import hostapd-2.10-1.el8
This commit is contained in:
commit
850b1e318a
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
SOURCES/hostapd-2.10.tar.gz
|
1
.hostapd.metadata
Normal file
1
.hostapd.metadata
Normal file
@ -0,0 +1 @@
|
|||||||
|
1012a46ed74d7760aec3cfe435eb8bac23f5dde9 SOURCES/hostapd-2.10.tar.gz
|
40
SOURCES/hostapd.conf
Normal file
40
SOURCES/hostapd.conf
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
#
|
||||||
|
# This will give you a minimal, insecure wireless network.
|
||||||
|
#
|
||||||
|
# DO NOT BE SATISFIED WITH THAT!!!
|
||||||
|
#
|
||||||
|
# A complete, well commented example configuration file is
|
||||||
|
# available here:
|
||||||
|
#
|
||||||
|
# /usr/share/doc/hostapd/hostapd.conf
|
||||||
|
#
|
||||||
|
# For more information, look here:
|
||||||
|
#
|
||||||
|
# http://wireless.kernel.org/en/users/Documentation/hostapd
|
||||||
|
#
|
||||||
|
|
||||||
|
ctrl_interface=/var/run/hostapd
|
||||||
|
ctrl_interface_group=wheel
|
||||||
|
|
||||||
|
# Some usable default settings...
|
||||||
|
macaddr_acl=0
|
||||||
|
auth_algs=1
|
||||||
|
ignore_broadcast_ssid=0
|
||||||
|
|
||||||
|
# Uncomment these for base WPA & WPA2 support with a pre-shared key
|
||||||
|
#wpa=3
|
||||||
|
#wpa_key_mgmt=WPA-PSK
|
||||||
|
#wpa_pairwise=TKIP
|
||||||
|
#rsn_pairwise=CCMP
|
||||||
|
|
||||||
|
# DO NOT FORGET TO SET A WPA PASSPHRASE!!
|
||||||
|
#wpa_passphrase=YourPassPhrase
|
||||||
|
|
||||||
|
# Most modern wireless drivers in the kernel need driver=nl80211
|
||||||
|
driver=nl80211
|
||||||
|
|
||||||
|
# Customize these for your local configuration...
|
||||||
|
interface=
|
||||||
|
hw_mode=
|
||||||
|
channel=
|
||||||
|
ssid=
|
127
SOURCES/hostapd.conf.5
Normal file
127
SOURCES/hostapd.conf.5
Normal file
@ -0,0 +1,127 @@
|
|||||||
|
.\" Manpage for hostapd.conf.
|
||||||
|
.\" Original scrape of https://www.daemon-systems.org/man/hostapd.conf.5.html
|
||||||
|
.\" Contact linville@redhat.com to correct errors or typos.
|
||||||
|
.TH hostapd.conf 5 "10 Feb 2021" "1.0" "hostapd.conf man page"
|
||||||
|
.SH NAME
|
||||||
|
hostapd.conf \- configuration file for hostapd(8) utility
|
||||||
|
.SH DESCRIPTION
|
||||||
|
The hostapd.conf utility is an authenticator for IEEE 802.11 networks.
|
||||||
|
It provides full support for WPA/IEEE 802.11i and can also act as an IEEE
|
||||||
|
802.1X Authenticator with a suitable backend Authentication Server
|
||||||
|
(typically FreeRADIUS).
|
||||||
|
The configuration file consists of global parameters and domain specific
|
||||||
|
configuration:
|
||||||
|
.P
|
||||||
|
\(bu IEEE 802.1X-2004
|
||||||
|
.P
|
||||||
|
\(bu RADIUS client
|
||||||
|
.P
|
||||||
|
\(bu RADIUS authentication server
|
||||||
|
.P
|
||||||
|
\(bu WPA/IEEE 802.11i
|
||||||
|
.SH GLOBAL PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS interface
|
||||||
|
Interface name. Should be set in "hostap" mode.
|
||||||
|
.SS debug
|
||||||
|
Debugging mode: 0 = no, 1 = minimal, 2 = verbose, 3 = msg dumps,
|
||||||
|
4 = excessive.
|
||||||
|
.SS dump_file
|
||||||
|
Dump file for state information (on SIGUSR1).
|
||||||
|
.SS ctrl_interface
|
||||||
|
The pathname of the directory in which hostapd(8) creates UNIX
|
||||||
|
domain socket files for communication with frontend programs such
|
||||||
|
as hostapd_cli(8).
|
||||||
|
.SS ctrl_interface_group
|
||||||
|
A group name or group ID to use in setting protection on the
|
||||||
|
control interface file. This can be set to allow non-root users
|
||||||
|
to access the control interface files. If no group is specified,
|
||||||
|
the group ID of the control interface is not modified and will,
|
||||||
|
typically, be the group ID of the directory in which the socket
|
||||||
|
is created.
