openssl group vpnc, wget, wpa_supplicant

2025-01-23 17:33:26 +08:00 · 2012-12-16 02:04:00 +00:00 · 2012-12-16 02:04:00 +00:00 · e1f484c58c
commit e1f484c58c
parent 00a883d077
4 changed files with 122 additions and 50 deletions
--- a/vpnc/PKGBUILD
+++ b/vpnc/PKGBUILD
@ -1,19 +1,21 @@
-# $Id: PKGBUILD 75214 2010-04-01 02:29:38Z pierre $
-# Maintainer: Thomas Baechler <thomas@archlinux.org>
+#
+# Core packages for Chakra, part of chakra-project.org
+#
+# maintainer abveritas[at]chakra-project[dot]org>
+
 pkgname=vpnc
-pkgver=0.5.3
-pkgrel=3
+pkgver=0.5.3.1
+pkgrel=1
 pkgdesc="VPN client for cisco3000 VPN Concentrators"
 url="http://www.unix-ag.uni-kl.de/~massar/vpnc/"
 license=('GPL')
 depends=('libgcrypt' 'openssl' 'iproute2')
-arch=('i686' 'x86_64')
-source=(http://www.unix-ag.uni-kl.de/~massar/vpnc/$pkgname-$pkgver.tar.gz
-        vpnc.conf vpnc.rc)
+arch=('x86_64')
+source=("http://www.chakra-linux.org/sources/vpnc/$pkgname-$pkgver.tar.xz"
+        'vpnc.conf')
 backup=(etc/vpnc/default.conf)
-md5sums=('4378f9551d5b077e1770bbe09995afb3'
-         'a3f4e0cc682f437e310a1c86ae198e45'
-         'c5885162ac198eaa36da9a01e7c0c55b')
+md5sums=('b0802bea7ee8218ffcc256b62fdbe606'
+         'a3f4e0cc682f437e310a1c86ae198e45')

 build() {
  cd $srcdir/$pkgname-$pkgver
@ -21,14 +23,16 @@ build() {
  # Build hybrid support
  sed -i 's|^#OPENSSL|OPENSSL|g' Makefile

-  make PREFIX=/usr || return 1
+  make 
 }

 package() {
  cd $srcdir/$pkgname-$pkgver
+  
  make DESTDIR=$pkgdir PREFIX=/usr install

  install -D -m644 $srcdir/vpnc.conf $pkgdir/etc/vpnc/default.conf
-  install -D -m755 $srcdir/vpnc.rc $pkgdir/etc/rc.d/vpnc
-  rm -f $pkgdir/etc/vpnc/vpnc.conf
+
 }
+
+
--- a/wget/PKGBUILD
+++ b/wget/PKGBUILD
@ -1,33 +1,27 @@
 #
 # Core Packages for Chakra, part of chakra-project.org
 #
-# maintainer (i686): Phil Miller <philm[at]chakra-project[dog]org>
-# maintainer (x86_64): Manuel Tortosa <manutortosa[at]chakra-project[dot]org>
+# maintainer abveritas[at]chakra-project[dot]org>

 pkgname=wget
-pkgver=1.13.4
+pkgver=1.14
 pkgrel=1
 pkgdesc="A network utility to retrieve files from the Web"
-arch=('i686' 'x86_64')
+arch=('x86_64')
 url="http://www.gnu.org/software/wget/wget.html"
 license=('GPL3')
 groups=('base')
-depends=('glibc' 'openssl')
+depends=('glibc' 'openssl' 'libidn' 'util-linux')
 optdepends=('ca-certificates: HTTPS downloads')
 backup=('etc/wgetrc')
 install=wget.install
-source=(ftp://ftp.gnu.org/gnu/${pkgname}/${pkgname}-${pkgver}.tar.xz)
-md5sums=('7f518b3a71e9efd330e9a0c3714f8463')
+source=("ftp://ftp.gnu.org/gnu/${pkgname}/${pkgname}-${pkgver}.tar.xz")
+md5sums=('316f6f59292c9098ad81fd54f658c579')

 build() {
  cd "${srcdir}/${pkgname}-${pkgver}"

-  # Note : We do not build with --enable-nls, because there is a bug in wget causing
-  # international domain names to be not properly converted to punycode if
-  # the current locale is a UTF-8 one
-  # See : http://lists.gnu.org/archive/html/bug-wget/2011-02/msg00026.html
-
-  ./configure -with-ssl=openssl --prefix=/usr --sysconfdir=/etc
+  ./configure -with-ssl=openssl --prefix=/usr --sysconfdir=/etc --enable-nls
  make
 }

@ -41,7 +35,4 @@ package() {
 ca_certificate=/etc/ssl/certs/ca-certificates.crt
 EOF

