 06:12 ./source/l/python-docutils/slack-desc
drwxr-xr-x 2 root root 4096 2018-08-27 18:20 ./source/l/python-idna
-rw-r--r-- 1 root root 139068 2018-06-11 02:41 ./source/l/python-idna/idna-2.7.tar.lz
drwxr-xr-x 2 root root 4096 2018-12-07 04:48 ./source/l/python-idna
-rw-r--r-- 1 root root 139288 2018-12-04 17:06 ./source/l/python-idna/idna-2.8.tar.lz
-rwxr-xr-x 1 root root 2914 2018-08-27 18:20 ./source/l/python-idna/python-idna.SlackBuild
-rw-r--r-- 1 root root 1028 2018-02-27 06:12 ./source/l/python-idna/slack-desc
drwxr-xr-x 2 root root 4096 2018-04-23 17:20 ./source/l/python-notify2
@ -9805,7 +9805,7 @@ drwxr-xr-x 2 root root 4096 2018-11-08 01:06 ./source/l/zstd
-rw-r--r-- 1 root root 319 2018-02-12 22:25 ./source/l/zstd/zstd.dont.link.pzstd.to.static.libzstd.a.diff.gz
-rw-r--r-- 1 root root 33 2018-11-08 01:06 ./source/l/zstd/zstd.url
-rwxr-xr-x 1 root root 14025 2018-11-20 03:08 ./source/make_world.sh
drwxr-xr-x 147 root root 4096 2018-11-28 20:50 ./source/n
drwxr-xr-x 147 root root 4096 2018-12-06 21:19 ./source/n
-rw-r--r-- 1 root root 534 2018-03-24 17:45 ./source/n/FTBFSlog
drwxr-xr-x 2 root root 4096 2018-09-24 19:21 ./source/n/ModemManager
-rw-r--r-- 1 root root 2088248 2018-09-22 09:10 ./source/n/ModemManager/ModemManager-1.8.2.tar.xz
@ -10486,10 +10486,10 @@ drwxr-xr-x 2 root root 4096 2018-11-08 00:36 ./source/n/npth
drwxr-xr-x 2 root root 4096 2018-11-09 20:41 ./source/n/ntp
-rw-r--r-- 1 root root 368 2017-04-21 21:34 ./source/n/ntp/doinst.sh.gz
-rw-r--r-- 1 root root 4315164 2018-08-14 12:48 ./source/n/ntp/ntp-4.2.8p12.tar.xz
-rwxr-xr-x 1 root root 5743 2018-11-30 21:12 ./source/n/ntp/ntp.SlackBuild
-rwxr-xr-x 1 root root 5743 2018-12-06 05:10 ./source/n/ntp/ntp.SlackBuild
-rw-r--r-- 1 root root 2579 2017-04-21 21:20 ./source/n/ntp/ntp.conf
-rw-r--r-- 1 root root 22 1999-10-07 19:50 ./source/n/ntp/ntp.keys
-rw-r--r-- 1 root root 133 2017-11-20 03:54 ./source/n/ntp/ntp.logrotate
-rw-r--r-- 1 root root 146 2018-12-06 05:10 ./source/n/ntp/ntp.logrotate
-rw-r--r-- 1 root root 269 2010-04-22 04:38 ./source/n/ntp/ntp.nano.diff.gz
-rw-r--r-- 1 root root 825 2017-04-21 21:02 ./source/n/ntp/rc.ntpd
-rw-r--r-- 1 root root 1012 2018-02-28 23:30 ./source/n/ntp/slack-desc
@ -10549,15 +10549,15 @@ drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/n/p11-kit
-rwxr-xr-x 1 root root 3627 2018-09-18 22:04 ./source/n/p11-kit/p11-kit.SlackBuild
-rw-r--r-- 1 root root 45 2018-05-28 18:06 ./source/n/p11-kit/p11-kit.url
-rw-r--r-- 1 root root 972 2018-02-27 06:13 ./source/n/p11-kit/slack-desc
drwxr-xr-x 3 root root 4096 2018-11-09 20:41 ./source/n/php
drwxr-xr-x 3 root root 4096 2018-12-06 21:06 ./source/n/php
-rw-r--r-- 1 root root 425 2017-12-08 01:53 ./source/n/php/doinst.sh.gz
-rwxr-xr-x 1 root root 120 2018-11-08 00:38 ./source/n/php/fetch-php.sh
-rwxr-xr-x 1 root root 120 2018-12-06 21:06 ./source/n/php/fetch-php.sh
-rw-r--r-- 1 root root 1022 2017-11-28 18:32 ./source/n/php/mod_php.conf.example
drwxr-xr-x 2 root root 4096 2008-05-07 05:21 ./source/n/php/pear
-rw-r--r-- 1 root root 12141472 2018-11-06 11:00 ./source/n/php/php-7.2.12.tar.xz
-rw-r--r-- 1 root root 801 2018-11-06 11:00 ./source/n/php/php-7.2.12.tar.xz.asc
-rw-r--r-- 1 root root 12116484 2018-12-04 18:40 ./source/n/php/php-7.2.13.tar.xz
-rw-r--r-- 1 root root 825 2018-12-04 18:40 ./source/n/php/php-7.2.13.tar.xz.asc
-rw-r--r-- 1 root root 387 2017-11-28 02:08 ./source/n/php/php-fpm.conf.diff.gz
-rwxr-xr-x 1 root root 9747 2018-11-09 20:41 ./source/n/php/php.SlackBuild
-rwxr-xr-x 1 root root 9747 2018-12-06 21:07 ./source/n/php/php.SlackBuild
-rw-r--r-- 1 root root 811 2017-12-02 05:08 ./source/n/php/php.ini-development.diff.gz
-rw-r--r-- 1 root root 825 2018-02-27 06:13 ./source/n/php/slack-desc
drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/n/pidentd
@ -10794,36 +10794,23 @@ drwxr-xr-x 2 root root 4096 2017-11-14 23:02 ./source/n/wireless_tools/sc
-rwxr-xr-x 1 root root 4093 2018-04-23 17:20 ./source/n/wireless_tools/wireless_tools.SlackBuild
-rw-r--r-- 1 root root 227 2005-07-14 05:20 ./source/n/wireless_tools/wireless_tools.nowhine.diff.gz
-rw-r--r-- 1 root root 287 2005-07-25 07:19 ./source/n/wireless_tools/wireless_tools.static.diff.gz
drwxr-xr-x 5 root root 4096 2018-09-18 22:04 ./source/n/wpa_supplicant
drwxr-xr-x 2 root root 4096 2017-10-17 00:41 ./source/n/wpa_supplicant/2017-1
-rw-r--r-- 1 root root 2472 2017-10-02 16:19 ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch.gz
-rw-r--r-- 1 root root 2568 2017-10-02 16:19 ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch.gz
-rw-r--r-- 1 root root 2079 2017-10-02 16:19 ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch.gz
-rw-r--r-- 1 root root 1301 2017-10-02 16:19 ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch.gz
-rw-r--r-- 1 root root 1069 2017-10-02 16:19 ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch.gz
-rw-r--r-- 1 root root 1977 2017-10-02 16:19 ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch.gz
-rw-r--r-- 1 root root 880 2017-10-02 16:19 ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch.gz
-rw-r--r-- 1 root root 1374 2017-10-02 16:19 ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch.gz
-rw-r--r-- 1 root root 11037 2017-10-16 09:17 ./source/n/wpa_supplicant/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
drwxr-xr-x 4 root root 4096 2018-12-06 20:45 ./source/n/wpa_supplicant
-rw-r--r-- 1 root root 2080 2005-08-06 20:17 ./source/n/wpa_supplicant/README.slackware
drwxr-xr-x 2 root root 4096 2017-12-13 07:32 ./source/n/wpa_supplicant/config
-rw-r--r-- 1 root root 896 2017-12-13 07:32 ./source/n/wpa_supplicant/config/dot.config
-rw-r--r-- 1 root root 21621 2018-12-06 20:44 ./source/n/wpa_supplicant/config/dot.config
-rw-r--r-- 1 root root 139 2012-05-06 07:11 ./source/n/wpa_supplicant/config/wpa_gui.desktop
-rw-r--r-- 1 root root 5124 2009-04-20 18:10 ./source/n/wpa_supplicant/config/wpa_gui.png
-rw-r--r-- 1 root root 65 2012-05-06 07:08 ./source/n/wpa_supplicant/config/wpa_supplicant.conf
-rw-r--r-- 1 root root 100 2012-05-06 07:05 ./source/n/wpa_supplicant/config/wpa_supplicant.logrotate
-rw-r--r-- 1 root root 284 2012-05-06 07:31 ./source/n/wpa_supplicant/doinst.sh.gz
drwxr-xr-x 2 root root 4096 2018-05-10 13:04 ./source/n/wpa_supplicant/patches
-rw-r--r-- 1 root root 1543 2018-02-10 04:09 ./source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch.gz
drwxr-xr-x 2 root root 4096 2018-12-06 20:16 ./source/n/wpa_supplicant/patches
-rw-r--r-- 1 root root 333 2014-12-04 19:03 ./source/n/wpa_supplicant/patches/assoc-timeout.diff.gz
-rw-r--r-- 1 root root 350 2012-05-31 00:15 ./source/n/wpa_supplicant/patches/dbus-service-file-args.diff.gz
-rw-r--r-- 1 root root 537 2014-12-04 19:03 ./source/n/wpa_supplicant/patches/flush-debug-output.diff.gz
-rw-r--r-- 1 root root 388 2017-01-05 17:31 ./source/n/wpa_supplicant/patches/quiet-scan-results-message.diff.gz
-rw-r--r-- 1 root root 1453 2017-11-01 12:20 ./source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch.gz
-rw-r--r-- 1 root root 1121 2017-11-01 12:20 ./source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch.gz
-rw-r--r-- 1 root root 1062 2018-02-27 06:13 ./source/n/wpa_supplicant/slack-desc
-rw-r--r-- 1 root root 1883252 2016-10-02 19:29 ./source/n/wpa_supplicant/wpa_supplicant-2.6.tar.xz
-rwxr-xr-x 1 root root 7300 2018-09-18 22:04 ./source/n/wpa_supplicant/wpa_supplicant.SlackBuild
-rw-r--r-- 1 root root 1061 2018-12-06 20:13 ./source/n/wpa_supplicant/slack-desc
-rw-r--r-- 1 root root 2102704 2018-12-02 20:45 ./source/n/wpa_supplicant/wpa_supplicant-2.7.tar.xz
-rwxr-xr-x 1 root root 6049 2018-12-06 20:17 ./source/n/wpa_supplicant/wpa_supplicant.SlackBuild
drwxr-xr-x 2 root root 4096 2018-04-23 17:20 ./source/n/yptools
-rw-r--r-- 1 root root 616 2000-11-24 23:39 ./source/n/yptools/nsswitch.conf-nis.gz
-rw-r--r-- 1 root root 1355 2017-11-19 02:09 ./source/n/yptools/rc.yp.gz
@ -11014,14 +11001,14 @@ drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/x/m17n-lib
-rw-r--r-- 1 root root 749501 2018-02-08 14:02 ./source/x/m17n-lib/m17n-lib-1.8.0.tar.lz
-rwxr-xr-x 1 root root 5622 2018-09-18 22:04 ./source/x/m17n-lib/m17n-lib.SlackBuild
-rw-r--r-- 1 root root 870 2018-02-27 06:13 ./source/x/m17n-lib/slack-desc
drwxr-xr-x 3 root root 4096 2018-11-28 20:59 ./source/x/mesa
drwxr-xr-x 3 root root 4096 2018-12-07 19:28 ./source/x/mesa
-rw-r--r-- 1 root root 352 2008-03-10 07:13 ./source/x/mesa/README.GIT
-rw-r--r-- 1 root root 268 2017-08-26 17:17 ./source/x/mesa/doinst.sh.gz
-rw-r--r-- 1 root root 388 2018-12-07 19:28 ./source/x/mesa/doinst.sh.gz
-rwxr-xr-x 1 root root 720 2015-12-11 03:09 ./source/x/mesa/get-mesa.sh
-rw-r--r-- 1 root root 11384440 2018-11-28 18:12 ./source/x/mesa/mesa-18.2.6.tar.xz
-rw-r--r-- 1 root root 566 2018-11-28 18:12 ./source/x/mesa/mesa-18.2.6.tar.xz.sig
-rw-r--r-- 1 root root 11865356 2018-12-07 11:24 ./source/x/mesa/mesa-18.3.0.tar.xz
-rw-r--r-- 1 root root 566 2018-12-07 11:24 ./source/x/mesa/mesa-18.3.0.tar.xz.sig
-rw-r--r-- 1 root root 7206679 2018-02-23 08:54 ./source/x/mesa/mesa-demos-8.4.0.tar.lz
-rwxr-xr-x 1 root root 6632 2018-09-21 17:49 ./source/x/mesa/mesa.SlackBuild
-rwxr-xr-x 1 root root 6668 2018-12-07 19:28 ./source/x/mesa/mesa.SlackBuild
-rw-r--r-- 1 root root 78 2010-10-01 04:23 ./source/x/mesa/mesa.url
drwxr-xr-x 2 root root 4096 2018-03-22 06:30 ./source/x/mesa/patches
-rw-r--r-- 1 root root 785 2018-02-27 06:13 ./source/x/mesa/slack-desc
@ -11369,7 +11356,7 @@ drwxr-xr-x 2 root root 12288 2018-11-11 20:32 ./source/x/x11/build
-rw-r--r-- 1 root root 2 2018-05-11 22:00 ./source/x/x11/build/xf86-video-geode
-rw-r--r-- 1 root root 2 2018-05-11 12:33 ./source/x/x11/build/xf86-video-glint
-rw-r--r-- 1 root root 3 2018-05-11 12:33 ./source/x/x11/build/xf86-video-i128
-rw-r--r-- 1 root root 2 2018-05-11 12:33 ./source/x/x11/build/xf86-video-i740
-rw-r--r-- 1 root root 2 2018-12-07 04:57 ./source/x/x11/build/xf86-video-i740
-rw-r--r-- 1 root root 2 2018-05-11 12:33 ./source/x/x11/build/xf86-video-intel
-rw-r--r-- 1 root root 2 2018-05-18 17:20 ./source/x/x11/build/xf86-video-mach64
-rw-r--r-- 1 root root 2 2018-05-11 12:33 ./source/x/x11/build/xf86-video-mga
@ -12065,7 +12052,7 @@ drwxr-xr-x 2 root root 4096 2018-10-19 18:12 ./source/x/x11/src/data
drwxr-xr-x 2 root root 4096 2015-05-04 05:55 ./source/x/x11/src/doc
-rw-r--r-- 1 root root 333452 2015-05-01 06:18 ./source/x/x11/src/doc/xorg-docs-1.7.1.tar.xz
-rw-r--r-- 1 root root 110976 2012-06-06 02:42 ./source/x/x11/src/doc/xorg-sgml-doctools-1.11.tar.xz
drwxr-xr-x 2 root root 4096 2018-10-23 19:28 ./source/x/x11/src/driver
drwxr-xr-x 2 root root 4096 2018-12-07 04:56 ./source/x/x11/src/driver
-rw-r--r-- 1 root root 236544 2011-05-04 23:02 ./source/x/x11/src/driver/xf86-input-acecad-1.5.0.tar.xz
-rw-r--r-- 1 root root 345048 2018-05-29 02:33 ./source/x/x11/src/driver/xf86-input-evdev-2.10.6.tar.xz
-rw-r--r-- 1 root root 291860 2016-11-17 23:02 ./source/x/x11/src/driver/xf86-input-joystick-1.6.3.tar.xz
@ -12088,7 +12075,7 @@ drwxr-xr-x 2 root root 4096 2018-10-23 19:28 ./source/x/x11/src/driver
-rw-r--r-- 1 root root 568500 2016-12-12 13:55 ./source/x/x11/src/driver/xf86-video-geode-2.11.19.tar.xz
-rw-r--r-- 1 root root 341732 2017-01-17 22:35 ./source/x/x11/src/driver/xf86-video-glint-1.2.9.tar.xz
-rw-r--r-- 1 root root 269224 2012-07-17 06:21 ./source/x/x11/src/driver/xf86-video-i128-1.3.6.tar.xz
-rw-r--r-- 1 root root 280008 2017-01-17 22:38 ./source/x/x11/src/driver/xf86-video-i740-1.3.6.tar.xz
-rw-r--r-- 1 root root 281288 2018-12-06 23:27 ./source/x/x11/src/driver/xf86-video-i740-1.4.0.tar.xz
-rw-r--r-- 1 root root 962216 2018-09-26 17:07 ./source/x/x11/src/driver/xf86-video-intel-20180906_25c9a2fc.tar.xz
-rw-r--r-- 1 root root 481316 2018-05-18 16:52 ./source/x/x11/src/driver/xf86-video-mach64-6.9.6.tar.xz
-rw-r--r-- 1 root root 397384 2017-01-17 22:39 ./source/x/x11/src/driver/xf86-video-mga-1.6.5.tar.xz
@ -12408,7 +12395,7 @@ lrwxrwxrwx 1 root root 4 2013-11-14 21:24 ./source/xap/mozilla-firefox
-rwxr-xr-x 1 root root 14366 2018-10-02 17:47 ./source/xap/mozilla-firefox/mozilla-firefox.SlackBuild
-rw-r--r-- 1 root root 2748 2017-12-04 21:30 ./source/xap/mozilla-firefox/mozilla-firefox.desktop
-rw-r--r-- 1 root root 946 2018-11-03 19:51 ./source/xap/mozilla-firefox/slack-desc
drwxr-xr-x 4 root root 4096 2018-11-30 19:30 ./source/xap/mozilla-thunderbird
drwxr-xr-x 4 root root 4096 2018-12-06 18:21 ./source/xap/mozilla-thunderbird
drwxr-xr-x 2 root root 4096 2016-07-03 18:05 ./source/xap/mozilla-thunderbird/autoconf
-rw-r--r-- 1 root root 5869 2016-07-03 18:04 ./source/xap/mozilla-thunderbird/autoconf/autoconf-2.13-consolidated_fixes-1.patch.gz
-rw-r--r-- 1 root root 300116 1999-01-15 21:03 ./source/xap/mozilla-thunderbird/autoconf/autoconf-2.13.tar.xz
@ -12421,8 +12408,8 @@ lrwxrwxrwx 1 root root 4 2013-11-14 21:24 ./source/xap/mozilla-thunder
-rw-r--r-- 1 root root 3378 2005-03-08 05:13 ./source/xap/mozilla-thunderbird/mozilla-thunderbird.desktop
-rw-r--r-- 1 root root 1130 2018-02-27 06:47 ./source/xap/mozilla-thunderbird/slack-desc
-rw-r--r-- 1 root root 343 2017-06-14 23:43 ./source/xap/mozilla-thunderbird/tb.ui.scrollToClick.diff.gz
-rw-r--r-- 1 root root 286027944 2018-11-29 22:39 ./source/xap/mozilla-thunderbird/thunderbird-60.3.2.source.tar.xz
-rw-r--r-- 1 root root 836 2018-11-29 22:39 ./source/xap/mozilla-thunderbird/thunderbird-60.3.2.source.tar.xz.asc
-rw-r--r-- 1 root root 283847516 2018-12-05 19:59 ./source/xap/mozilla-thunderbird/thunderbird-60.3.3.source.tar.xz
-rw-r--r-- 1 root root 836 2018-12-05 19:59 ./source/xap/mozilla-thunderbird/thunderbird-60.3.3.source.tar.xz.asc
drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/xap/network-manager-applet
-rw-r--r-- 1 root root 207 2012-08-10 23:59 ./source/xap/network-manager-applet/doinst.sh.gz
-rw-r--r-- 1 root root 1550448 2018-09-07 13:46 ./source/xap/network-manager-applet/network-manager-applet-1.8.18.tar.xz
@ -12653,7 +12640,7 @@ drwxr-xr-x 2 root root 4096 2018-04-23 17:20 ./source/xap/xv
-rw-r--r-- 1 root root 229 2010-02-19 19:27 ./source/xap/xv/xv.jasper.diff.gz
-rw-r--r-- 1 root root 317 2010-02-19 19:15 ./source/xap/xv/xv.prefix.diff.gz
-rw-r--r-- 1 root root 282 2010-02-19 19:16 ./source/xap/xv/xv.prefix_x86_64.diff.gz
drwxr-xr-x 28 root root 4096 2018-11-21 19:47 ./source/xfce
drwxr-xr-x 28 root root 4096 2018-12-07 04:35 ./source/xfce
-rw-r--r-- 1 root root 82 2018-02-01 01:00 ./source/xfce/FTBFSlog
drwxr-xr-x 2 root root 4096 2018-10-02 22:03 ./source/xfce/Thunar
-rw-r--r-- 1 root root 1817764 2018-09-26 16:56 ./source/xfce/Thunar/Thunar-1.8.2.tar.lz
@ -12687,11 +12674,10 @@ drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/xfce/orage
-rwxr-xr-x 1 root root 4104 2018-09-18 22:04 ./source/xfce/orage/orage.SlackBuild
-rw-r--r-- 1 root root 723 2017-11-14 22:05 ./source/xfce/orage/orage.libical3.diff.gz
-rw-r--r-- 1 root root 625 2018-02-27 06:13 ./source/xfce/orage/slack-desc
drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/xfce/thunar-volman
-rw-r--r-- 1 root root 835 2015-03-22 04:39 ./source/xfce/thunar-volman/0001-Fix-return-with-no-value-in-function-returning-non-v.patch
drwxr-xr-x 2 root root 4096 2018-11-27 05:17 ./source/xfce/thunar-volman
-rw-r--r-- 1 root root 800 2018-02-27 06:13 ./source/xfce/thunar-volman/slack-desc
-rw-r--r-- 1 root root 387076 2015-02-28 18:01 ./source/xfce/thunar-volman/thunar-volman-0.8.1.tar.xz
-rwxr-xr-x 1 root root 3550 2018-09-18 22:04 ./source/xfce/thunar-volman/thunar-volman.SlackBuild
-rw-r--r-- 1 root root 401793 2018-11-27 01:45 ./source/xfce/thunar-volman/thunar-volman-0.9.1.tar.lz
-rwxr-xr-x 1 root root 3468 2018-11-27 05:17 ./source/xfce/thunar-volman/thunar-volman.SlackBuild
drwxr-xr-x 2 root root 4096 2018-09-18 22:04 ./source/xfce/tumbler
-rw-r--r-- 1 root root 964 2018-02-27 06:13 ./source/xfce/tumbler/slack-desc
-rw-r--r-- 1 root root 458130 2018-09-13 14:05 ./source/xfce/tumbler/tumbler-0.2.3.tar.lz