|
||||||
|
.SH IEEE 802.1X-2004 PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS ieee8021x
|
||||||
|
Require IEEE 802.1X authorization.
|
||||||
|
.SS eap_message
|
||||||
|
Optional displayable message sent with EAP Request-Identity.
|
||||||
|
.SS wep_key_len_broadcast
|
||||||
|
Key lengths for broadcast keys.
|
||||||
|
.SS wep_key_len_unicast
|
||||||
|
Key lengths for unicast keys.
|
||||||
|
.SS wep_rekey_period
|
||||||
|
Rekeying period in seconds.
|
||||||
|
.SS eapol_key_index_workaround
|
||||||
|
EAPOL-Key index workaround (set bit7) for WinXP Supplicant.
|
||||||
|
.SS eap_reauth_period
|
||||||
|
EAP reauthentication period in seconds. To disable
|
||||||
|
reauthentication, use "0".
|
||||||
|
.SH RADIUS CLIENT PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS own_ip_addr
|
||||||
|
The own IP address of the access point (used as NAS-IP-Address).
|
||||||
|
.SS nas_identifier
|
||||||
|
Optional NAS-Identifier string for RADIUS messages.
|
||||||
|
.SS auth_server_addr, auth_server_port, auth_server_shared_secret
|
||||||
|
RADIUS authentication server parameters. Can be defined twice
|
||||||
|
for secondary servers to be used if primary one does not reply to
|
||||||
|
RADIUS packets.
|
||||||
|
.SS acct_server_addr, acct_server_port, acct_server_shared_secret
|
||||||
|
RADIUS accounting server parameters. Can be defined twice for
|
||||||
|
secondary servers to be used if primary one does not reply to
|
||||||
|
RADIUS packets.
|
||||||
|
.SS radius_retry_primary_interval
|
||||||
|
Retry interval for trying to return to the primary RADIUS server
|
||||||
|
(in seconds).
|
||||||
|
.SS radius_acct_interim_interval
|
||||||
|
Interim accounting update interval. If this is set (larger than
|
||||||
|
0) and acct_server is configured, hostapd(8) will send interim
|
||||||
|
accounting updates every N seconds.
|
||||||
|
.SH RADIUS AUTHENTICATION SERVER PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS radius_server_clients
|
||||||
|
File name of the RADIUS clients configuration for the RADIUS
|
||||||
|
server. If this is commented out, RADIUS server is disabled.
|
||||||
|
.SS radius_server_auth_port
|
||||||
|
The UDP port number for the RADIUS authentication server.
|
||||||
|
.SS radius_server_ipv6
|
||||||
|
Use IPv6 with RADIUS server.
|
||||||
|
.SH WPA/IEEE 802.11i PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS wpa
|
||||||
|
Enable WPA. Setting this variable configures the AP to require
|
||||||
|
WPA (either WPA-PSK or WPA-RADIUS/EAP based on other
|
||||||
|
configuration).
|
||||||
|
.SS wpa_psk, wpa_passphrase
|
||||||
|
WPA pre-shared keys for WPA-PSK. This can be either entered as a
|
||||||
|
256-bit secret in hex format (64 hex digits), wpa_psk, or as an
|
||||||
|
ASCII passphrase (8..63 characters) that will be converted to
|
||||||
|
PSK. This conversion uses SSID so the PSK changes when ASCII
|
||||||
|
passphrase is used and the SSID is changed.
|
||||||
|
.SS wpa_psk_file
|
||||||
|
Optionally, WPA PSKs can be read from a separate text file
|
||||||
|
(containing a list of (PSK,MAC address) pairs.
|
||||||
|
.SS wpa_key_mgmt
|
||||||
|
Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or
|
||||||
|
both).
|
||||||
|
.SS wpa_pairwise
|
||||||
|
Set of accepted cipher suites (encryption algorithms) for
|
||||||
|
pairwise keys (unicast packets). See the example file for more
|
||||||
|
information.
|
||||||
|
.SS wpa_group_rekey
|
||||||
|
Time interval for rekeying GTK (broadcast/multicast encryption
|
||||||
|
keys) in seconds.
|
||||||
|
.SS wpa_strict_rekey
|
||||||
|
Rekey GTK when any STA that possesses the current GTK is leaving
|
||||||
|
the BSS.
|
||||||
|
.SS wpa_gmk_rekey
|
||||||
|
Time interval for rekeying GMK (master key used internally to
|
||||||
|
generate GTKs (in seconds).
|
||||||
|
.SH SEE ALSO
|
||||||
|
hostapd(8), hostapd_cli(8), /usr/share/examples/hostapd/hostapd.conf
|
||||||
|
.SH HISTORY
|
||||||
|
The hostapd.conf manual page and hostapd(8) functionality first appeared
|
||||||
|
in NetBSD 4.0.