-  # remove IRI option from wgetrc as it does not work (see above)
-  sed -i '118,120d' $pkgdir/etc/wgetrc
-
 }
--- a/wpa_supplicant/PKGBUILD
+++ b/wpa_supplicant/PKGBUILD
@ -1,25 +1,24 @@
 #
 # Chakra Packages for Chakra, part of chakra-project.org
 #
-# maintainer (i686): Phil Miller <philm[at]chakra-project[dog]org>
-# maintainer (x86_64): Manuel Tortosa <manutortosa[at]chakra-project[dot]org>
+# maintainer abveritas[at]chakra-project[dot]org>

 pkgname=wpa_supplicant
 pkgver=0.7.3
-pkgrel=4
+pkgrel=5
 pkgdesc="A utility providing key negotiation for WPA wireless networks"
-arch=('i686' 'x86_64')
+arch=('x86_64')
 depends=('openssl' 'dbus-core>=1.2.4' 'readline>=6.0' 'libnl')
 optdepends=('wpa_supplicant_gui: wpa_gui program')
 license=('GPL')
 groups=('base')
 backup=('etc/wpa_supplicant.conf')
 url="http://hostap.epitest.fi/wpa_supplicant"
-source=(http://hostap.epitest.fi/releases/wpa_supplicant-$pkgver.tar.gz
+source=("http://hostap.epitest.fi/releases/wpa_supplicant-$pkgver.tar.gz"
        config
 	wpa_supplicant.service)
 sha256sums=('d0cd50caa85346ccc376dcda5ed3c258eef19a93b3cade39d25760118ad59443'
-            '6a0837f18e5ff179ccd6954f7952dfc2e6aa69f353194ee4cb29c1ed2ef68c5d'
+            '54568aa6912a7e8ee0c28a71a79dd8d5b6f11368ca71733c26e41d1a142587ba'
            '7473ff4479f7b40e9f1369f1ccbf8f514ae17729be18572801f80d3b4a4df3d0')

 build() {
--- a/wpa_supplicant/config
+++ b/wpa_supplicant/config
@ -78,6 +78,11 @@
 #CONFIG_DRIVER_RALINK=y

 # Driver interface for generic Linux wireless extensions
+# Note: WEXT is deprecated in the current Linux kernel version and no new
+# functionality is added to it. nl80211-based interface is the new
+# replacement for WEXT and its use allows wpa_supplicant to properly control
+# the driver to improve existing functionality like roaming and to support new
+# functionality.
 CONFIG_DRIVER_WEXT=y

 # Driver interface for Linux drivers using the nl80211 kernel interface
@ -109,11 +114,6 @@ CONFIG_DRIVER_NL80211=y
 # Driver interface for development testing
 #CONFIG_DRIVER_TEST=y

-# Include client MLME (management frame processing) for test driver
-# This can be used to test MLME operations in hostapd with the test interface.
-# space.
-#CONFIG_CLIENT_MLME=y
-
 # Driver interface for wired Ethernet drivers
 CONFIG_DRIVER_WIRED=y

@ -123,6 +123,10 @@ CONFIG_DRIVER_WIRED=y
 # Driver interface for no driver (e.g., WPS ER only)
 #CONFIG_DRIVER_NONE=y

+# Solaris libraries
+#LIBS += -lsocket -ldlpi -lnsl
+#LIBS_c += -lsocket
+
 # Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
 # included)
 CONFIG_IEEE8021X_EAPOL=y
@ -161,6 +165,9 @@ CONFIG_EAP_OTP=y
 # EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
 #CONFIG_EAP_PSK=y

+# EAP-pwd (secure authentication using only a password)
+#CONFIG_EAP_PWD=y
+
 # EAP-PAX
 #CONFIG_EAP_PAX=y

@ -190,6 +197,13 @@ CONFIG_EAP_LEAP=y

 # Wi-Fi Protected Setup (WPS)
 CONFIG_WPS=y
+# Enable WSC 2.0 support
+#CONFIG_WPS2=y
+# Enable WPS external registrar functionality
+#CONFIG_WPS_ER=y
+# Disable credentials for an open network by default when acting as a WPS
+# registrar.
+#CONFIG_WPS_REG_DISABLE_OPEN=y

 # EAP-IKEv2
 #CONFIG_EAP_IKEV2=y
@ -224,6 +238,10 @@ CONFIG_CTRL_IFACE=y
 # the resulting binary.
 CONFIG_READLINE=y

+# Include internal line edit mode in wpa_cli. This can be used as a replacement
+# for GNU Readline to provide limited command line editing and history support.
+#CONFIG_WPA_CLI_EDIT=y
+
 # Remove debugging code that is printing out debug message to stdout.
 # This can be used to reduce the size of the wpa_supplicant considerably
 # if debugging code is not needed. The size reduction can be around 35%
@ -305,18 +323,17 @@ CONFIG_PEERKEY=y

