From 28f8b5f5f3f0a678d73f1cd7d2015ca4c8203b13 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sun, 31 Jan 2021 22:35:23 +0100 Subject: wpa_supplicant: backport support for OWE The wpa_supplicant upstream is slow to push out new releases and has been asked several times to do so. Support for Opportunistic Wireless Encryption has been on master since late 2019 and still hasn't made it into a release yet. This backports a rather simple patchset to enable OWE key management and exposes it also via DBus, so it can be used from Network-Manager. --- pkgs/os-specific/linux/wpa_supplicant/default.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/wpa_supplicant/default.nix b/pkgs/os-specific/linux/wpa_supplicant/default.nix index 32b61b02beec..c90407ec6e6f 100644 --- a/pkgs/os-specific/linux/wpa_supplicant/default.nix +++ b/pkgs/os-specific/linux/wpa_supplicant/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, openssl, pkg-config, libnl +{ lib, stdenv, fetchurl, fetchpatch, openssl, pkg-config, libnl , dbus, readline ? null, pcsclite ? null }: @@ -19,6 +19,12 @@ stdenv.mkDerivation rec { url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch"; sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz"; }) + (fetchpatch { + # Expose OWE key management capability over DBus, remove >= 2.10 + name = "dbus-Export-OWE-capability-and-OWE-BSS-key_mgmt.patch"; + url = "https://w1.fi/cgit/hostap/patch/?id=7800725afb27397f7d6033d4969e2aeb61af4737"; + sha256 = "0c1la7inf4m5y9gzdjjdnhpkx32pm8vi6m5knih8p77q4mbrdgg8"; + }) ]; # TODO: Patch epoll so that the dbus actually responds @@ -32,6 +38,7 @@ stdenv.mkDerivation rec { CONFIG_EAP_SAKE=y CONFIG_EAP_GPSK=y CONFIG_EAP_GPSK_SHA256=y + CONFIG_OWE=y CONFIG_WPS=y CONFIG_WPS_ER=y CONFIG_WPS_NFS=y -- cgit v1.2.3