|
||||||
|
.SH AUTHORS
|
||||||
|
This manual page is derived from the README and hostapd.conf files in the
|
||||||
|
hostapd distribution provided by Jouni Malinen <jkmaline@cc.hut.fi>.
|
89
SOURCES/hostapd.init
Normal file
89
SOURCES/hostapd.init
Normal file
@ -0,0 +1,89 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# hostapd
|
||||||
|
#
|
||||||
|
# chkconfig: - 23 88
|
||||||
|
# description: hostapd is a user space daemon for access point and
|
||||||
|
# authentication servers. It implements IEEE 802.11 access point
|
||||||
|
# management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS
|
||||||
|
# authentication server.
|
||||||
|
# processname: hostapd
|
||||||
|
# config: /etc/hostapd/hostapd.conf
|
||||||
|
#
|
||||||
|
### BEGIN INIT INFO
|
||||||
|
# Provides: hostapd
|
||||||
|
# Required-Start: $network
|
||||||
|
# Required-Stop: $network
|
||||||
|
# Default-Start:
|
||||||
|
# Default-Stop: 0 1 6
|
||||||
|
# Short-Description: start and stop hostapd
|
||||||
|
# Description: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
|
||||||
|
### END INIT INFO
|
||||||
|
|
||||||
|
# Source function library.
|
||||||
|
. /etc/rc.d/init.d/functions
|
||||||
|
|
||||||
|
# Source networking configuration.
|
||||||
|
. /etc/sysconfig/network
|
||||||
|
|
||||||
|
exec="/usr/sbin/hostapd"
|
||||||
|
prog=hostapd
|
||||||
|
conf="/etc/hostapd/hostapd.conf"
|
||||||
|
lockfile=/var/lock/subsys/$prog
|
||||||
|
|
||||||
|
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
|
||||||
|
|
||||||
|
start() {
|
||||||
|
echo -n $"Starting $prog: $conf"
|
||||||
|
daemon $prog -B $OTHER_ARGS $conf
|
||||||
|
retval=$?
|
||||||
|
echo
|
||||||
|
[ $retval -eq 0 ] && touch $lockfile
|
||||||
|
return $retval
|
||||||
|
}
|
||||||
|
|
||||||
|
stop() {
|
||||||
|
echo -n $"Stopping $prog: "
|
||||||
|
killproc $prog
|
||||||
|
retval=$?
|
||||||
|
echo
|
||||||
|
[ $retval -eq 0 ] && rm -f $lockfile
|
||||||
|
return $retval
|
||||||
|
}
|
||||||
|
|
||||||
|
restart() {
|
||||||
|
stop
|
||||||
|
start
|
||||||
|
}
|
||||||
|
|
||||||
|
reload() {
|
||||||
|
restart
|
||||||
|
}
|
||||||
|
|
||||||
|
force_reload() {
|
||||||
|
restart
|
||||||
|
}
|
||||||
|
|
||||||
|
fdr_status() {
|
||||||
|
status $prog
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
start|stop|restart|reload)
|
||||||
|
$1
|
||||||
|
;;
|
||||||
|
force-reload)
|
||||||
|
force_reload
|
||||||
|
;;
|
||||||
|
status)
|
||||||
|
fdr_status
|
||||||
|
;;
|
||||||
|
condrestart|try-restart)
|
||||||
|
[ -f $lockfile ] && restart
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo $"Usage: $0 {start|stop|status|restart|try-restart|reload|force-reload}"
|
||||||
|
exit 1
|
||||||
|
esac
|
||||||
|
|
12
SOURCES/hostapd.service
Normal file
12
SOURCES/hostapd.service
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=forking
|
||||||
|
PIDFile=/run/hostapd.pid
|
||||||
|
EnvironmentFile=/etc/sysconfig/hostapd
|
||||||
|
ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B $OTHER_ARGS
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
5
SOURCES/hostapd.sysconfig
Normal file
5
SOURCES/hostapd.sysconfig
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
# Other arguments
|
||||||
|
# -d show more debug messages (-dd for even more)
|
||||||
|
# -K include key data in debug messages
|
||||||
|
# -t include timestamps in some debug messages
|
||||||
|
OTHER_ARGS=""
|
472
SPECS/hostapd.spec
Normal file
472
SPECS/hostapd.spec
Normal file
@ -0,0 +1,472 @@
|
|||||||
|
%global _hardened_build 1
|
||||||
|
|
||||||
|
Name: hostapd
|
||||||
|
Version: 2.10
|
||||||
|
Release: 1%{?dist}
|
||||||
|
Summary: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
|
||||||
|
License: BSD
|
||||||
|
URL: http://w1.fi/hostapd
|
||||||
|
|
||||||
|
Source0: http://w1.fi/releases/%{name}-%{version}.tar.gz
|
||||||
|
Source1: %{name}.service
|
||||||
|
Source2: %{name}.conf
|
||||||
|
Source3: %{name}.conf.5
|
||||||
|
Source4: %{name}.sysconfig
|
||||||
|
Source5: %{name}.init
|
||||||
|
|
||||||
|
BuildRequires: libnl3-devel
|
||||||
|
BuildRequires: openssl-devel
|
||||||
|
BuildRequires: perl-generators
|
||||||
|
BuildRequires: gcc
|
||||||
|
|
||||||
|
%if 0%{?fedora} || 0%{?rhel} >= 7
|
||||||
|
BuildRequires: systemd
|
||||||
|
BuildRequires: make
|
||||||
|
Requires(post): systemd
|
||||||
|
Requires(preun): systemd
|
||||||
|
Requires(postun): systemd
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%if 0%{?rhel} == 6
|
||||||
|
Requires(post): /sbin/chkconfig
|
||||||
|
Requires(preun): /sbin/chkconfig
|
||||||
|
Requires(preun): /sbin/service
|
||||||
|
Requires(postun): /sbin/service
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%description
|
||||||
|
%{name} is a user space daemon for access point and authentication servers. It
|
||||||
|
implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP
|
||||||
|
Authenticators and RADIUS authentication server.
