#!/bin/bash # Copyright 2004-2008 Eric Hameleers, Eindhoven, NL # Copyright 2008-2021 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is # permitted provided that the following conditions are met: # # 1. Redistributions of this script must retain the above copyright # notice, this list of conditions and the following disclaimer. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. cd $(dirname $0) ; CWD=$(pwd) PKGNAM=wpa_supplicant VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-8} SRCVERSION=$(printf $VERSION | tr _ -) # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi # If the variable PRINT_PACKAGE_NAME is set, then this script will report what # the name of the created package would be, and then exit. This information # could be useful to other scripts. if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" exit 0 fi NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} if [ "$ARCH" = "i586" ]; then SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" LIBDIRSUFFIX="" elif [ "$ARCH" = "x86_64" ]; then SLKCFLAGS="-O2 -fPIC" LIBDIRSUFFIX="64" elif [ "$ARCH" = "arm" ]; then SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" LIBDIRSUFFIX="" elif [ "$ARCH" = "armel" ]; then SLKCFLAGS="-O2 -march=armv4t" LIBDIRSUFFIX="" else SLKCFLAGS="-O2" LIBDIRSUFFIX="" fi TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf ${PKGNAM}-${SRCVERSION} tar xvf $CWD/${PKGNAM}-${SRCVERSION}.tar.?z* || exit 1 cd ${PKGNAM}-${SRCVERSION} chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ -exec chmod 755 {} \+ -o \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \+ zcat $CWD/patches/wpa_supplicant-flush-debug-output.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/wpa_supplicant-gui-qt4.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/wpa_supplicant-quiet-scan-results-message.patch.gz | patch -p1 --verbose || exit 1 # Security fixes for CVE-2021-0326 CVE-2021-0535 CVE-2020-12695 CVE-2019-16275 CVE-2021-27803 CVE-2021-30004: zcat $CWD/patches/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/0001-P2P-Fix-copying-of-secondary-device-types-for-P2P-gr.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/a0541334a6394f8237a4393b7372693cd7e96f15.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/8ca330bd709bf7c000dfda5b1edbc0cbeabb8b55.patch.gz | patch -p1 --verbose || exit 1 # Allow legacy tls to avoid breaking WPA2-Enterprise: zcat $CWD/patches/allow-tlsv1.patch.gz | patch -p1 --verbose || exit 1 cd wpa_supplicant # Create the configuration file for building wpa_supplicant: cat $CWD/config/dot.config > .config # Build the usual binaries CFLAGS="$SLKCFLAGS" \ make $NUMJOBS \ BINDIR=/usr/sbin \ LIBDIR=/usr/lib${LIBDIRSUFFIX} || exit 1 # Build the Qt5 GUI client #The following directory name is labelled qt4, but is compatible with qt5. #pushd wpa_gui-qt4 && #qmake wpa_gui.pro && #make && #popd pushd wpa_gui-qt4 qmake-qt5 wpa_gui.pro CFLAGS="$SLKCFLAGS" \ make $NUMJOBS \ BINDIR=/usr/sbin \ LIBDIR=/usr/lib${LIBDIRSUFFIX} || exit 1 popd # Make sure man pages are built make -C doc/docbook man # This goes into the doc directory later on: mv wpa_supplicant.conf wpa_supplicant.conf.sample # Install binaries: mkdir -p $PKG/usr/sbin $PKG/usr/bin cp wpa_supplicant wpa_passphrase wpa_cli $PKG/usr/sbin/ cp wpa_gui-qt4/wpa_gui $PKG/usr/bin/ find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null # Install dbus configuration file: mkdir -p $PKG/usr/share/dbus-1/system.d/ cp dbus/dbus-wpa_supplicant.conf \ $PKG/usr/share/dbus-1/system.d/dbus-wpa_supplicant.conf mkdir -p $PKG/usr/share/dbus-1/system-services install -m644 dbus/*.service $PKG/usr/share/dbus-1/system-services/ # Install a .desktop file and icon for wpa_gui: # (converted from the wpa_gui.svg in the source) mkdir -p $PKG/usr/share/{applications,pixmaps} cat $CWD/config/wpa_gui.desktop > $PKG/usr/share/applications/wpa_gui.desktop cat $CWD/config/wpa_gui.png > $PKG/usr/share/pixmaps/wpa_gui.png # Install a logrotate config mkdir -p $PKG/etc/logrotate.d cat $CWD/config/wpa_supplicant.logrotate > $PKG/etc/logrotate.d/wpa_supplicant.new # Install man pages: for m in 5 8; do mkdir -p $PKG/usr/man/man${m} cp doc/docbook/*.${m} $PKG/usr/man/man${m}/ done find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \+ # Install a default configuration file (only readable by root): mkdir -p $PKG/etc cat $CWD/config/wpa_supplicant.conf > $PKG/etc/wpa_supplicant.conf.new chmod 600 $PKG/etc/wpa_supplicant.conf.new mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION cp -a \ ChangeLog ../COPYING README README-{P2P,WPS} examples *.txt *.sample $CWD/README.slackware \ $PKG/usr/doc/$PKGNAM-$VERSION chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION/* chmod -R a-w $PKG/usr/doc/$PKGNAM-$VERSION/* # If there's a ChangeLog, installing at least part of the recent history # is useful, but don't let it get totally out of control: if [ -r ChangeLog ]; then DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog touch -r ChangeLog $DOCSDIR/ChangeLog fi mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc zcat $CWD/doinst.sh.gz >> $PKG/install/doinst.sh cd $PKG /sbin/makepkg -l y -c n $TMP/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}.txz