11
recompress.sh
View file

@ -484,21 +484,10 @@ gzip ./source/n/vsftpd/vsftpd.builddefs.diff
gzip ./source/n/net-tools/net-tools.config.h
gzip ./source/n/nc/nc-110-21.diff
gzip ./source/n/nc/nc.diff
gzip ./source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch
gzip ./source/n/wpa_supplicant/patches/dbus-service-file-args.diff
gzip ./source/n/wpa_supplicant/patches/assoc-timeout.diff
gzip ./source/n/wpa_supplicant/patches/quiet-scan-results-message.diff
gzip ./source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch
gzip ./source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch
gzip ./source/n/wpa_supplicant/patches/flush-debug-output.diff
gzip ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
gzip ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
gzip ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
gzip ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
gzip ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
gzip ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
gzip ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
gzip ./source/n/wpa_supplicant/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
gzip ./source/n/wpa_supplicant/doinst.sh
gzip ./source/n/php/php-fpm.conf.diff
gzip ./source/n/php/doinst.sh

2
source/ap/hplip/hplip.SlackBuild
View file

@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=hplip
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-2}
BUILD=${BUILD:-1}
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}

5
source/ap/sysstat/sysstat.SlackBuild
View file

@ -107,6 +107,11 @@ CFLAGS="$SLKCFLAGS -DSADC_PATH=/usr/lib$LIBDIRSUFFIX/sa/sadc" \
make $NUMJOBS || make || exit 1
make install IGNORE_MAN_GROUP=y DESTDIR=$PKG || exit 1
# Don't include the version number in the configuration file - it is a
# needless detail that forces review of the config file with every
# package update, even if no changes were made from default.
sed -i -e '1s/sysstat-[0-9.]\+/systat/' $PKG/etc/sysstat/sysstat
# Move the config file to .new:
mv $PKG/etc/sysstat/sysstat $PKG/etc/sysstat/sysstat.new
mkdir -p $PKG/etc/rc.d

8
source/d/rust/rust.SlackBuild
View file

@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=rust
SRCNAM="${PKGNAM}c"
VERSION=${VERSION:-1.30.1}
VERSION=${VERSION:-1.31.0}
BUILD=${BUILD:-1}
# Set this to YES to build with the system LLVM, or NO to use the bundled LLVM.
@ -34,9 +34,9 @@ BUILD=${BUILD:-1}
SYSTEM_LLVM=${SYSTEM_LLVM:-NO}
# Bootstrap variables (might not be kept updated for latest Rust):
RSTAGE0_VERSION=${RSTAGE0_VERSION:-1.29.2}
RSTAGE0_DIR=${RSTAGE0_DIR:-2018-10-12}
CSTAGE0_VERSION=${CSTAGE0_VERSION:-0.30.0}
RSTAGE0_VERSION=${RSTAGE0_VERSION:-1.30.0}
RSTAGE0_DIR=${RSTAGE0_DIR:-2018-10-25}
CSTAGE0_VERSION=${CSTAGE0_VERSION:-0.31.0}
CSTAGE0_DIR=${CSTAGE0_DIR:-$RSTAGE0_DIR}
# Automatically determine the architecture we're building on:

14
source/d/rust/rust.url
View file

@ -1,5 +1,5 @@
# Source code (repacked to .tar.xz):
lftpget https://static.rust-lang.org/dist/rustc-1.30.1-src.tar.gz
lftpget https://static.rust-lang.org/dist/rustc-1.31.0-src.tar.gz
gzip -d rustc-*tar.gz
plzip -9 -v rustc-*tar
@ -12,12 +12,12 @@ plzip -9 -v rustc-*tar
exit 0
# i686 bootstrap:
lftpget https://static.rust-lang.org/dist/2018-10-12/cargo-0.30.0-i686-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-12/rust-std-1.29.2-i686-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-12/rustc-1.29.2-i686-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-25/cargo-0.31.0-i686-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-25/rust-std-1.30.0-i686-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-25/rustc-1.30.0-i686-unknown-linux-gnu.tar.gz
# x86_64 bootstrap:
lftpget https://static.rust-lang.org/dist/2018-10-12/cargo-0.30.0-x86_64-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-12/rust-std-1.29.2-x86_64-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-12/rustc-1.29.2-x86_64-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-25/cargo-0.31.0-x86_64-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-25/rust-std-1.30.0-x86_64-unknown-linux-gnu.tar.gz
lftpget https://static.rust-lang.org/dist/2018-10-25/rustc-1.30.0-x86_64-unknown-linux-gnu.tar.gz

2
source/n/ntp/ntp.SlackBuild
View file

@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=ntp
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-4}
BUILD=${BUILD:-5}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then

1
source/n/ntp/ntp.logrotate
View file

@ -1,6 +1,7 @@
/var/log/ntp {
notifempty
missingok
rotate 4
postrotate
[ -x /etc/rc.d/rc.ntpd ] && /etc/rc.d/rc.ntpd restart
endscript

4
source/n/php/fetch-php.sh
View file

@ -1,2 +1,2 @@
lftpget http://us.php.net/distributions/php-7.2.12.tar.xz.asc
lftpget http://us.php.net/distributions/php-7.2.12.tar.xz
lftpget http://us.php.net/distributions/php-7.2.13.tar.xz.asc
lftpget http://us.php.net/distributions/php-7.2.13.tar.xz

2
source/n/php/php.SlackBuild
View file

@ -28,7 +28,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=php
VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
ALPINE=2.21
BUILD=${BUILD:-2}
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then

174
source/n/wpa_supplicant/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
View file

@ -1,174 +0,0 @@
From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Date: Fri, 14 Jul 2017 15:15:35 +0200
Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
Do not reinstall TK to the driver during Reassociation Response frame
processing if the first attempt of setting the TK succeeded. This avoids
issues related to clearing the TX/RX PN that could result in reusing
same PN values for transmitted frames (e.g., due to CCM nonce reuse and
also hitting replay protection on the receiver) and accepting replayed
frames on RX side.
This issue was introduced by the commit
0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
authenticator') which allowed wpa_ft_install_ptk() to be called multiple
times with the same PTK. While the second configuration attempt is
needed with some drivers, it must be done only if the first attempt
failed.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
---
src/ap/ieee802_11.c | 16 +++++++++++++---
src/ap/wpa_auth.c | 11 +++++++++++
src/ap/wpa_auth.h | 3 ++-
src/ap/wpa_auth_ft.c | 10 ++++++++++
src/ap/wpa_auth_i.h | 1 +
5 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 4e04169..333035f 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if (sta->flags & WLAN_STA_HT)
@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data *hapd,
sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
sta->vht_opmode, sta->p2p_ie ? 1 : 0,
- sta->added_unassoc)) {
+ set)) {
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
"Could not %s STA to kernel driver",
- sta->added_unassoc ? "set" : "add");
+ set ? "set" : "add");
if (sta->added_unassoc) {
hostapd_drv_sta_remove(hapd, sta->addr);
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 3587086..707971d 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -1745,6 +1745,9 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
#else /* CONFIG_IEEE80211R */
break;
#endif /* CONFIG_IEEE80211R */
+ case WPA_DRV_STA_REMOVED:
+ sm->tk_already_set = FALSE;
+ return 0;
}
#ifdef CONFIG_IEEE80211R
@@ -3250,6 +3253,14 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm)
}
+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm)
+{
+ if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt))
+ return 0;
+ return sm->tk_already_set;
+}
+
+
int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
struct rsn_pmksa_cache_entry *entry)
{
diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
index 0de8d97..97461b0 100644
--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
@@ -267,7 +267,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
u8 *data, size_t data_len);
enum wpa_event {
WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
- WPA_REAUTH_EAPOL, WPA_ASSOC_FT
+ WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_DRV_STA_REMOVED
};
void wpa_remove_ptk(struct wpa_state_machine *sm);
int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event);
@@ -280,6 +280,7 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm);
int wpa_auth_get_pairwise(struct wpa_state_machine *sm);
int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm);
int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
struct rsn_pmksa_cache_entry *entry);
struct rsn_pmksa_cache_entry *
diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 42242a5..e63b99a 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -780,6 +780,14 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
return;
}
+ if (sm->tk_already_set) {
+ /* Must avoid TK reconfiguration to prevent clearing of TX/RX
+ * PN in the driver */
+ wpa_printf(MSG_DEBUG,
+ "FT: Do not re-install same PTK to the driver");
+ return;
+ }
+
/* FIX: add STA entry to kernel/driver here? The set_key will fail
* most likely without this.. At the moment, STA entry is added only
* after association has been completed. This function will be called
@@ -792,6 +800,7 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
/* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
sm->pairwise_set = TRUE;
+ sm->tk_already_set = TRUE;
}
@@ -898,6 +907,7 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm,
sm->pairwise = pairwise;
sm->PTK_valid = TRUE;
+ sm->tk_already_set = FALSE;
wpa_ft_install_ptk(sm);
buflen = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
index 72b7eb3..7fd8f05 100644
--- a/src/ap/wpa_auth_i.h
+++ b/src/ap/wpa_auth_i.h
@@ -65,6 +65,7 @@ struct wpa_state_machine {
struct wpa_ptk PTK;
Boolean PTK_valid;
Boolean pairwise_set;
+ Boolean tk_already_set;
int keycount;
Boolean Pair;
struct wpa_key_replay_counter {
--
2.7.4

250
source/n/wpa_supplicant/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
View file

@ -1,250 +0,0 @@
From 927f891007c402fefd1ff384645b3f07597c3ede Mon Sep 17 00:00:00 2001
From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Date: Wed, 12 Jul 2017 16:03:24 +0200
Subject: [PATCH 2/8] Prevent reinstallation of an already in-use group key
Track the current GTK and IGTK that is in use and when receiving a
(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do
not install the given key if it is already in use. This prevents an
attacker from trying to trick the client into resetting or lowering the
sequence counter associated to the group key.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
---
src/common/wpa_common.h | 11 +++++
src/rsn_supp/wpa.c | 116 ++++++++++++++++++++++++++++++------------------
src/rsn_supp/wpa_i.h | 4 ++
3 files changed, 87 insertions(+), 44 deletions(-)
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index af1d0f0..d200285 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -217,6 +217,17 @@ struct wpa_ptk {
size_t tk_len;
};
+struct wpa_gtk {
+ u8 gtk[WPA_GTK_MAX_LEN];
+ size_t gtk_len;
+};
+
+#ifdef CONFIG_IEEE80211W
+struct wpa_igtk {
+ u8 igtk[WPA_IGTK_MAX_LEN];
+ size_t igtk_len;
+};
+#endif /* CONFIG_IEEE80211W */
/* WPA IE version 1
* 00-50-f2:1 (OUI:OUI type)
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 3c47879..95bd7be 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -714,6 +714,15 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
const u8 *_gtk = gd->gtk;
u8 gtk_buf[32];
+ /* Detect possible key reinstallation */
+ if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
+ os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
+ gd->keyidx, gd->tx, gd->gtk_len);
+ return 0;
+ }
+
wpa_hexdump_key(MSG_DEBUG, "WPA: Group Key", gd->gtk, gd->gtk_len);
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"WPA: Installing GTK to the driver (keyidx=%d tx=%d len=%d)",
@@ -748,6 +757,9 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
}
os_memset(gtk_buf, 0, sizeof(gtk_buf));
+ sm->gtk.gtk_len = gd->gtk_len;
+ os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
+
return 0;
}
@@ -854,6 +866,48 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
}
+#ifdef CONFIG_IEEE80211W
+static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
+ const struct wpa_igtk_kde *igtk)
+{
+ size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
+ u16 keyidx = WPA_GET_LE16(igtk->keyid);
+
+ /* Detect possible key reinstallation */
+ if (sm->igtk.igtk_len == len &&
+ os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
+ keyidx);
+ return 0;
+ }
+
+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ "WPA: IGTK keyid %d pn %02x%02x%02x%02x%02x%02x",
+ keyidx, MAC2STR(igtk->pn));
+ wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", igtk->igtk, len);
+ if (keyidx > 4095) {
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+ "WPA: Invalid IGTK KeyID %d", keyidx);
+ return -1;
+ }
+ if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
+ broadcast_ether_addr,
+ keyidx, 0, igtk->pn, sizeof(igtk->pn),
+ igtk->igtk, len) < 0) {
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+ "WPA: Failed to configure IGTK to the driver");
+ return -1;
+ }
+
+ sm->igtk.igtk_len = len;
+ os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
+
+ return 0;
+}
+#endif /* CONFIG_IEEE80211W */
+
+
static int ieee80211w_set_keys(struct wpa_sm *sm,
struct wpa_eapol_ie_parse *ie)
{
@@ -864,30 +918,14 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
if (ie->igtk) {
size_t len;
const struct wpa_igtk_kde *igtk;
- u16 keyidx;
+
len = wpa_cipher_key_len(sm->mgmt_group_cipher);
if (ie->igtk_len != WPA_IGTK_KDE_PREFIX_LEN + len)
return -1;
+
igtk = (const struct wpa_igtk_kde *) ie->igtk;
- keyidx = WPA_GET_LE16(igtk->keyid);
- wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: IGTK keyid %d "
- "pn %02x%02x%02x%02x%02x%02x",
- keyidx, MAC2STR(igtk->pn));
- wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK",
- igtk->igtk, len);
- if (keyidx > 4095) {
- wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
- "WPA: Invalid IGTK KeyID %d", keyidx);
- return -1;
- }
- if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
- broadcast_ether_addr,
- keyidx, 0, igtk->pn, sizeof(igtk->pn),
- igtk->igtk, len) < 0) {
- wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
- "WPA: Failed to configure IGTK to the driver");
+ if (wpa_supplicant_install_igtk(sm, igtk) < 0)
return -1;
- }
}
return 0;
@@ -2307,7 +2345,7 @@ void wpa_sm_deinit(struct wpa_sm *sm)
*/
void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
{
- int clear_ptk = 1;
+ int clear_keys = 1;
if (sm == NULL)
return;
@@ -2333,11 +2371,11 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
/* Prepare for the next transition */
wpa_ft_prepare_auth_request(sm, NULL);
- clear_ptk = 0;
+ clear_keys = 0;
}
#endif /* CONFIG_IEEE80211R */
- if (clear_ptk) {
+ if (clear_keys) {
/*
* IEEE 802.11, 8.4.10: Delete PTK SA on (re)association if
* this is not part of a Fast BSS Transition.
@@ -2347,6 +2385,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
os_memset(&sm->ptk, 0, sizeof(sm->ptk));
sm->tptk_set = 0;
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+ os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+#ifdef CONFIG_IEEE80211W
+ os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+#endif /* CONFIG_IEEE80211W */
}
#ifdef CONFIG_TDLS
@@ -2877,6 +2919,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
os_memset(sm->pmk, 0, sizeof(sm->pmk));
os_memset(&sm->ptk, 0, sizeof(sm->ptk));
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+ os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+#ifdef CONFIG_IEEE80211W
+ os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R
os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0));
@@ -2949,29 +2995,11 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
os_memset(&gd, 0, sizeof(gd));
#ifdef CONFIG_IEEE80211W
} else if (subelem_id == WNM_SLEEP_SUBELEM_IGTK) {
- struct wpa_igtk_kde igd;
- u16 keyidx;
-
- os_memset(&igd, 0, sizeof(igd));
- keylen = wpa_cipher_key_len(sm->mgmt_group_cipher);
- os_memcpy(igd.keyid, buf + 2, 2);
- os_memcpy(igd.pn, buf + 4, 6);
-
- keyidx = WPA_GET_LE16(igd.keyid);
- os_memcpy(igd.igtk, buf + 10, keylen);
-
- wpa_hexdump_key(MSG_DEBUG, "Install IGTK (WNM SLEEP)",
- igd.igtk, keylen);
- if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
- broadcast_ether_addr,
- keyidx, 0, igd.pn, sizeof(igd.pn),
- igd.igtk, keylen) < 0) {
- wpa_printf(MSG_DEBUG, "Failed to install the IGTK in "
- "WNM mode");
- os_memset(&igd, 0, sizeof(igd));
+ const struct wpa_igtk_kde *igtk;
+
+ igtk = (const struct wpa_igtk_kde *) (buf + 2);
+ if (wpa_supplicant_install_igtk(sm, igtk) < 0)
return -1;
- }
- os_memset(&igd, 0, sizeof(igd));
#endif /* CONFIG_IEEE80211W */
} else {
wpa_printf(MSG_DEBUG, "Unknown element id");
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index f653ba6..afc9e37 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -31,6 +31,10 @@ struct wpa_sm {
u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
int rx_replay_counter_set;
u8 request_counter[WPA_REPLAY_COUNTER_LEN];
+ struct wpa_gtk gtk;
+#ifdef CONFIG_IEEE80211W
+ struct wpa_igtk igtk;
+#endif /* CONFIG_IEEE80211W */
struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
--
2.7.4