|
||||||
|
|
||||||
|
%{name} is designed to be a "daemon" program that runs in the back-ground and
|
||||||
|
acts as the backend component controlling authentication. %{name} supports
|
||||||
|
separate frontend programs and an example text-based frontend, hostapd_cli, is
|
||||||
|
included with %{name}.
|
||||||
|
|
||||||
|
%package logwatch
|
||||||
|
Summary: Logwatch scripts for hostapd
|
||||||
|
Requires: %{name} = %{version}-%{release}
|
||||||
|
Requires: logwatch
|
||||||
|
%if 0%{?rhel} == 6 || 0%{?rhel} == 7
|
||||||
|
Requires: perl
|
||||||
|
%else
|
||||||
|
Requires: perl-interpreter
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%description logwatch
|
||||||
|
Logwatch scripts for hostapd.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%setup -q
|
||||||
|
|
||||||
|
%build
|
||||||
|
cd hostapd
|
||||||
|
cat defconfig | sed \
|
||||||
|
-e '$ a CONFIG_SAE=y' \
|
||||||
|
-e '$ a CONFIG_SUITEB192=y' \
|
||||||
|
-e '$ a CONFIG_TLS_DEFAULT_CIPHERS="PROFILE=SYSTEM:3DES"' \
|
||||||
|
-e '/^#CONFIG_DRIVER_NL80211=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_RADIUS_SERVER=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_DRIVER_WIRED=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_DRIVER_NONE=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_IEEE80211N=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_IEEE80211R=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_IEEE80211AC=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_FULL_DYNAMIC_VLAN=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_LIBNL32=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_ACS=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_OWE=y/s/^#//' \
|
||||||
|
-e '/^#CONFIG_WEP=y/s/^#//' \
|
||||||
|
> .config
|
||||||
|
echo "CFLAGS += -I%{_includedir}/libnl3" >> .config
|
||||||
|
echo "LIBS += -L%{_libdir}" >> .config
|
||||||
|
export CFLAGS="${CFLAGS:-%optflags} -fPIE -DPIE"
|
||||||
|
export CXXFLAGS="${CXXFLAGS:-%optflags} -fPIE -DPIE"
|
||||||
|
export LDFLAGS="${LDFLAGS:-%optflags} -pie -Wl,-z,now"
|
||||||
|
make %{?_smp_mflags} V=1
|
||||||
|
|
||||||
|
%install
|
||||||
|
%if 0%{?fedora} || 0%{?rhel} >= 7
|
||||||
|
|
||||||
|
# Systemd unit files
|
||||||
|
install -p -m 644 -D %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
|
||||||
|
|
||||||
|
%else
|
||||||
|
|
||||||
|
# Initscripts
|
||||||
|
install -p -m 755 -D %{SOURCE5} %{buildroot}%{_initrddir}/%{name}
|
||||||
|
|
||||||
|
%endif
|
||||||
|
|
||||||
|
# logwatch files
|
||||||
|
install -d %{buildroot}/%{_sysconfdir}/logwatch/conf/services
|
||||||
|
install -pm 0644 %{name}/logwatch/%{name}.conf \
|
||||||
|
%{buildroot}/%{_sysconfdir}/logwatch/conf/services/%{name}.conf
|
||||||
|
install -d %{buildroot}/%{_sysconfdir}/logwatch/scripts/services
|
||||||
|
install -pm 0755 %{name}/logwatch/%{name} \
|
||||||
|
%{buildroot}/%{_sysconfdir}/logwatch/scripts/services/%{name}
|
||||||
|
|
||||||
|
# config files
|
||||||
|
install -d %{buildroot}/%{_sysconfdir}/%{name}
|
||||||
|
install -pm 0600 %{SOURCE2} %{buildroot}/%{_sysconfdir}/%{name}
|
||||||
|
|
||||||
|
install -d %{buildroot}/%{_sysconfdir}/sysconfig
|
||||||
|
install -pm 0644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/sysconfig/%{name}
|
||||||
|
|
||||||
|
# binaries
|
||||||
|
install -d %{buildroot}/%{_sbindir}
|
||||||
|
install -pm 0755 %{name}/%{name} %{buildroot}%{_sbindir}/%{name}
|
||||||
|
install -pm 0755 %{name}/%{name}_cli %{buildroot}%{_sbindir}/%{name}_cli
|
||||||
|
|
||||||
|
# man pages
|
||||||
|
install -d %{buildroot}%{_mandir}/man{1,5,8}
|
||||||
|
install -pm 0644 %{name}/%{name}_cli.1 %{buildroot}%{_mandir}/man1
|
||||||
|
install -pm 0644 %{SOURCE3} %{buildroot}%{_mandir}/man5
|