 # Select TLS implementation
 # openssl = OpenSSL (default)
-# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA)
+# gnutls = GnuTLS
 # internal = Internal TLSv1 implementation (experimental)
 # none = Empty template
 #CONFIG_TLS=openssl

-# Whether to enable TLS/IA support, which is required for EAP-TTLSv1.
-# You need CONFIG_TLS=gnutls for this to have any effect. Please note that
-# even though the core GnuTLS library is released under LGPL, this extra
-# library uses GPL and as such, the terms of GPL apply to the combination
-# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not
-# apply for distribution of the resulting binary.
-#CONFIG_GNUTLS_EXTRA=y
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
+# can be enabled to get a stronger construction of messages when block ciphers
+# are used. It should be noted that some existing TLS v1.0 -based
+# implementation may not be compatible with TLS v1.1 message (ClientHello is
+# sent prior to negotiating which version will be used)
+#CONFIG_TLSV11=y

 # If CONFIG_TLS=internal is used, additional library and include paths are
 # needed for LibTomMath. Alternatively, an integrated, minimal version of
@ -378,6 +395,11 @@ CONFIG_CTRL_IFACE_DBUS_INTRO=y
 # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
 CONFIG_DEBUG_FILE=y

+# Send debug messages to syslog instead of stdout
+#CONFIG_DEBUG_SYSLOG=y
+# Set syslog facility for debug messages
+#CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON
+
 # Enable privilege separation (see README 'Privilege separation' for details)
 #CONFIG_PRIVSEP=y

@ -389,7 +411,7 @@ CONFIG_DEBUG_FILE=y
 # This tracks use of memory allocations and other registrations and reports
 # incorrect use with a backtrace of call (or allocation) location.
 #CONFIG_WPA_TRACE=y
-# For BSD, comment out these.
+# For BSD, uncomment these.
 #LIBS += -lexecinfo
 #LIBS_p += -lexecinfo
 #LIBS_c += -lexecinfo
@ -398,7 +420,63 @@ CONFIG_DEBUG_FILE=y
 # This enables use of libbfd to get more detailed symbols for the backtraces
 # generated by CONFIG_WPA_TRACE=y.
 #CONFIG_WPA_TRACE_BFD=y
-# For BSD, comment out these.
+# For BSD, uncomment these.
 #LIBS += -lbfd -liberty -lz
 #LIBS_p += -lbfd -liberty -lz
 #LIBS_c += -lbfd -liberty -lz
+
+# wpa_supplicant depends on strong random number generation being available
+# from the operating system. os_get_random() function is used to fetch random
+# data when needed, e.g., for key generation. On Linux and BSD systems, this
+# works by reading /dev/urandom. It should be noted that the OS entropy pool
+# needs to be properly initialized before wpa_supplicant is started. This is
+# important especially on embedded devices that do not have a hardware random
+# number generator and may by default start up with minimal entropy available
+# for random number generation.
+#
+# As a safety net, wpa_supplicant is by default trying to internally collect
+# additional entropy for generating random data to mix in with the data fetched
+# from the OS. This by itself is not considered to be very strong, but it may
+# help in cases where the system pool is not initialized properly. However, it
+# is very strongly recommended that the system pool is initialized with enough
+# entropy either by using hardware assisted random number generator or by
+# storing state over device reboots.
+#
+# wpa_supplicant can be configured to maintain its own entropy store over
+# restarts to enhance random number generation. This is not perfect, but it is
+# much more secure than using the same sequence of random numbers after every
+# reboot. This can be enabled with -e<entropy file> command line option. The
+# specified file needs to be readable and writable by wpa_supplicant.
+#
+# If the os_get_random() is known to provide strong random data (e.g., on
+# Linux/BSD, the board in question is known to have reliable source of random
+# data from /dev/urandom), the internal wpa_supplicant random pool can be
+# disabled. This will save some in binary size and CPU use. However, this
+# should only be considered for builds that are known to be used on devices
+# that meet the requirements described above.
+CONFIG_NO_RANDOM_POOL=y
+
+# IEEE 802.11n (High Throughput) support (mainly for AP mode)
+#CONFIG_IEEE80211N=y
+
+# Interworking (IEEE 802.11u)
+# This can be used to enable functionality to improve interworking with
+# external networks (GAS/ANQP to learn more about the networks and network
+# selection based on available credentials).
+#CONFIG_INTERWORKING=y
+
+CONFIG_LIBNL32=y
+
+# More options that are not in defconfig:
+
+# Lightweight AP mode
+CONFIG_AP=y
+
+# P2P (WiFi Direct)
+CONFIG_P2P=y
+
+# RSN IBSS/AdHoc support
+CONFIG_IBSS_RSN=y
+
+# Simple background scan
+CONFIG_BGSCAN_SIMPLE=y