184
source/n/wpa_supplicant/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
View file

@ -1,184 +0,0 @@
From 8280294e74846ea342389a0cd17215050fa5afe8 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 1 Oct 2017 12:12:24 +0300
Subject: [PATCH 3/8] Extend protection of GTK/IGTK reinstallation of WNM-Sleep
Mode cases
This extends the protection to track last configured GTK/IGTK value
separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a
corner case where these two different mechanisms may get used when the
GTK/IGTK has changed and tracking a single value is not sufficient to
detect a possible key reconfiguration.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/rsn_supp/wpa.c | 53 +++++++++++++++++++++++++++++++++++++---------------
src/rsn_supp/wpa_i.h | 2 ++
2 files changed, 40 insertions(+), 15 deletions(-)
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 95bd7be..7a2c68d 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -709,14 +709,17 @@ struct wpa_gtk_data {
static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
const struct wpa_gtk_data *gd,
- const u8 *key_rsc)
+ const u8 *key_rsc, int wnm_sleep)
{
const u8 *_gtk = gd->gtk;
u8 gtk_buf[32];
/* Detect possible key reinstallation */
- if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
- os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
+ if ((sm->gtk.gtk_len == (size_t) gd->gtk_len &&
+ os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) ||
+ (sm->gtk_wnm_sleep.gtk_len == (size_t) gd->gtk_len &&
+ os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk,
+ sm->gtk_wnm_sleep.gtk_len) == 0)) {
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
gd->keyidx, gd->tx, gd->gtk_len);
@@ -757,8 +760,14 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
}
os_memset(gtk_buf, 0, sizeof(gtk_buf));
- sm->gtk.gtk_len = gd->gtk_len;
- os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
+ if (wnm_sleep) {
+ sm->gtk_wnm_sleep.gtk_len = gd->gtk_len;
+ os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk,
+ sm->gtk_wnm_sleep.gtk_len);
+ } else {
+ sm->gtk.gtk_len = gd->gtk_len;
+ os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
+ }
return 0;
}
@@ -852,7 +861,7 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
(wpa_supplicant_check_group_cipher(sm, sm->group_cipher,
gtk_len, gtk_len,
&gd.key_rsc_len, &gd.alg) ||
- wpa_supplicant_install_gtk(sm, &gd, key_rsc))) {
+ wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0))) {
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"RSN: Failed to install GTK");
os_memset(&gd, 0, sizeof(gd));
@@ -868,14 +877,18 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
#ifdef CONFIG_IEEE80211W
static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
- const struct wpa_igtk_kde *igtk)
+ const struct wpa_igtk_kde *igtk,
+ int wnm_sleep)
{
size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
u16 keyidx = WPA_GET_LE16(igtk->keyid);
/* Detect possible key reinstallation */
- if (sm->igtk.igtk_len == len &&
- os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
+ if ((sm->igtk.igtk_len == len &&
+ os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) ||
+ (sm->igtk_wnm_sleep.igtk_len == len &&
+ os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk,
+ sm->igtk_wnm_sleep.igtk_len) == 0)) {
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
keyidx);
@@ -900,8 +913,14 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
return -1;
}
- sm->igtk.igtk_len = len;
- os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
+ if (wnm_sleep) {
+ sm->igtk_wnm_sleep.igtk_len = len;
+ os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk,
+ sm->igtk_wnm_sleep.igtk_len);
+ } else {
+ sm->igtk.igtk_len = len;
+ os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
+ }
return 0;
}
@@ -924,7 +943,7 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
return -1;
igtk = (const struct wpa_igtk_kde *) ie->igtk;
- if (wpa_supplicant_install_igtk(sm, igtk) < 0)
+ if (wpa_supplicant_install_igtk(sm, igtk, 0) < 0)
return -1;
}
@@ -1574,7 +1593,7 @@ static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm,
if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc))
key_rsc = null_rsc;
- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc) ||
+ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0) ||
wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0)
goto failed;
os_memset(&gd, 0, sizeof(gd));
@@ -2386,8 +2405,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
sm->tptk_set = 0;
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
#ifdef CONFIG_IEEE80211W
os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
#endif /* CONFIG_IEEE80211W */
}
@@ -2920,8 +2941,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
os_memset(&sm->ptk, 0, sizeof(sm->ptk));
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
#ifdef CONFIG_IEEE80211W
os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R
os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
@@ -2986,7 +3009,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
wpa_hexdump_key(MSG_DEBUG, "Install GTK (WNM SLEEP)",
gd.gtk, gd.gtk_len);
- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc)) {
+ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 1)) {
os_memset(&gd, 0, sizeof(gd));
wpa_printf(MSG_DEBUG, "Failed to install the GTK in "
"WNM mode");
@@ -2998,7 +3021,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
const struct wpa_igtk_kde *igtk;
igtk = (const struct wpa_igtk_kde *) (buf + 2);
- if (wpa_supplicant_install_igtk(sm, igtk) < 0)
+ if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0)
return -1;
#endif /* CONFIG_IEEE80211W */
} else {
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index afc9e37..9a54631 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -32,8 +32,10 @@ struct wpa_sm {
int rx_replay_counter_set;
u8 request_counter[WPA_REPLAY_COUNTER_LEN];
struct wpa_gtk gtk;
+ struct wpa_gtk gtk_wnm_sleep;
#ifdef CONFIG_IEEE80211W
struct wpa_igtk igtk;
+ struct wpa_igtk igtk_wnm_sleep;
#endif /* CONFIG_IEEE80211W */
struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
--
2.7.4

79
source/n/wpa_supplicant/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
View file

@ -1,79 +0,0 @@
From 8f82bc94e8697a9d47fa8774dfdaaede1084912c Mon Sep 17 00:00:00 2001
From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Date: Fri, 29 Sep 2017 04:22:51 +0200
Subject: [PATCH 4/8] Prevent installation of an all-zero TK
Properly track whether a PTK has already been installed to the driver
and the TK part cleared from memory. This prevents an attacker from
trying to trick the client into installing an all-zero TK.
This fixes the earlier fix in commit
ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the
driver in EAPOL-Key 3/4 retry case') which did not take into account
possibility of an extra message 1/4 showing up between retries of
message 3/4.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
---
src/common/wpa_common.h | 1 +
src/rsn_supp/wpa.c | 5 ++---
src/rsn_supp/wpa_i.h | 1 -
3 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index d200285..1021ccb 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -215,6 +215,7 @@ struct wpa_ptk {
size_t kck_len;
size_t kek_len;
size_t tk_len;
+ int installed; /* 1 if key has already been installed to driver */
};
struct wpa_gtk {
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 7a2c68d..0550a41 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -510,7 +510,6 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm,
os_memset(buf, 0, sizeof(buf));
}
sm->tptk_set = 1;
- sm->tk_to_set = 1;
kde = sm->assoc_wpa_ie;
kde_len = sm->assoc_wpa_ie_len;
@@ -615,7 +614,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
enum wpa_alg alg;
const u8 *key_rsc;
- if (!sm->tk_to_set) {
+ if (sm->ptk.installed) {
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"WPA: Do not re-install same PTK to the driver");
return 0;
@@ -659,7 +658,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
/* TK is not needed anymore in supplicant */
os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
- sm->tk_to_set = 0;
+ sm->ptk.installed = 1;
if (sm->wpa_ptk_rekey) {
eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index 9a54631..41f371f 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -24,7 +24,6 @@ struct wpa_sm {
struct wpa_ptk ptk, tptk;
int ptk_set, tptk_set;
unsigned int msg_3_of_4_ok:1;
- unsigned int tk_to_set:1;
u8 snonce[WPA_NONCE_LEN];
u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
int renew_snonce;
--
2.7.4

64
source/n/wpa_supplicant/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
View file

@ -1,64 +0,0 @@
From 12fac09b437a1dc8a0f253e265934a8aaf4d2f8b Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 1 Oct 2017 12:32:57 +0300
Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce
The Authenticator state machine path for PTK rekeying ended up bypassing
the AUTHENTICATION2 state where a new ANonce is generated when going
directly to the PTKSTART state since there is no need to try to
determine the PMK again in such a case. This is far from ideal since the
new PTK would depend on a new nonce only from the supplicant.
Fix this by generating a new ANonce when moving to the PTKSTART state
for the purpose of starting new 4-way handshake to rekey PTK.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/ap/wpa_auth.c | 24 +++++++++++++++++++++---
1 file changed, 21 insertions(+), 3 deletions(-)
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 707971d..bf10cc1 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
}
+static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm)
+{
+ if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
+ wpa_printf(MSG_ERROR,
+ "WPA: Failed to get random data for ANonce");
+ sm->Disconnect = TRUE;
+ return -1;
+ }
+ wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
+ WPA_NONCE_LEN);
+ sm->TimeoutCtr = 0;
+ return 0;
+}
+
+
SM_STATE(WPA_PTK, INITPMK)
{
u8 msk[2 * PMK_LEN];
@@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK)
SM_ENTER(WPA_PTK, AUTHENTICATION);
else if (sm->ReAuthenticationRequest)
SM_ENTER(WPA_PTK, AUTHENTICATION2);
- else if (sm->PTKRequest)
- SM_ENTER(WPA_PTK, PTKSTART);
- else switch (sm->wpa_ptk_state) {
+ else if (sm->PTKRequest) {
+ if (wpa_auth_sm_ptk_update(sm) < 0)
+ SM_ENTER(WPA_PTK, DISCONNECTED);
+ else
+ SM_ENTER(WPA_PTK, PTKSTART);
+ } else switch (sm->wpa_ptk_state) {
case WPA_PTK_INITIALIZE:
break;
case WPA_PTK_DISCONNECT:
--
2.7.4

132
source/n/wpa_supplicant/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
View file

@ -1,132 +0,0 @@
From 6c4bed4f47d1960ec04981a9d50e5076aea5223d Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Fri, 22 Sep 2017 11:03:15 +0300
Subject: [PATCH 6/8] TDLS: Reject TPK-TK reconfiguration
Do not try to reconfigure the same TPK-TK to the driver after it has
been successfully configured. This is an explicit check to avoid issues
related to resetting the TX/RX packet number. There was already a check
for this for TPK M2 (retries of that message are ignored completely), so
that behavior does not get modified.
For TPK M3, the TPK-TK could have been reconfigured, but that was
followed by immediate teardown of the link due to an issue in updating
the STA entry. Furthermore, for TDLS with any real security (i.e.,
ignoring open/WEP), the TPK message exchange is protected on the AP path
and simple replay attacks are not feasible.
As an additional corner case, make sure the local nonce gets updated if
the peer uses a very unlikely "random nonce" of all zeros.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/rsn_supp/tdls.c | 38 ++++++++++++++++++++++++++++++++++++--
1 file changed, 36 insertions(+), 2 deletions(-)
diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c
index e424168..9eb9738 100644
--- a/src/rsn_supp/tdls.c
+++ b/src/rsn_supp/tdls.c
@@ -112,6 +112,7 @@ struct wpa_tdls_peer {
u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */
} tpk;
int tpk_set;
+ int tk_set; /* TPK-TK configured to the driver */
int tpk_success;
int tpk_in_progress;
@@ -192,6 +193,20 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
u8 rsc[6];
enum wpa_alg alg;
+ if (peer->tk_set) {
+ /*
+ * This same TPK-TK has already been configured to the driver
+ * and this new configuration attempt (likely due to an
+ * unexpected retransmitted frame) would result in clearing
+ * the TX/RX sequence number which can break security, so must
+ * not allow that to happen.
+ */
+ wpa_printf(MSG_INFO, "TDLS: TPK-TK for the peer " MACSTR
+ " has already been configured to the driver - do not reconfigure",
+ MAC2STR(peer->addr));
+ return -1;
+ }
+
os_memset(rsc, 0, 6);
switch (peer->cipher) {
@@ -209,12 +224,15 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
return -1;
}
+ wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR,
+ MAC2STR(peer->addr));
if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1,
rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) {
wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "
"driver");
return -1;
}
+ peer->tk_set = 1;
return 0;
}
@@ -696,7 +714,7 @@ static void wpa_tdls_peer_clear(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
peer->cipher = 0;
peer->qos_info = 0;
peer->wmm_capable = 0;
- peer->tpk_set = peer->tpk_success = 0;
+ peer->tk_set = peer->tpk_set = peer->tpk_success = 0;
peer->chan_switch_enabled = 0;
os_memset(&peer->tpk, 0, sizeof(peer->tpk));
os_memset(peer->inonce, 0, WPA_NONCE_LEN);
@@ -1159,6 +1177,7 @@ skip_rsnie:
wpa_tdls_peer_free(sm, peer);
return -1;
}
+ peer->tk_set = 0; /* A new nonce results in a new TK */
wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake",
peer->inonce, WPA_NONCE_LEN);
os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
@@ -1751,6 +1770,19 @@ static int wpa_tdls_addset_peer(struct wpa_sm *sm, struct wpa_tdls_peer *peer,
}
+static int tdls_nonce_set(const u8 *nonce)
+{
+ int i;
+
+ for (i = 0; i < WPA_NONCE_LEN; i++) {
+ if (nonce[i])
+ return 1;
+ }
+
+ return 0;
+}
+
+
static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr,
const u8 *buf, size_t len)
{
@@ -2004,7 +2036,8 @@ skip_rsn:
peer->rsnie_i_len = kde.rsn_ie_len;
peer->cipher = cipher;
- if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0) {
+ if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0 ||
+ !tdls_nonce_set(peer->inonce)) {
/*
* There is no point in updating the RNonce for every obtained
* TPK M1 frame (e.g., retransmission due to timeout) with the
@@ -2020,6 +2053,7 @@ skip_rsn:
"TDLS: Failed to get random data for responder nonce");
goto error;
}
+ peer->tk_set = 0; /* A new nonce results in a new TK */
}
#if 0
--
2.7.4