||||||
|
install -pm 0644 %{name}/%{name}.8 %{buildroot}%{_mandir}/man8
|
||||||
|
|
||||||
|
# prepare docs
|
||||||
|
cp %{name}/README ./README.%{name}
|
||||||
|
cp %{name}/README-WPS ./README-WPS.%{name}
|
||||||
|
cp %{name}/logwatch/README ./README.logwatch
|
||||||
|
|
||||||
|
%if 0%{?fedora} || 0%{?rhel} >= 7
|
||||||
|
|
||||||
|
%post
|
||||||
|
%systemd_post %{name}.service
|
||||||
|
|
||||||
|
%preun
|
||||||
|
%systemd_preun %{name}.service
|
||||||
|
|
||||||
|
%postun
|
||||||
|
%systemd_postun_with_restart %{name}.service
|
||||||
|
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%if 0%{?rhel} == 6
|
||||||
|
|
||||||
|
%post
|
||||||
|
/sbin/chkconfig --add %{name}
|
||||||
|
|
||||||
|
%preun
|
||||||
|
if [ $1 -eq 0 ]; then
|
||||||
|
/sbin/service %{name} stop >/dev/null 2>&1 || :
|
||||||
|
/sbin/chkconfig --del %{name}
|
||||||
|
fi
|
||||||
|
|
||||||
|
%postun
|
||||||
|
if [ $1 -ge 1 ]; then
|
||||||
|
/sbin/service %{name} condrestart >/dev/null 2>&1 || :
|
||||||
|
fi
|
||||||
|
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%files
|
||||||
|
%license COPYING
|
||||||
|
%doc README README.hostapd README-WPS.hostapd
|
||||||
|
%doc %{name}/%{name}.conf %{name}/wired.conf
|
||||||
|
%doc %{name}/%{name}.accept %{name}/%{name}.deny
|
||||||
|
%doc %{name}/%{name}.eap_user %{name}/%{name}.radius_clients
|
||||||
|
%doc %{name}/%{name}.vlan %{name}/%{name}.wpa_psk
|
||||||
|
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
|
||||||
|
%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
|
||||||
|
%{_sbindir}/%{name}
|
||||||
|
%{_sbindir}/%{name}_cli
|
||||||
|
%dir %{_sysconfdir}/%{name}
|
||||||
|
%{_mandir}/man1/*
|
||||||
|
%{_mandir}/man5/*
|
||||||
|
%{_mandir}/man8/*
|
||||||
|
%if 0%{?fedora} || 0%{?rhel} >= 7
|
||||||
|
%{_unitdir}/%{name}.service
|
||||||
|
%else
|
||||||
|
%{_initrddir}/%{name}
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%files logwatch
|
||||||
|
%doc %{name}/logwatch/README
|
||||||
|
%config(noreplace) %{_sysconfdir}/logwatch/conf/services/%{name}.conf
|
||||||
|
%{_sysconfdir}/logwatch/scripts/services/%{name}
|
||||||
|
|
||||||
|
%changelog
|
||||||
|
* Fri Jan 21 2022 Davide Caratti <dcaratti@redhat.com> - 2.10-1
|
||||||
|
- Update to version 2.10, keeping CONFIG_WEP enabled
|
||||||
|
|
||||||
|
* Wed Dec 22 2021 Davide Caratti <dcaratti@redhat.com> - 2.9-17
|
||||||
|
- fix typo while enabling support for suite B-192
|
||||||
|
|
||||||
|
* Tue Dec 21 2021 Davide Caratti <dcaratti@redhat.com> - 2.9-16
|
||||||
|
- disable 'badfuncs' rpminspect test
|
||||||
|
- change default value of CONFIG_TLS_DEFAULT_CIPHERS to allow using OpenSSL
|
||||||
|
to compute 3DES
|
||||||
|
|
||||||
|
* Mon Dec 20 2021 Davide Caratti <dcaratti@redhat.com> - 2.9-15
|
||||||
|
- Build with -fPIE, and enable verbose build log
|
||||||
|
- Enable CONFIG_SUITEB192
|
||||||
|
|
||||||
|
* Sat Dec 18 2021 Tomas Pelka <tpelka@redhat.com> - 2.9-14
|
||||||
|
- bump release and rebuild to correctly trigger gating
|
||||||
|
|
||||||
|
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 2.9-13
|
||||||
|
- Rebuilt with OpenSSL 3.0.0
|
||||||
|
|
||||||
|
* Fri Sep 3 2021 Davide Caratti <dcaratti@redhat.com> - 2.9-12
|
||||||
|
- backport fix for NetworkManager-ci failures with openssl-3.0.0
|
||||||
|
|
||||||
|
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-11
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue May 11 2021 John W. Linville <linville@redhat.com> - 2.9-10
|
||||||
|
- Enable CONFIG_OWE build option in order to provide WPA3 capability
|
||||||
|
|
||||||
|
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 2.9-9
|
||||||
|
- Rebuilt for updated systemd-rpm-macros
|
||||||
|
See https://pagure.io/fesco/issue/2583.
