mirror/openwrt-packages
1
0
Fork 0
mirror of https://git.openwrt.org/feed/packages.git synced 2024-06-16 12:23:59 +02:00
Code Releases Activity
24ad5359fe
openwrt-packages/net/coova-chilli/Makefile
Petr Štetiar f624e41f38 treewide: fix security issues by bumping all packages using libwolfssl 
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.

So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.

Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 845d81ca09)
2022-10-04 10:22:40 +02:00

149 lines
4.4 KiB
Makefile
Raw Blame History

#
# Copyright (C) 2007-2018 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=coova-chilli
PKG_VERSION:=1.6
PKG_RELEASE:=$(AUTORELEASE).1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/coova/coova-chilli/tar.gz/$(PKG_VERSION)?
PKG_HASH:=26b2bead6fd9c18eb736fb0a0f8709922de4e4fedee1122193f82706eb2b9305
PKG_MAINTAINER:=Jaehoon You <teslamint@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=0
PKG_CONFIG_DEPENDS:= \
COOVACHILLI_JSONINTERFACE \
COOVACHILLI_LARGELIMITS \
COOVACHILLI_MINIPORTAL \
COOVACHILLI_NOSSL \
COOVACHILLI_OPENSSL \
COOVACHILLI_PROXY \
COOVACHILLI_REDIR \
COOVACHILLI_UAMDOMAINFILE \
COOVACHILLI_USERAGENT \
COOVACHILLI_WOLFSSL \
IPV6
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/kernel.mk
define Package/coova-chilli
SUBMENU:=Captive Portals
SECTION:=net
CATEGORY:=Network
DEPENDS:=+kmod-tun +librt +COOVACHILLI_MINIPORTAL:haserl \
+COOVACHILLI_WOLFSSL:libwolfssl +COOVACHILLI_OPENSSL:libopenssl \
+COOVACHILLI_JSONINTERFACE:libjson-c
TITLE:=Wireless LAN HotSpot controller (Coova Chilli Version)
URL:=https://coova.github.io/
MENU:=1
endef
define Package/coova-chilli/description
CoovaChilli is an open source access controller for wireless LAN
access points and is based on ChilliSpot. It is used for authenticating
users of a wireless (or wired) LAN. It supports web based login (UAM)
which is today's standard for public HotSpots and it supports Wireless
Protected Access (WPA) which is the standard of the future.
Authentication, authorization and accounting (AAA) is handled by your
favorite radius server.
endef
define Package/coova-chilli/config
source "$(SOURCE)/Config.in"
endef
define KernelPackage/ipt-coova
URL:=http://www.coova.org/CoovaChilli
SUBMENU:=Netfilter Extensions
DEPENDS:=+kmod-ipt-core +libxtables
TITLE:=Coova netfilter module
FILES:=$(PKG_BUILD_DIR)/src/linux/xt_*.$(LINUX_KMOD_SUFFIX)
AUTOLOAD:=$(call AutoProbe,xt_coova)
endef
define KernelPackage/ipt-coova/description
Netfilter kernel module for CoovaChilli
endef
DISABLE_NLS=
TARGET_CFLAGS += $(FPIC) -Wno-error
CONFIGURE_VARS += \
ARCH="$(LINUX_KARCH)" \
KERNEL_DIR="$(LINUX_DIR)"
MAKE_FLAGS += \
ARCH="$(LINUX_KARCH)" \
KERNEL_DIR="$(LINUX_DIR)"
MAKE_INSTALL_FLAGS += \
ARCH="$(LINUX_KARCH)" \
KERNEL_DIR="$(LINUX_DIR)" \
INSTALL_MOD_PATH="$(PKG_INSTALL_DIR)"
define Build/Prepare
$(call Build/Prepare/Default)
( cd $(PKG_BUILD_DIR) ; \
[ -f ./configure ] || { \
./bootstrap ; \
} \
)
endef
define Build/Configure
$(call Build/Configure/Default, \
$(if $(CONFIG_COOVACHILLI_PROXY),--enable,--disable)-chilliproxy \
$(if $(CONFIG_COOVACHILLI_REDIR),--enable,--disable)-chilliredir \
$(if $(CONFIG_COOVACHILLI_MINIPORTAL),--enable,--disable)-miniportal \
$(if $(CONFIG_COOVACHILLI_USERAGENT),--enable,--disable)-useragent \
$(if $(CONFIG_COOVACHILLI_LARGELIMITS),--enable,--disable)-largelimits \
$(if $(CONFIG_COOVACHILLI_JSONINTERFACE),--enable,--disable)-libjson \
$(if $(CONFIG_COOVACHILLI_JSONINTERFACE),--enable,--disable)-json \
$(if $(CONFIG_COOVACHILLI_UAMDOMAINFILE),--enable,--disable)-uamdomainfile \
$(if $(CONFIG_IPV6),--with,--without)-ipv6 \
$(if $(CONFIG_COOVACHILLI_WOLFSSL),--with,--without)-cyassl \
$(if $(CONFIG_COOVACHILLI_OPENSSL),--with,--without)-openssl \
$(if $(CONFIG_PACKAGE_kmod-ipt-coova),--with-nfcoova) \
)
endef
define Package/coova-chilli/conffiles
/etc/config/chilli
endef
define Package/coova-chilli/install
$(INSTALL_DIR) $(1)/etc
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/chilli.conf $(1)/etc/
$(INSTALL_DIR) $(1)/etc/chilli
$(CP) $(PKG_INSTALL_DIR)/etc/chilli/* $(1)/etc/chilli/
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/chilli* $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so.* $(1)/usr/lib/
$(if $(CONFIG_PACKAGE_kmod-ipt-coova), \
$(INSTALL_DIR) $(1)/usr/lib/iptables; \
$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib*.so $(1)/usr/lib/iptables/ \
)
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) files/chilli.init $(1)/etc/init.d/chilli
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_DATA) files/chilli.config $(1)/etc/config/chilli
endef
$(eval $(call BuildPackage,coova-chilli))
$(eval $(call KernelPackage,ipt-coova))
View Git Blame Copy Permalink