43
source/n/wpa_supplicant/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
View file

@ -1,43 +0,0 @@
From 53c5eb58e95004f86e65ee9fbfccbc291b139057 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Fri, 22 Sep 2017 11:25:02 +0300
Subject: [PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending
request
Commit 03ed0a52393710be6bdae657d1b36efa146520e5 ('WNM: Ignore WNM-Sleep
Mode Response if WNM-Sleep Mode has not been used') started ignoring the
response when no WNM-Sleep Mode Request had been used during the
association. This can be made tighter by clearing the used flag when
successfully processing a response. This adds an additional layer of
protection against unexpected retransmissions of the response frame.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
wpa_supplicant/wnm_sta.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
index 1b3409c..67a07ff 100644
--- a/wpa_supplicant/wnm_sta.c
+++ b/wpa_supplicant/wnm_sta.c
@@ -260,7 +260,7 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
if (!wpa_s->wnmsleep_used) {
wpa_printf(MSG_DEBUG,
- "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode has not been used in this association");
+ "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode operation has not been requested");
return;
}
@@ -299,6 +299,8 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
return;
}
+ wpa_s->wnmsleep_used = 0;
+
if (wnmsleep_ie->status == WNM_STATUS_SLEEP_ACCEPT ||
wnmsleep_ie->status == WNM_STATUS_SLEEP_EXIT_ACCEPT_GTK_UPDATE) {
wpa_printf(MSG_DEBUG, "Successfully recv WNM-Sleep Response "
--
2.7.4

82
source/n/wpa_supplicant/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
View file

@ -1,82 +0,0 @@
From b372ab0b7daea719749194dc554b26e6367603f2 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Fri, 22 Sep 2017 12:06:37 +0300
Subject: [PATCH 8/8] FT: Do not allow multiple Reassociation Response frames
The driver is expected to not report a second association event without
the station having explicitly request a new association. As such, this
case should not be reachable. However, since reconfiguring the same
pairwise or group keys to the driver could result in nonce reuse issues,
be extra careful here and do an additional state check to avoid this
even if the local driver ends up somehow accepting an unexpected
Reassociation Response frame.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/rsn_supp/wpa.c | 3 +++
src/rsn_supp/wpa_ft.c | 8 ++++++++
src/rsn_supp/wpa_i.h | 1 +
3 files changed, 12 insertions(+)
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 0550a41..2a53c6f 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -2440,6 +2440,9 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm)
#ifdef CONFIG_TDLS
wpa_tdls_disassoc(sm);
#endif /* CONFIG_TDLS */
+#ifdef CONFIG_IEEE80211R
+ sm->ft_reassoc_completed = 0;
+#endif /* CONFIG_IEEE80211R */
/* Keys are not needed in the WPA state machine anymore */
wpa_sm_drop_sa(sm);
diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index 205793e..d45bb45 100644
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c
@@ -153,6 +153,7 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
u16 capab;
sm->ft_completed = 0;
+ sm->ft_reassoc_completed = 0;
buf_len = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
2 + sm->r0kh_id_len + ric_ies_len + 100;
@@ -681,6 +682,11 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
return -1;
}
+ if (sm->ft_reassoc_completed) {
+ wpa_printf(MSG_DEBUG, "FT: Reassociation has already been completed for this FT protocol instance - ignore unexpected retransmission");
+ return 0;
+ }
+
if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) {
wpa_printf(MSG_DEBUG, "FT: Failed to parse IEs");
return -1;
@@ -781,6 +787,8 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
return -1;
}
+ sm->ft_reassoc_completed = 1;
+
if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0)
return -1;
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index 41f371f..56f88dc 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -128,6 +128,7 @@ struct wpa_sm {
size_t r0kh_id_len;
u8 r1kh_id[FT_R1KH_ID_LEN];
int ft_completed;
+ int ft_reassoc_completed;
int over_the_ds_in_progress;
u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
int set_ptk_after_assoc;
--
2.7.4

226
source/n/wpa_supplicant/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
View file

@ -1,226 +0,0 @@
WPA packet number reuse with replayed messages and key reinstallation
Published: October 16, 2017
Identifiers:
- CERT case ID: VU#228519
- CVE-2017-13077
- CVE-2017-13078
- CVE-2017-13079
- CVE-2017-13080
- CVE-2017-13081
- CVE-2017-13082
- CVE-2017-13084 (not applicable)
- CVE-2017-13086
- CVE-2017-13087
- CVE-2017-13088
Latest version available from: https://w1.fi/security/2017-1/
Vulnerability
A vulnerability was found in how a number of implementations can be
triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by
replaying a specific frame that is used to manage the keys. Such
reinstallation of the encryption key can result in two different types
of vulnerabilities: disabling replay protection and significantly
reducing the security of encryption to the point of allowing frames to
be decrypted or some parts of the keys to be determined by an attacker
depending on which cipher is used.
This document focuses on the cases that apply to systems using hostapd
(AP) or wpa_supplicant (station), but it should be noted that the
generic vulnerability itself is applicable to other implementations and
may have different impact in other cases.
This vulnerability can in theory apply to any case where a TK (the
pairwise/unicast encryption key used with TKIP, CCMP, GCMP), a GTK
(group/multicast encryption key), or an IGTK (group management frame
integrity protection key) is configured by the Authentication/Supplicant
component to the WLAN driver/firmware taking care of the TX/RX path and
encryption/decryption of frames.
If the same key is configured multiple times, it is likely that the
transmit and receive packet numbers (PN, IPN, RSC/TSC, etc.) are cleared
to a smaller value (zero in case of pairwise keys, zero or at least a
smaller value than the last used value in case of group keys). When this
happens with the same key, this breaks replay protection on RX side and
can result in reuse of packet numbers on TX side. The former may allow
replaying of previously delivered packets (without the attacker being
able to decrypt them or modify their contents) while the latter may
result in more severe issues on the TX side due to resulting CCM nonce
replay and related issues with GCMP and TKIP. The TX side issue may make
it significantly easier for the attacker to decrypt frames and determine
some parts of the keys (e.g., a Michael MIC key in case of TKIP).
Impact on AP/hostapd
On the AP side, this generic issue has been determined to be applicable
in the case where hostapd is used to operate an RSN/WPA2 network with FT
(Fast BSS Transition from IEEE 802.11r) enabled. Replaying of the
Reassociation Request frame can be used to get the AP reinstalling the
TK which results in the AP accepting previously delivered unicast frames
from the station and the AP reusing previously used packet numbers
(local TX packet number gets reset to zero). This latter issue on the TX
side can result in CCM nonce reuse which invalidates CCMP security
properties. In case of TKIP this can result in the attacker being able
to determine part of the TK more easily and with GCMP, result in similar
issues.
It should be noted that the AP side issue with FT would be close to
applying to FILS authentication (from IEEE 802.11ai) in hostapd with
replaying of (Re)Association Request frames. However, due to a different
handling of the repeated association processing with FILS, this would
actually result in the station getting immediately disconnected which
prevents this attack in practice. In addition, the FILS implementation
in the current hostapd version is still experimental and documented as
being discouraged in production use cases.
Another area of potentially reduced security was identified when looking
into these issues. When AP/Authenticator implementation in hostapd is
requested to rekey the PTK without performing EAP reauthentication
(either through local periodic rekeying or due to a request from an
association station), the ANonce value does not get updated. This
results in the new 4-way handshake depending on the station/supplicant
side generating a new, unique (for the current PMK/PSK) SNonce for the
PTK derivation to result in a new key. While a properly working
supplicant would do so, if there is a supplicant implementation that
does not, this combination could result in deriving the same PTK
again. When the TK from that PTK gets configured in the driver, this
would result in reinstalling the same key and the same issues as
described above for the FT protocol case.
Impact on station/wpa_supplicant
On the station side, this generic issue has been determined to be
applicable in the cases where wpa_supplicant processes a group key (GTK
or IGTK) update from the AP. An attacker that is able to limit access
to frame delivery may be able to extract two update messages and deliver
those to the station with significant time delay between them. When
wpa_supplicant processes the second message, it may end up reinstalling
the same key to the driver and when doing this, clear the RX packet
number to an old value. This would allow the attacker to replay all
group-addressed frames that the AP sent between the time the key update
message was originally sent and the time when the attacker forwarded the
second frame to the station. The attacker would not be able to decrypt
or modify the frames based on this vulnerability, though. There is an
exception to this with older wpa_supplicant versions as noted below in
version specific notes.
For the current wpa_supplicant version (v2.6), there is also an
additional EAPOL-Key replay sequence where an additional forged
EAPOL-Key message can be used to bypass the existing protection for the
pairwise key reconfiguration in a manner that ends up configuring a
known TK that an attacker could use to decrypt any frame sent by the
station and to inject arbitrary unicast frames. Similar issues are
reachable in older versions as noted below.
PeerKey / TDLS PeerKey
As far as the related CVE-2017-13084 (reinstallation of the STK key in
the PeerKey handshake) is concerned, it should be noted that PeerKey
implementation in wpa_supplicant is not fully functional and the actual
installation of the key into the driver does not work. As such, this
item is not applicable in practice. Furthermore, the PeerKey handshake
for IEEE 802.11e DLS is obsolete and not known to have been deployed.
As far as the TDLS PeerKey handshake is concerned (CVE-2017-13086),
wpa_supplicant implementation is already rejecting TPK M2 retries, so
the reconfiguration issue cannot apply for it. For TPK M3, there is a
theoretical impact. However, if that frame is replayed, the current
wpa_supplicant implementation ends up tearing down the TDLS link
immediately and as such, there is no real window for performing the
attack. Furthermore, TPK M3 goes through the AP path and if RSN is used
there, that frame has replay protection, so the attacker could not
perform the attack. If the AP path were to use WEP, the frame could be
replayed, though. That said, if WEP is used on the AP path, it would be
fair to assume that there is no security in the network, so a new attack
vector would be of small additional value.
With older wpa_supplicant versions, it may be possible for an attacker
to cause TPK M2 to be retransmitted with delay that would be able to
trigger reinstallation of TK on the peer receiving TPK M2
(CVE-2017-13086). This may open a short window for the attack with v2.3,
v2.4, and v2.5; and a longer window with older versions.
Vulnerable versions/configurations
For the AP/Authenticator TK (unicast) reinstallation in FT protocol
(CVE-2017-13082):
hostapd v0.7.2 and newer with FT enabled (i.e., practically all versions
that include full FT implementation). FT needs to be enabled in the
runtime configuration to make this applicable.
For the AP/Authenticator missing ANonce during PTK rekeying:
All hostapd versions.
For the station/Supplicant side GTK/IGTK reinstallation and TK
configuration:
All wpa_supplicant versions. The impact on older versions can be more
severe due to earlier changes in this area: v2.3 and older can also
reinstall the pairwise key and as such have similar impact as the AP FT
case (CVE-2017-13077); v2.4 and v2.5 end up configuring an all-zero TK
which breaks the normal data path, but could allow an attacker to
decrypt all following frames from the station and to inject arbitrary
frames to the station. In addition, a different message sequence
involving 4-way handshake can result in configuration of an all-zero TK
in v2.6 and the current snapshot of the development repository as of the
publication of this advisory.
Acknowledgments
Thanks to Mathy Vanhoef of the imec-DistriNet research group of KU
Leuven for discovering and reporting this issue. Thanks to John A. Van
Boxtel for finding additional issues related to this topic.
Possible mitigation steps
- For AP/hostapd and FT replay issue (CVE-2017-13082), it is possible to
prevent the issue temporarily by disabling FT in runtime
configuration, if needed before being able to update the
implementations.
- Merge the following commits to hostapd/wpa_supplicant and rebuild them:
hostapd and replayed FT reassociation request frame (CVE-2017-13082):
hostapd: Avoid key reinstallation in FT handshake
hostapd PTK rekeying and ANonce update:
Fix PTK rekeying to generate a new ANonce
wpa_supplicant and GTK/IGTK rekeying (CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088):
Prevent reinstallation of an already in-use group key
Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
wpa_supplicant (v2.6 or newer snapshot) and known TK issue:
Prevent installation of an all-zero TK
Additional protection steps for wpa_supplicant:
TDLS: Reject TPK-TK reconfiguration
WNM: Ignore WNM-Sleep Mode Response without pending request
FT: Do not allow multiple Reassociation Response frames
These patches are available from https://w1.fi/security/2017-1/
(both against the snapshot of hostap.git master branch and rebased on
top of the v2.6 release)
For the TDLS TPK M2 retransmission issue (CVE-2017-13086) with older
wpa_supplicant versions, consider updating to the latest version or
merge in a commit that is present in v2.6:
https://w1.fi/cgit/hostap/commit/?id=dabdef9e048b17b22b1c025ad592922eab30dda8
('TDLS: Ignore incoming TDLS Setup Response retries')
- Update to hostapd/wpa_supplicant v2.7 or newer, once available
* it should be noted that there are number of additional changes in
the related areas of the implementation to provide extra layer of
protection for potential unknown issues; these changes are not
included in this advisory as they have not been identified to be
critical for preventing any of the identified security
vulnerabilities; however, users of hostapd/wpa_supplicant are
encouraged to consider merging such changes even if not fully
moving to v2.7