|
||||||
|
|
||||||
|
* Wed Feb 10 2021 John W. Linville <linville@redhat.com> - 2.9-8
|
||||||
|
- Add hostapd.conf.5 man file, with content borrowed from NetBSD
|
||||||
|
|
||||||
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-7
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Dec 10 2020 John W. Linville <linville@redhat.com> - 2.9-6
|
||||||
|
- Enable environment file in hostapd service definition
|
||||||
|
|
||||||
|
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jun 24 2020 John W. Linville <linville@redhat.com> - 2.9-4
|
||||||
|
- Fix CVE-2020-12695 (UPnP SUBSCRIBE misbehavior in hostapd WPS AP)
|
||||||
|
|
||||||
|
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Oct 30 2019 John W. Linville <linville@redhat.com> - 2.9-2
|
||||||
|
- Fix CVE-2019-16275 (AP mode PMF disconnection protection bypass)
|
||||||
|
|
||||||
|
* Fri Aug 09 2019 John W. Linville <linville@redhat.com> - 2.9-1
|
||||||
|
- Update to version 2.9 from upstream
|
||||||
|
|
||||||
|
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.8-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jul 03 2019 Lubomir Rintel <lkundrak@v3.sk> - 2.8-2
|
||||||
|
- Enable SAE
|
||||||
|
|
||||||
|
* Wed May 15 2019 John W. Linville <linville@redhat.com> - 2.8-1
|
||||||
|
- Update to version 2.8 from upstream
|
||||||
|
- Drop obsoleted patches
|
||||||
|
|
||||||
|
* Fri Apr 12 2019 John W. Linville <linville@redhat.com> - 2.7-2
|
||||||
|
- Bump N-V-R for rebuild
|
||||||
|
|
||||||
|
* Fri Apr 12 2019 John W. Linville <linville@redhat.com> - 2.7-1
|
||||||
|
- Update to version 2.7 from upstream
|
||||||
|
- Remove obsolete patches for NL80211_ATTR_SMPS_MODE encoding and KRACK
|
||||||
|
- Fix CVE-2019-9494 (cache attack against SAE)
|
||||||
|
- Fix CVE-2019-9495 (cache attack against EAP-pwd)
|
||||||
|
- Fix CVE-2019-9496 (SAE confirm missing state validation in hostapd/AP)
|
||||||
|
- Fix CVE-2019-9497 (EAP-pwd server not checking for reflection attack)
|
||||||
|
- Fix CVE-2019-9498 (EAP-pwd server missing commit validation for scalar/element)
|
||||||
|
- Fix CVE-2019-9499 (EAP-pwd peer missing commit validation for scalar/element)
|
||||||
|
|
||||||
|
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-12
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Jul 20 2018 John W. Linville <linville@redhat.com> - 2.6-11
|
||||||
|
- Add previously unnecessary BuildRequires for gcc
|
||||||
|
|
||||||
|
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-10
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue May 29 2018 Davide Caratti <dcaratti@redhat.com> - 2.6-9
|
||||||
|
- backport fix for Fix NL80211_ATTR_SMPS_MODE encoding (rh #1582839)
|
||||||
|
|
||||||
|
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Dec 07 2017 Simone Caronni <negativo17@gmail.com> - 2.6-7
|
||||||
|
- Fix dependencies on the logwatch package for RHEL/CentOS.
|
||||||
|
|
||||||
|
* Fri Nov 03 2017 Xavier Bachelot <xavier@bachelot.org> - 2.6-6
|
||||||
|
- Add patches for KRACK : CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
|
||||||
|
CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086,
|
||||||
|
CVE-2017-13087, CVE-2017-13088 (RHBZ#1502588).
|
||||||
|
|
||||||
|
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-4
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Jul 13 2017 Petr Pisar <ppisar@redhat.com> - 2.6-3
|
||||||
|
- perl dependency renamed to perl-interpreter
|
||||||
|
<https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules>
|
||||||
|
|
||||||
|
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Oct 03 2016 John W. Linville <linville@redhat.com> - 2.6-1
|
||||||
|
- Update to version 2.6 from upstream
|
||||||
|
- Remove patch for CVE-2016-4476, now included in base tarball
|
||||||
|
|
||||||
|
* Fri Jul 15 2016 John W. Linville <linville@redhat.com> - 2.5-5
|
||||||
|
- Bump NVR and rebuild to resolve GLIBC_2.24 symbol issue
|
||||||
|
|
||||||
|
* Mon Jun 06 2016 John W. Linville <linville@redhat.com> - 2.5-4
|
||||||
|
- Add WPS patch for CVE-2016-4476
|
||||||
|
|
||||||
|
* Tue Apr 19 2016 Sascha Spreitzer <sspreitz@redhat.com> - 2.5-3
|
||||||
|
- Enable ACS feature (automatic channel switching)
|
||||||
|
|
||||||
|
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.5-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Oct 13 2015 John W. Linville <linville@redhat.com> - 2.5-1
|
||||||
|
- Update to version 2.5 from upstream
|
||||||
|
- Remove patches made redundant by version update
|
||||||
|
|
||||||
|
* Fri Jul 10 2015 John W. Linville <linville@redhat.com> - 2.4-3
|
||||||
|
- apply fix for NDEF record payload length checking
|
||||||
|
|
||||||
|
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri May 15 2015 John W. Linville <linville@redhat.com> - 2.4-2
|
||||||
|
- apply fix for underflow in WMM action frame parser
|
||||||
|
|
||||||
|
* Tue Apr 21 2015 John W. Linville <linville@redhat.com> - 2.4-1
|
||||||
|
- Update to version 2.4 from upstream
|
||||||
|
- Enable support for IEEE802.11r and IEEE802.11ac
|
||||||
|
|
||||||
|
* Wed Feb 4 2015 John W. Linville <linville@redhat.com> - 2.3-4
|
||||||
|
- Use %%license instead of %%doc for file containing license information
|
||||||
|
|
||||||
|
* Sun Nov 02 2014 poma <poma@gmail.com> - 2.3-3
|
||||||
|
- Further simplify hostapd.conf installation
|
||||||
|
- Rebase "EAP-TLS server" patch to 2.3
|
||||||
|
|
||||||
|
* Tue Oct 28 2014 John W. Linville <linville@redhat.com> - 2.3-2
|
||||||
|
- Remove version info from /usr/share/doc/hostapd/hostapd.conf
|
||||||
|
|
||||||
|
* Thu Oct 23 2014 John W. Linville <linville@redhat.com> - 2.3-1
|
||||||
|
- Update to version 2.3 from upstream
|
||||||
|
|
||||||
|
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Jun 5 2014 John W. Linville <linville@redhat.com> - 2.2-1
|
||||||
|
- Update to version 2.2 from upstream
|
||||||
|
|
||||||
|
* Sat Feb 22 2014 Simone Caronni <negativo17@gmail.com> - 2.1-2
|
||||||
|
- Re-enable drivers (#1068849).
|
||||||
|
|
||||||
|
* Fri Feb 14 2014 John W. Linville <linville@redhat.com> - 2.1-1
|
||||||
|
- Update to version 2.1 from upstream
|
||||||
|
- Remove obsolete patch for libnl build documentation
|
||||||
|
|
||||||
|
* Mon Feb 03 2014 Simone Caronni <negativo17@gmail.com> - 2.0-6
|
||||||
|
- Add libnl build documentation and switch libnl-devel to libnl3-devel build
|
||||||
|
dependency (#1041471).
|
||||||
|
|
||||||
|
* Fri Nov 22 2013 John W. Linville <linville@redhat.com> - 2.0-5
|
||||||
|
- Enable CONFIG_FULL_DYNAMIC_VLAN build option
|
||||||
|
|
||||||
|
* Wed Aug 07 2013 Simone Caronni <negativo17@gmail.com> - 2.0-4
|
||||||
|
- Add EPEL 6 support.
|
||||||
|
- Remove obsolete EPEL 5 tags.
|
||||||
|
- Little spec file formatting.