633
source/n/wpa_supplicant/config/dot.config
View file

@ -1,44 +1,595 @@
CONFIG_AP=y
CONFIG_BACKEND=file
CONFIG_BGSCAN_SIMPLE=y
CONFIG_CTRL_IFACE=y
CONFIG_CTRL_IFACE_DBUS=y
CONFIG_CTRL_IFACE_DBUS_INTRO=y
CONFIG_CTRL_IFACE_DBUS_NEW=y
CONFIG_DEBUG_FILE=y
CONFIG_DEBUG_SYSLOG=y
CONFIG_DRIVER_NL80211=y
# Example wpa_supplicant build time configuration
#
# This file lists the configuration options that are used when building the
# wpa_supplicant binary. All lines starting with # are ignored. Configuration
# option lines must be commented out complete, if they are not to be included,
# i.e., just setting VARIABLE=n is not disabling that variable.
#
# This file is included in Makefile, so variables like CFLAGS and LIBS can also
# be modified from here. In most cases, these lines should use += in order not
# to override previous values of the variables.
# Uncomment following two lines and fix the paths if you have installed OpenSSL
# or GnuTLS in non-default location
#CFLAGS += -I/usr/local/openssl/include
#LIBS += -L/usr/local/openssl/lib
# Some Red Hat versions seem to include kerberos header files from OpenSSL, but
# the kerberos files are not in the default include path. Following line can be
# used to fix build issues on such systems (krb5.h not found).
#CFLAGS += -I/usr/include/kerberos
# Driver interface for generic Linux wireless extensions
# Note: WEXT is deprecated in the current Linux kernel version and no new
# functionality is added to it. nl80211-based interface is the new
# replacement for WEXT and its use allows wpa_supplicant to properly control
# the driver to improve existing functionality like roaming and to support new
# functionality.
CONFIG_DRIVER_WEXT=y
CONFIG_DRIVER_WIRED=y
CONFIG_EAP_AKA=y
CONFIG_EAP_FAST=y
CONFIG_EAP_GPSK=y
CONFIG_EAP_GPSK_SHA256=y
CONFIG_EAP_GTC=y
CONFIG_EAP_IKEV2=y
CONFIG_EAP_LEAP=y
CONFIG_EAP_MD5=y
CONFIG_EAP_MSCHAPV2=y
CONFIG_EAP_OTP=y
CONFIG_EAP_PAX=y
CONFIG_EAP_PEAP=y
CONFIG_EAP_SAKE=y
CONFIG_EAP_TLS=y
CONFIG_EAP_TNC=y
CONFIG_EAP_TTLS=y
CONFIG_IBSS_RSN=y
CONFIG_IEEE80211N=y
CONFIG_IEEE80211R=y
CONFIG_IEEE80211W=y
CONFIG_IEEE8021X_EAPOL=y
# Driver interface for Linux drivers using the nl80211 kernel interface
CONFIG_DRIVER_NL80211=y
# QCA vendor extensions to nl80211
#CONFIG_DRIVER_NL80211_QCA=y
# driver_nl80211.c requires libnl. If you are compiling it yourself
# you may need to point hostapd to your version of libnl.
#
#CFLAGS += -I$<path to libnl include files>
#LIBS += -L$<path to libnl library files>
# Use libnl v2.0 (or 3.0) libraries.
#CONFIG_LIBNL20=y
# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
CONFIG_LIBNL32=y
CONFIG_P2P=y
CONFIG_PEERKEY=y
CONFIG_PKCS12=y
CONFIG_READLINE=y
CONFIG_SMARTCARD=y
CONFIG_TLS_DEFAULT_CIPHERS="PROFILE=SYSTEM:3DES"
CONFIG_WIFI_DISPLAY=y
CONFIG_WPS=y
#CONFIG_MACSEC=y
# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
#CONFIG_DRIVER_BSD=y
#CFLAGS += -I/usr/local/include
#LIBS += -L/usr/local/lib
#LIBS_p += -L/usr/local/lib
#LIBS_c += -L/usr/local/lib
# Driver interface for Windows NDIS
#CONFIG_DRIVER_NDIS=y
#CFLAGS += -I/usr/include/w32api/ddk
#LIBS += -L/usr/local/lib
# For native build using mingw
#CONFIG_NATIVE_WINDOWS=y
# Additional directories for cross-compilation on Linux host for mingw target
#CFLAGS += -I/opt/mingw/mingw32/include/ddk
#LIBS += -L/opt/mingw/mingw32/lib
#CC=mingw32-gcc
# By default, driver_ndis uses WinPcap for low-level operations. This can be
# replaced with the following option which replaces WinPcap calls with NDISUIO.
# However, this requires that WZC is disabled (net stop wzcsvc) before starting
# wpa_supplicant.
# CONFIG_USE_NDISUIO=y
# Driver interface for wired Ethernet drivers
CONFIG_DRIVER_WIRED=y
# Driver interface for MACsec capable Qualcomm Atheros drivers
#CONFIG_DRIVER_MACSEC_QCA=y
# Driver interface for Linux MACsec drivers
#CONFIG_DRIVER_MACSEC_LINUX=y
# Driver interface for the Broadcom RoboSwitch family
#CONFIG_DRIVER_ROBOSWITCH=y
# Driver interface for no driver (e.g., WPS ER only)
#CONFIG_DRIVER_NONE=y
# Solaris libraries
#LIBS += -lsocket -ldlpi -lnsl
#LIBS_c += -lsocket
# Enable IEEE 802.1X Supplicant (automatically included if any EAP method or
# MACsec is included)
CONFIG_IEEE8021X_EAPOL=y
# EAP-MD5
CONFIG_EAP_MD5=y
# EAP-MSCHAPv2
CONFIG_EAP_MSCHAPV2=y
# EAP-TLS
CONFIG_EAP_TLS=y
# EAL-PEAP
CONFIG_EAP_PEAP=y
# EAP-TTLS
CONFIG_EAP_TTLS=y
# EAP-FAST
# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed
# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g.,
# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions.
CONFIG_EAP_FAST=y
# EAP-GTC
CONFIG_EAP_GTC=y
# EAP-OTP
CONFIG_EAP_OTP=y
# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
#CONFIG_EAP_SIM=y
# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
#CONFIG_EAP_PSK=y
# EAP-pwd (secure authentication using only a password)
#CONFIG_EAP_PWD=y
# EAP-PAX
CONFIG_EAP_PAX=y
# LEAP
CONFIG_EAP_LEAP=y
# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
#CONFIG_EAP_AKA=y
# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
# This requires CONFIG_EAP_AKA to be enabled, too.
#CONFIG_EAP_AKA_PRIME=y
# Enable USIM simulator (Milenage) for EAP-AKA
#CONFIG_USIM_SIMULATOR=y
# EAP-SAKE
CONFIG_EAP_SAKE=y
# EAP-GPSK
CONFIG_EAP_GPSK=y
# Include support for optional SHA256 cipher suite in EAP-GPSK
CONFIG_EAP_GPSK_SHA256=y
# EAP-TNC and related Trusted Network Connect support (experimental)
CONFIG_EAP_TNC=y
# Wi-Fi Protected Setup (WPS)
CONFIG_WPS=y
# Enable WPS external registrar functionality
#CONFIG_WPS_ER=y
# Disable credentials for an open network by default when acting as a WPS
# registrar.
#CONFIG_WPS_REG_DISABLE_OPEN=y
# Enable WPS support with NFC config method
#CONFIG_WPS_NFC=y
# EAP-IKEv2
CONFIG_EAP_IKEV2=y
# EAP-EKE
#CONFIG_EAP_EKE=y
# MACsec
#CONFIG_MACSEC=y
# PKCS#12 (PFX) support (used to read private key and certificate file from
# a file that usually has extension .p12 or .pfx)
CONFIG_PKCS12=y
# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
# engine.
CONFIG_SMARTCARD=y
# PC/SC interface for smartcards (USIM, GSM SIM)
# Enable this if EAP-SIM or EAP-AKA is included
#CONFIG_PCSC=y
# Support HT overrides (disable HT/HT40, mask MCS rates, etc.)
#CONFIG_HT_OVERRIDES=y
# Support VHT overrides (disable VHT, mask MCS rates, etc.)
#CONFIG_VHT_OVERRIDES=y
# Development testing
#CONFIG_EAPOL_TEST=y
# Select control interface backend for external programs, e.g, wpa_cli:
# unix = UNIX domain sockets (default for Linux/*BSD)
# udp = UDP sockets using localhost (127.0.0.1)
# udp6 = UDP IPv6 sockets using localhost (::1)
# named_pipe = Windows Named Pipe (default for Windows)
# udp-remote = UDP sockets with remote access (only for tests systems/purpose)
# udp6-remote = UDP IPv6 sockets with remote access (only for tests purpose)
# y = use default (backwards compatibility)
# If this option is commented out, control interface is not included in the
# build.
CONFIG_CTRL_IFACE=y
# Include support for GNU Readline and History Libraries in wpa_cli.
# When building a wpa_cli binary for distribution, please note that these
# libraries are licensed under GPL and as such, BSD license may not apply for
# the resulting binary.
CONFIG_READLINE=y
# Include internal line edit mode in wpa_cli. This can be used as a replacement
# for GNU Readline to provide limited command line editing and history support.
#CONFIG_WPA_CLI_EDIT=y
# Remove debugging code that is printing out debug message to stdout.
# This can be used to reduce the size of the wpa_supplicant considerably
# if debugging code is not needed. The size reduction can be around 35%
# (e.g., 90 kB).
#CONFIG_NO_STDOUT_DEBUG=y
# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
# 35-50 kB in code size.
#CONFIG_NO_WPA=y
# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
# This option can be used to reduce code size by removing support for
# converting ASCII passphrases into PSK. If this functionality is removed, the
# PSK can only be configured as the 64-octet hexstring (e.g., from
# wpa_passphrase). This saves about 0.5 kB in code size.
#CONFIG_NO_WPA_PASSPHRASE=y
# Disable scan result processing (ap_mode=1) to save code size by about 1 kB.
# This can be used if ap_scan=1 mode is never enabled.
#CONFIG_NO_SCAN_PROCESSING=y
# Select configuration backend:
# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
# path is given on command line, not here; this option is just used to
# select the backend that allows configuration files to be used)
# winreg = Windows registry (see win_example.reg for an example)
CONFIG_BACKEND=file
# Remove configuration write functionality (i.e., to allow the configuration
# file to be updated based on runtime configuration changes). The runtime
# configuration can still be changed, the changes are just not going to be
# persistent over restarts. This option can be used to reduce code size by
# about 3.5 kB.
#CONFIG_NO_CONFIG_WRITE=y
# Remove support for configuration blobs to reduce code size by about 1.5 kB.
#CONFIG_NO_CONFIG_BLOBS=y
# Select program entry point implementation:
# main = UNIX/POSIX like main() function (default)
# main_winsvc = Windows service (read parameters from registry)
# main_none = Very basic example (development use only)
#CONFIG_MAIN=main
# Select wrapper for operating system and C library specific functions
# unix = UNIX/POSIX like systems (default)
# win32 = Windows systems
# none = Empty template
#CONFIG_OS=unix
# Select event loop implementation
# eloop = select() loop (default)
# eloop_win = Windows events and WaitForMultipleObject() loop
#CONFIG_ELOOP=eloop
# Should we use poll instead of select? Select is used by default.
#CONFIG_ELOOP_POLL=y
# Should we use epoll instead of select? Select is used by default.
#CONFIG_ELOOP_EPOLL=y
# Should we use kqueue instead of select? Select is used by default.
#CONFIG_ELOOP_KQUEUE=y
# Select layer 2 packet implementation
# linux = Linux packet socket (default)
# pcap = libpcap/libdnet/WinPcap
# freebsd = FreeBSD libpcap
# winpcap = WinPcap with receive thread
# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
# none = Empty template
#CONFIG_L2_PACKET=linux
# Disable Linux packet socket workaround applicable for station interface
# in a bridge for EAPOL frames. This should be uncommented only if the kernel
# is known to not have the regression issue in packet socket behavior with
# bridge interfaces (commit 'bridge: respect RFC2863 operational state')').
#CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y
# IEEE 802.11w (management frame protection), also known as PMF
# Driver support is also needed for IEEE 802.11w.
CONFIG_IEEE80211W=y
# Select TLS implementation
# openssl = OpenSSL (default)
# gnutls = GnuTLS
# internal = Internal TLSv1 implementation (experimental)
# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental)
# none = Empty template
#CONFIG_TLS=openssl
# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
# can be enabled to get a stronger construction of messages when block ciphers
# are used. It should be noted that some existing TLS v1.0 -based
# implementation may not be compatible with TLS v1.1 message (ClientHello is
# sent prior to negotiating which version will be used)
#CONFIG_TLSV11=y
# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2)
# can be enabled to enable use of stronger crypto algorithms. It should be
# noted that some existing TLS v1.0 -based implementation may not be compatible
# with TLS v1.2 message (ClientHello is sent prior to negotiating which version
# will be used)
#CONFIG_TLSV12=y
# Select which ciphers to use by default with OpenSSL if the user does not
# specify them.
CONFIG_TLS_DEFAULT_CIPHERS="PROFILE=SYSTEM:3DES"
# If CONFIG_TLS=internal is used, additional library and include paths are
# needed for LibTomMath. Alternatively, an integrated, minimal version of
# LibTomMath can be used. See beginning of libtommath.c for details on benefits
# and drawbacks of this option.
#CONFIG_INTERNAL_LIBTOMMATH=y
#ifndef CONFIG_INTERNAL_LIBTOMMATH
#LTM_PATH=/usr/src/libtommath-0.39
#CFLAGS += -I$(LTM_PATH)
#LIBS += -L$(LTM_PATH)
#LIBS_p += -L$(LTM_PATH)
#endif
# At the cost of about 4 kB of additional binary size, the internal LibTomMath
# can be configured to include faster routines for exptmod, sqr, and div to
# speed up DH and RSA calculation considerably
#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
# This is only for Windows builds and requires WMI-related header files and
# WbemUuid.Lib from Platform SDK even when building with MinGW.
#CONFIG_NDIS_EVENTS_INTEGRATED=y
#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
# Add support for old DBus control interface
# (fi.epitest.hostap.WPASupplicant)
CONFIG_CTRL_IFACE_DBUS=y
# Add support for new DBus control interface
# (fi.w1.hostap.wpa_supplicant1)
CONFIG_CTRL_IFACE_DBUS_NEW=y
# Add introspection support for new DBus control interface
CONFIG_CTRL_IFACE_DBUS_INTRO=y
# Add support for loading EAP methods dynamically as shared libraries.
# When this option is enabled, each EAP method can be either included
# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
# be loaded in the beginning of the wpa_supplicant configuration file
# (see load_dynamic_eap parameter in the example file) before being used in
# the network blocks.
#
# Note that some shared parts of EAP methods are included in the main program
# and in order to be able to use dynamic EAP methods using these parts, the
# main program must have been build with the EAP method enabled (=y or =dyn).
# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
# unless at least one of them was included in the main build to force inclusion
# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
# in the main build to be able to load these methods dynamically.
#
# Please also note that using dynamic libraries will increase the total binary
# size. Thus, it may not be the best option for targets that have limited
# amount of memory/flash.
#CONFIG_DYNAMIC_EAP_METHODS=y
# IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode
#CONFIG_IEEE80211R=y
# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
CONFIG_DEBUG_FILE=y
# Send debug messages to syslog instead of stdout
CONFIG_DEBUG_SYSLOG=y
# Set syslog facility for debug messages
#CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON
# Add support for sending all debug messages (regardless of debug verbosity)
# to the Linux kernel tracing facility. This helps debug the entire stack by
# making it easy to record everything happening from the driver up into the
# same file, e.g., using trace-cmd.
#CONFIG_DEBUG_LINUX_TRACING=y
# Add support for writing debug log to Android logcat instead of standard
# output
#CONFIG_ANDROID_LOG=y
# Enable privilege separation (see README 'Privilege separation' for details)
#CONFIG_PRIVSEP=y
# Enable mitigation against certain attacks against TKIP by delaying Michael
# MIC error reports by a random amount of time between 0 and 60 seconds
#CONFIG_DELAYED_MIC_ERROR_REPORT=y
# Enable tracing code for developer debugging
# This tracks use of memory allocations and other registrations and reports
# incorrect use with a backtrace of call (or allocation) location.
#CONFIG_WPA_TRACE=y
# For BSD, uncomment these.
#LIBS += -lexecinfo
#LIBS_p += -lexecinfo
#LIBS_c += -lexecinfo
# Use libbfd to get more details for developer debugging
# This enables use of libbfd to get more detailed symbols for the backtraces
# generated by CONFIG_WPA_TRACE=y.
#CONFIG_WPA_TRACE_BFD=y
# For BSD, uncomment these.
#LIBS += -lbfd -liberty -lz
#LIBS_p += -lbfd -liberty -lz
#LIBS_c += -lbfd -liberty -lz
# wpa_supplicant depends on strong random number generation being available
# from the operating system. os_get_random() function is used to fetch random
# data when needed, e.g., for key generation. On Linux and BSD systems, this
# works by reading /dev/urandom. It should be noted that the OS entropy pool
# needs to be properly initialized before wpa_supplicant is started. This is
# important especially on embedded devices that do not have a hardware random
# number generator and may by default start up with minimal entropy available
# for random number generation.
#
# As a safety net, wpa_supplicant is by default trying to internally collect
# additional entropy for generating random data to mix in with the data fetched
# from the OS. This by itself is not considered to be very strong, but it may
# help in cases where the system pool is not initialized properly. However, it
# is very strongly recommended that the system pool is initialized with enough
# entropy either by using hardware assisted random number generator or by
# storing state over device reboots.
#
# wpa_supplicant can be configured to maintain its own entropy store over
# restarts to enhance random number generation. This is not perfect, but it is
# much more secure than using the same sequence of random numbers after every
# reboot. This can be enabled with -e<entropy file> command line option. The
# specified file needs to be readable and writable by wpa_supplicant.
#
# If the os_get_random() is known to provide strong random data (e.g., on
# Linux/BSD, the board in question is known to have reliable source of random
# data from /dev/urandom), the internal wpa_supplicant random pool can be
# disabled. This will save some in binary size and CPU use. However, this
# should only be considered for builds that are known to be used on devices
# that meet the requirements described above.
#CONFIG_NO_RANDOM_POOL=y
# IEEE 802.11n (High Throughput) support (mainly for AP mode)
CONFIG_IEEE80211N=y
# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode)
# (depends on CONFIG_IEEE80211N)
CONFIG_IEEE80211AC=y
# Wireless Network Management (IEEE Std 802.11v-2011)
# Note: This is experimental and not complete implementation.
#CONFIG_WNM=y
# Interworking (IEEE 802.11u)
# This can be used to enable functionality to improve interworking with
# external networks (GAS/ANQP to learn more about the networks and network
# selection based on available credentials).
#CONFIG_INTERWORKING=y
# Hotspot 2.0
#CONFIG_HS20=y
# Enable interface matching in wpa_supplicant
#CONFIG_MATCH_IFACE=y
# Disable roaming in wpa_supplicant
#CONFIG_NO_ROAMING=y
# AP mode operations with wpa_supplicant
# This can be used for controlling AP mode operations with wpa_supplicant. It
# should be noted that this is mainly aimed at simple cases like
# WPA2-Personal while more complex configurations like WPA2-Enterprise with an
# external RADIUS server can be supported with hostapd.
CONFIG_AP=y
# P2P (Wi-Fi Direct)
# This can be used to enable P2P support in wpa_supplicant. See README-P2P for
# more information on P2P operations.
CONFIG_P2P=y
# Enable TDLS support
#CONFIG_TDLS=y
# Wi-Fi Direct
# This can be used to enable Wi-Fi Direct extensions for P2P using an external
# program to control the additional information exchanges in the messages.
CONFIG_WIFI_DISPLAY=y
# Autoscan
# This can be used to enable automatic scan support in wpa_supplicant.
# See wpa_supplicant.conf for more information on autoscan usage.
#
# Enabling directly a module will enable autoscan support.
# For exponential module:
#CONFIG_AUTOSCAN_EXPONENTIAL=y
# For periodic module:
#CONFIG_AUTOSCAN_PERIODIC=y
# Password (and passphrase, etc.) backend for external storage
# These optional mechanisms can be used to add support for storing passwords
# and other secrets in external (to wpa_supplicant) location. This allows, for
# example, operating system specific key storage to be used
#
# External password backend for testing purposes (developer use)
#CONFIG_EXT_PASSWORD_TEST=y
# Enable Fast Session Transfer (FST)
#CONFIG_FST=y
# Enable CLI commands for FST testing
#CONFIG_FST_TEST=y
# OS X builds. This is only for building eapol_test.
#CONFIG_OSX=y
# Automatic Channel Selection
# This will allow wpa_supplicant to pick the channel automatically when channel
# is set to "0".
#
# TODO: Extend parser to be able to parse "channel=acs_survey" as an alternative
# to "channel=0". This would enable us to eventually add other ACS algorithms in
# similar way.
#
# Automatic selection is currently only done through initialization, later on
# we hope to do background checks to keep us moving to more ideal channels as
# time goes by. ACS is currently only supported through the nl80211 driver and
# your driver must have survey dump capability that is filled by the driver
# during scanning.
#
# TODO: In analogy to hostapd be able to customize the ACS survey algorithm with
# a newly to create wpa_supplicant.conf variable acs_num_scans.
#
# Supported ACS drivers:
# * ath9k
# * ath5k
# * ath10k
#
# For more details refer to:
# http://wireless.kernel.org/en/users/Documentation/acs
#CONFIG_ACS=y
# Support Multi Band Operation
#CONFIG_MBO=y
# Fast Initial Link Setup (FILS) (IEEE 802.11ai)
# Note: This is an experimental and not yet complete implementation. This
# should not be enabled for production use.
#CONFIG_FILS=y
# FILS shared key authentication with PFS
#CONFIG_FILS_SK_PFS=y
# Support RSN on IBSS networks
# This is needed to be able to use mode=1 network profile with proto=RSN and
# key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None).
CONFIG_IBSS_RSN=y
# External PMKSA cache control
# This can be used to enable control interface commands that allow the current
# PMKSA cache entries to be fetched and new entries to be added.
#CONFIG_PMKSA_CACHE_EXTERNAL=y
# Mesh Networking (IEEE 802.11s)
#CONFIG_MESH=y
# Background scanning modules
# These can be used to request wpa_supplicant to perform background scanning
# operations for roaming within an ESS (same SSID). See the bgscan parameter in
# the wpa_supplicant.conf file for more details.
# Periodic background scans based on signal strength
CONFIG_BGSCAN_SIMPLE=y
# Learn channels used by the network and try to avoid bgscans on other
# channels (experimental)
#CONFIG_BGSCAN_LEARN=y
# Opportunistic Wireless Encryption (OWE)
# Experimental implementation of draft-harkins-owe-07.txt
#CONFIG_OWE=y

127
source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch
View file

@ -1,127 +0,0 @@
From 25b37c54a47e49d591f5752bbf0f510480402cae Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Sun, 9 Jul 2017 11:14:10 +0200
Subject: [PATCH 1/2] OpenSSL: Fix private key password handling with OpenSSL
>= 1.1.0f
Since OpenSSL version 1.1.0f, SSL_use_PrivateKey_file() uses the
callback from the SSL object instead of the one from the CTX, so let's
set the callback on both SSL and CTX. Note that
SSL_set_default_passwd_cb*() is available only in 1.1.0.
Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
(cherry picked from commit f665c93e1d28fbab3d9127a8c3985cc32940824f)
---
src/crypto/tls_openssl.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index c4170b6..bceb8c3 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2779,6 +2779,15 @@ static int tls_connection_private_key(struct tls_data *data,
} else
passwd = NULL;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ /*
+ * In OpenSSL >= 1.1.0f SSL_use_PrivateKey_file() uses the callback
+ * from the SSL object. See OpenSSL commit d61461a75253.
+ */
+ SSL_set_default_passwd_cb(conn->ssl, tls_passwd_cb);
+ SSL_set_default_passwd_cb_userdata(conn->ssl, passwd);
+#endif /* >= 1.1.0f && !LibreSSL */
+ /* Keep these for OpenSSL < 1.1.0f */
SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb);
SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd);
@@ -2869,6 +2878,9 @@ static int tls_connection_private_key(struct tls_data *data,
return -1;
}
ERR_clear_error();
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ SSL_set_default_passwd_cb(conn->ssl, NULL);
+#endif /* >= 1.1.0f && !LibreSSL */
SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
os_free(passwd);
--
2.9.3
From b2887d6964a406eb5f88f4ad4e9764c468954382 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Mon, 17 Jul 2017 12:06:17 +0300
Subject: [PATCH 2/2] OpenSSL: Clear default_passwd_cb more thoroughly
Previously, the pointer to strdup passwd was left in OpenSSL library
default_passwd_cb_userdata and even the default_passwd_cb was left set
on an error path. To avoid unexpected behavior if something were to
manage to use there pointers, clear them explicitly once done with
loading of the private key.
Signed-off-by: Jouni Malinen <j@w1.fi>
(cherry picked from commit 89971d8b1e328a2f79699c953625d1671fd40384)
---
src/crypto/tls_openssl.c | 22 +++++++++++++++++-----
1 file changed, 17 insertions(+), 5 deletions(-)
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index bceb8c3..770af9e 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2758,6 +2758,19 @@ static int tls_connection_engine_private_key(struct tls_connection *conn)
}
+static void tls_clear_default_passwd_cb(SSL_CTX *ssl_ctx, SSL *ssl)
+{
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ if (ssl) {
+ SSL_set_default_passwd_cb(ssl, NULL);
+ SSL_set_default_passwd_cb_userdata(ssl, NULL);
+ }
+#endif /* >= 1.1.0f && !LibreSSL */
+ SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
+ SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, NULL);
+}
+
+
static int tls_connection_private_key(struct tls_data *data,
struct tls_connection *conn,
const char *private_key,
@@ -2874,14 +2887,12 @@ static int tls_connection_private_key(struct tls_data *data,
if (!ok) {
tls_show_errors(MSG_INFO, __func__,
"Failed to load private key");
+ tls_clear_default_passwd_cb(ssl_ctx, conn->ssl);
os_free(passwd);
return -1;
}
ERR_clear_error();
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- SSL_set_default_passwd_cb(conn->ssl, NULL);
-#endif /* >= 1.1.0f && !LibreSSL */
- SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
+ tls_clear_default_passwd_cb(ssl_ctx, conn->ssl);
os_free(passwd);
if (!SSL_check_private_key(conn->ssl)) {
@@ -2924,13 +2935,14 @@ static int tls_global_private_key(struct tls_data *data,
tls_read_pkcs12(data, NULL, private_key, passwd)) {
tls_show_errors(MSG_INFO, __func__,
"Failed to load private key");
+ tls_clear_default_passwd_cb(ssl_ctx, NULL);
os_free(passwd);
ERR_clear_error();
return -1;
}
+ tls_clear_default_passwd_cb(ssl_ctx, NULL);
os_free(passwd);
ERR_clear_error();
- SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
if (!SSL_CTX_check_private_key(ssl_ctx)) {
tls_show_errors(MSG_INFO, __func__,
--
2.9.3