|
||||||
|
|
||||||
|
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 2.0-2
|
||||||
|
- Perl 5.18 rebuild
|
||||||
|
|
||||||
|
* Thu May 30 2013 John W. Linville <linville@redhat.com> - 2.0-1
|
||||||
|
- Update to version 2.0 from upstream
|
||||||
|
- Convert to use of systemd-rpm macros
|
||||||
|
- Build with PIE flags
|
||||||
|
|
||||||
|
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-4
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Oct 8 2012 John W. Linville <linville@redhat.com> - 1.0-3
|
||||||
|
- EAP-TLS: Add extra validation for TLS Message Length
|
||||||
|
|
||||||
|
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Jun 8 2012 John W. Linville <linville@redhat.com> - 1.0-1
|
||||||
|
- Update to version 1.0 from upstream
|
||||||
|
|
||||||
|
* Fri Jun 8 2012 John W. Linville <linville@redhat.com> - 0.7.3-9
|
||||||
|
- Remove hostapd-specific runtime state directory
|
||||||
|
|
||||||
|
* Wed Jun 6 2012 John W. Linville <linville@redhat.com> - 0.7.3-8
|
||||||
|
- Fixup typo in pid file path in hostapd.service
|
||||||
|
|
||||||
|
* Wed May 30 2012 John W. Linville <linville@redhat.com> - 0.7.3-7
|
||||||
|
- Add BuildRequires for systemd-units
|
||||||
|
|
||||||
|
* Fri May 25 2012 John W. Linville <linville@redhat.com> - 0.7.3-6
|
||||||
|
- Fixup typo in configuration file path in hostapd.service
|
||||||
|
- Tighten-up default permissions for hostapd.conf
|
||||||
|
|
||||||
|
* Tue Feb 28 2012 Jon Ciesla <limburgher@gmail.com> - 0.7.3-5
|
||||||
|
- Migrate to systemd, BZ 770310.
|
||||||
|
|
||||||
|
* Wed Jan 18 2012 John W. Linville <linville@redhat.com> - 0.7.3-4
|
||||||
|
- Add reference to sample hostapd.conf in the default installed version
|
||||||
|
- Include README-WPS from the hostapd distribution as part of the docs
|
||||||
|
|
||||||
|
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.3-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.3-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Dec 23 2010 John W. Linville <linville@redhat.com> - 0.7.3-1
|
||||||
|
- Update to version 0.7.3
|
||||||
|
|
||||||
|
* Wed Nov 24 2010 John W. Linville <linville@redhat.com> - 0.6.10-3
|
||||||
|
- Use ghost directive for /var/run/hostapd
|
||||||
|
- Remove some rpmlint warnings
|
||||||
|
|
||||||
|
* Thu May 27 2010 John W. Linville <linville@redhat.com> - 0.6.10-2
|
||||||
|
- Move DTIM period configuration into Beacon set operation
|
||||||
|
|
||||||
|
* Mon May 10 2010 John W. Linville <linville@redhat.com> - 0.6.10-1
|
||||||
|
- Update to version 0.6.10
|
||||||
|
|
||||||
|
* Tue Jan 19 2010 John W. Linville <linville@redhat.com> - 0.6.9-8
|
||||||
|
- Do not compress man pages manually in spec file
|
||||||
|
- Correct date of previous changelog entry
|
||||||
|
|
||||||
|
* Thu Jan 14 2010 John W. Linville <linville@redhat.com> - 0.6.9-7
|
||||||
|
- Enable 802.11n support
|
||||||
|
|
||||||
|
* Thu Dec 17 2009 John W. Linville <linville@redhat.com> - 0.6.9-6
|
||||||
|
- Enable RADIUS server
|
||||||
|
- Enable "wired" and "none" drivers
|
||||||
|
- Use BSD license option
|
||||||
|
|
||||||
|
* Wed Dec 16 2009 John W. Linville <linville@redhat.com> - 0.6.9-5
|
||||||
|
- Use openssl instead of gnutls (broken)
|
||||||
|
|
||||||
|
* Wed Dec 16 2009 John W. Linville <linville@redhat.com> - 0.6.9-4
|
||||||
|
- Remove wired.conf from doc (not in chosen configuration)
|
||||||
|
- Use $RPM_OPT_FLAGS
|
||||||
|
- Add dist tag
|
||||||
|
|
||||||
|
* Wed Dec 16 2009 John W. Linville <linville@redhat.com> - 0.6.9-3
|
||||||
|
- Use gnutls instead of openssl
|
||||||
|
- Turn-off internal EAP server (broken w/ gnutls)
|
||||||
|
- Remove doc files not applicable to chosen configuration
|
||||||
|
- Un-mangle README filename for logwatch sub-package
|
||||||
|
|
||||||
|
* Wed Dec 16 2009 John W. Linville <linville@redhat.com> - 0.6.9-2
|
||||||
|
- Initial build
|
||||||
|
- Start release at 2 to avoid conflicts w/ previous attempts by others
|
Loading…
Reference in New Issue
Block a user