99
source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch
View file

@ -1,99 +0,0 @@
From 290834df69556b903b49f2a45671cc62b44f13bb Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Fri, 28 Apr 2017 17:59:30 +0200
Subject: [PATCH] nl80211: Fix race condition in detecting MAC change
Commit 3e0272ca00ce1df35b45e7d739dd7e935f13fd84 ('nl80211: Re-read MAC
address on RTM_NEWLINK') added the detection of external changes to MAC
address when the interface is brought up.
If the interface state is changed quickly enough, wpa_supplicant may
receive the netlink message for the !IFF_UP event when the interface
has already been brought up and would ignore the next netlink IFF_UP
message, missing the MAC change.
Fix this by also reloading the MAC address when a !IFF_UP event is
received with the interface up, because this implies that the
interface went down and up again, possibly changing the address.
Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
---
src/drivers/driver_nl80211.c | 47 +++++++++++++++++++++++++-------------------
1 file changed, 27 insertions(+), 20 deletions(-)
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index af1cb84..24fad29 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -933,6 +933,30 @@ nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
}
+static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv,
+ int ifindex)
+{
+ struct i802_bss *bss;
+ u8 addr[ETH_ALEN];
+
+ bss = get_bss_ifindex(drv, ifindex);
+ if (bss &&
+ linux_get_ifhwaddr(drv->global->ioctl_sock,
+ bss->ifname, addr) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "nl80211: %s: failed to re-read MAC address",
+ bss->ifname);
+ } else if (bss && os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
+ wpa_printf(MSG_DEBUG,
+ "nl80211: Own MAC address on ifindex %d (%s) changed from "
+ MACSTR " to " MACSTR,
+ ifindex, bss->ifname,
+ MAC2STR(bss->addr), MAC2STR(addr));
+ os_memcpy(bss->addr, addr, ETH_ALEN);
+ }
+}
+
+
static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
struct ifinfomsg *ifi,
u8 *buf, size_t len)
@@ -997,6 +1021,8 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
namebuf[0] = '\0';
if (if_indextoname(ifi->ifi_index, namebuf) &&
linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) {
+ /* Re-read MAC address as it may have changed */
+ nl80211_refresh_mac(drv, ifi->ifi_index);
wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
"event since interface %s is up", namebuf);
drv->ignore_if_down_event = 0;
@@ -1044,27 +1070,8 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
"event since interface %s is marked "
"removed", drv->first_bss->ifname);
} else {
- struct i802_bss *bss;
- u8 addr[ETH_ALEN];
-
/* Re-read MAC address as it may have changed */
- bss = get_bss_ifindex(drv, ifi->ifi_index);
- if (bss &&
- linux_get_ifhwaddr(drv->global->ioctl_sock,
- bss->ifname, addr) < 0) {
- wpa_printf(MSG_DEBUG,
- "nl80211: %s: failed to re-read MAC address",
- bss->ifname);
- } else if (bss &&
- os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
- wpa_printf(MSG_DEBUG,
- "nl80211: Own MAC address on ifindex %d (%s) changed from "
- MACSTR " to " MACSTR,
- ifi->ifi_index, bss->ifname,
- MAC2STR(bss->addr),
- MAC2STR(addr));
- os_memcpy(bss->addr, addr, ETH_ALEN);
- }
+ nl80211_refresh_mac(drv, ifi->ifi_index);
wpa_printf(MSG_DEBUG, "nl80211: Interface up");
drv->if_disabled = 0;
--
2.9.3

78
source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch
View file

@ -1,78 +0,0 @@
From 0ad5893a2f1f521d44712cd395e067ccf0a397c3 Mon Sep 17 00:00:00 2001
From: Michael Braun <michael-dev@fami-braun.de>
Date: Fri, 18 Aug 2017 01:14:28 +0200
Subject: PAE: Validate input before pointer
ieee802_1x_kay_decode_mkpdu() calls ieee802_1x_mka_i_in_peerlist()
before body_len has been checked on all segments.
ieee802_1x_kay_decode_mkpdu() and ieee802_1x_mka_i_in_peerlist() might
continue and thus underflow left_len even if it finds left_len to small
(or before checking).
Additionally, ieee802_1x_mka_dump_peer_body() might perform out of bound
reads in this case.
Fix this by checking left_len and aborting if too small early.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
---
src/pae/ieee802_1x_kay.c | 23 ++++++++++++-----------
1 file changed, 12 insertions(+), 11 deletions(-)
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index c4bfcbc..cad0292 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -964,21 +964,19 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
body_len = get_mka_param_body_len(hdr);
body_type = get_mka_param_body_type(hdr);
- if (body_type != MKA_LIVE_PEER_LIST &&
- body_type != MKA_POTENTIAL_PEER_LIST)
- continue;
-
- ieee802_1x_mka_dump_peer_body(
- (struct ieee802_1x_mka_peer_body *)pos);
-
- if (left_len < (MKA_HDR_LEN + body_len + DEFAULT_ICV_LEN)) {
+ if (left_len < (MKA_HDR_LEN + MKA_ALIGN_LENGTH(body_len) + DEFAULT_ICV_LEN)) {
wpa_printf(MSG_ERROR,
"KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV",
left_len, MKA_HDR_LEN,
- body_len, DEFAULT_ICV_LEN);
- continue;
+ MKA_ALIGN_LENGTH(body_len),
+ DEFAULT_ICV_LEN);
+ return FALSE;
}
+ if (body_type != MKA_LIVE_PEER_LIST &&
+ body_type != MKA_POTENTIAL_PEER_LIST)
+ continue;
+
if ((body_len % 16) != 0) {
wpa_printf(MSG_ERROR,
"KaY: MKA Peer Packet Body Length (%zu bytes) should be a multiple of 16 octets",
@@ -986,6 +984,9 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
continue;
}
+ ieee802_1x_mka_dump_peer_body(
+ (struct ieee802_1x_mka_peer_body *)pos);
+
for (i = 0; i < body_len;
i += sizeof(struct ieee802_1x_mka_peer_id)) {
const struct ieee802_1x_mka_peer_id *peer_mi;
@@ -3018,7 +3019,7 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay,
"KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV",
left_len, MKA_HDR_LEN,
body_len, DEFAULT_ICV_LEN);
- continue;
+ return -1;
}
if (handled[body_type])
--
cgit v0.12

2
source/n/wpa_supplicant/slack-desc
View file

@ -13,6 +13,6 @@ wpa_supplicant: component that is used in the client stations. It implements key
wpa_supplicant: negotiation with a WPA Authenticator and it controls the roaming and
wpa_supplicant: IEEE 802.11 authentication/association of the wlan driver.
wpa_supplicant:
wpa_supplicant: More info: http://hostap.epitest.fi/wpa_supplicant/
wpa_supplicant: Homepage: http://hostap.epitest.fi/wpa_supplicant/
wpa_supplicant:
wpa_supplicant:

16
source/n/wpa_supplicant/wpa_supplicant.SlackBuild
View file

@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=wpa_supplicant
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-6}
BUILD=${BUILD:-1}
SRCVERSION=$(printf $VERSION | tr _ -)
@ -85,15 +85,6 @@ find . \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \;
zcat $CWD/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch.gz | patch -p1 || exit 1
zcat $CWD/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch.gz | patch -p1 || exit 1
zcat $CWD/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch.gz | patch -p1 || exit 1
zcat $CWD/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch.gz | patch -p1 || exit 1
zcat $CWD/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch.gz | patch -p1 || exit 1
zcat $CWD/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch.gz | patch -p1 || exit 1
zcat $CWD/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch.gz | patch -p1 || exit 1
zcat $CWD/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch.gz | patch -p1 || exit 1
# Fixup various paths in the dbus service file
zcat $CWD/patches/dbus-service-file-args.diff.gz | patch -p1 --verbose || exit 1
@ -103,11 +94,6 @@ zcat $CWD/patches/quiet-scan-results-message.diff.gz | patch -p1 --verbose || ex
# Apply a few other patches from Fedora
zcat $CWD/patches/assoc-timeout.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/flush-debug-output.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/rh1497640-pae-validate-input-before-pointer.patch.gz | patch -p1 --verbose || exit 1
# Support OpenSSL-1.1.x:
zcat $CWD/patches/Fix-openssl-1-1-private-key-callback.patch.gz | patch -p1 --verbose || exit 1
cd wpa_supplicant

6
source/x/mesa/doinst.sh
View file

@ -10,4 +10,8 @@ config() {
fi
# Otherwise, we leave the .new copy for the admin to consider...
}
config etc/drirc.new
# Don't mess with /etc/drirc. Mesa now installs the defaults as
# /usr/share/drirc.d/00-mesa-defaults.conf. We won't protect that
# as a .new file as it shouldn't be modified. Create /etc/drirc if
# you need local overrides.
#config etc/drirc.new

4
source/x/mesa/mesa.SlackBuild
View file

@ -148,7 +148,9 @@ make install DESTDIR=$PKG || exit 1
rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
# Install /etc/drirc as a .new file:
mv $PKG/etc/drirc $PKG/etc/drirc.new
if [ -r $PKG/etc/drirc ]; then
mv $PKG/etc/drirc $PKG/etc/drirc.new
fi
# Now build/install a small subset of the demos:
export CWD SLKCFLAGS NUMJOBS PKG

2
source/x/x11/build/xf86-video-i740
View file

@ -1 +1 @@
3
1

26
source/xfce/thunar-volman/0001-Fix-return-with-no-value-in-function-returning-non-v.patch
View file

@ -1,26 +0,0 @@
From 2e295e9ce8f7f60a271adf004588b0d8db88db09 Mon Sep 17 00:00:00 2001
From: Matt Thirtytwo <matt.59491@gmail.com>
Date: Sat, 7 Mar 2015 22:50:32 +0100
Subject: [PATCH] Fix return with no value in function returning non-void (bug
#11656)
---
thunar-volman/tvm-block-device.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/thunar-volman/tvm-block-device.c b/thunar-volman/tvm-block-device.c
index da31efa..edb6cad 100644
--- a/thunar-volman/tvm-block-device.c
+++ b/thunar-volman/tvm-block-device.c
@@ -714,7 +714,7 @@ tvm_block_device_mount (TvmContext *context)
GMountOperation *mount_operation;
GVolume *volume;
- g_return_if_fail (context != NULL);
+ g_return_val_if_fail ((context != NULL), FALSE);
/* determine the GVolume corresponding to the udev device */
volume =
--
2.3.3

8
source/xfce/thunar-volman/thunar-volman.SlackBuild
View file

@ -2,7 +2,7 @@
# Slackware build script for thunar-volman
# Copyright 2007-2015 Robby Workman, Tuscaloosa, Alabama, USA
# Copyright 2007-2018 Robby Workman, Tuscaloosa, Alabama, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=thunar-volman
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-3}
BUILD=${BUILD:-1}
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
@ -67,7 +67,7 @@ rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP
rm -rf $PKGNAM-$VERSION
tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
cd $PKGNAM-$VERSION || exit 1
chown -R root:root .
find . \
@ -76,8 +76,6 @@ find . \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \;
patch -p1 < $CWD/0001-Fix-return-with-no-value-in-function-returning-non-v.patch
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
./configure \