Hi! Here's an update to wpa_supplicant-2.5.
As usual, please test with your usual scenarios (eduroam, etc.) Ciao, David Index: Makefile =================================================================== RCS file: /cvs/ports/security/wpa_supplicant/Makefile,v retrieving revision 1.29 diff -u -p -u -p -r1.29 Makefile --- Makefile 11 Sep 2015 16:38:04 -0000 1.29 +++ Makefile 28 Sep 2015 11:50:23 -0000 @@ -2,8 +2,7 @@ COMMENT= IEEE 802.1X supplicant -DISTNAME= wpa_supplicant-2.4 -REVISION= 3 +DISTNAME= wpa_supplicant-2.5 CATEGORIES= security net HOMEPAGE= http://w1.fi/wpa_supplicant/ Index: distinfo =================================================================== RCS file: /cvs/ports/security/wpa_supplicant/distinfo,v retrieving revision 1.7 diff -u -p -u -p -r1.7 distinfo --- distinfo 18 Mar 2015 15:35:44 -0000 1.7 +++ distinfo 28 Sep 2015 11:50:23 -0000 @@ -1,2 +1,2 @@ -SHA256 (wpa_supplicant-2.4.tar.gz) = BY3IMsCWE5oFnm34FAgPUCUajTE8IbEzZMVKHnAQkSI= -SIZE (wpa_supplicant-2.4.tar.gz) = 2525648 +SHA256 (wpa_supplicant-2.5.tar.gz) = zOVbrkg7Nk6uVcNbpWfCeb5ELti6tbgKPH+w0Fe5sxY= +SIZE (wpa_supplicant-2.5.tar.gz) = 2607336 Index: patches/patch-src_crypto_tls_openssl_c =================================================================== RCS file: patches/patch-src_crypto_tls_openssl_c diff -N patches/patch-src_crypto_tls_openssl_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-src_crypto_tls_openssl_c 28 Sep 2015 11:50:23 -0000 @@ -0,0 +1,69 @@ +$OpenBSD$ + +Compatibility fixes for LibreSSL + +--- src/crypto/tls_openssl.c.orig Sun Sep 27 21:02:05 2015 ++++ src/crypto/tls_openssl.c Mon Sep 28 13:43:46 2015 +@@ -2229,7 +2229,7 @@ static int tls_parse_pkcs12(struct tls_data *data, SSL + } + + if (certs) { +-#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_clear_chain_certs(ssl); + while ((cert = sk_X509_pop(certs)) != NULL) { + X509_NAME_oneline(X509_get_subject_name(cert), buf, +@@ -2247,7 +2247,7 @@ static int tls_parse_pkcs12(struct tls_data *data, SSL + /* Try to continue anyway */ + } + sk_X509_free(certs); +-#ifndef OPENSSL_IS_BORINGSSL ++#if !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER) + res = SSL_build_cert_chain(ssl, + SSL_BUILD_CHAIN_FLAG_CHECK | + SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR); +@@ -2812,7 +2812,7 @@ int tls_connection_get_random(void *ssl_ctx, struct tl + if (conn == NULL || keys == NULL) + return -1; + ssl = conn->ssl; +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL) + return -1; + +@@ -2841,7 +2841,7 @@ int tls_connection_get_random(void *ssl_ctx, struct tl + #ifndef CONFIG_FIPS + static int openssl_get_keyblock_size(SSL *ssl) + { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + const EVP_CIPHER *c; + const EVP_MD *h; + int md_size; +@@ -2911,7 +2911,7 @@ static int openssl_tls_prf(struct tls_connection *conn + "mode"); + return -1; + #else /* CONFIG_FIPS */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + SSL *ssl; + u8 *rnd; + int ret = -1; +@@ -3394,7 +3394,7 @@ int tls_connection_set_cipher_list(void *tls_ctx, stru + + wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1); + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) + if (os_strstr(buf, ":ADH-")) { + /* +@@ -3977,7 +3977,7 @@ static int tls_sess_sec_cb(SSL *s, void *secret, int * + struct tls_connection *conn = arg; + int ret; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + if (conn == NULL || conn->session_ticket_cb == NULL) + return 0; + Index: patches/patch-src_drivers_driver_openbsd_c =================================================================== RCS file: /cvs/ports/security/wpa_supplicant/patches/patch-src_drivers_driver_openbsd_c,v retrieving revision 1.3 diff -u -p -u -p -r1.3 patch-src_drivers_driver_openbsd_c --- patches/patch-src_drivers_driver_openbsd_c 18 Mar 2014 05:57:22 -0000 1.3 +++ patches/patch-src_drivers_driver_openbsd_c 28 Sep 2015 11:50:23 -0000 @@ -1,14 +1,24 @@ $OpenBSD: patch-src_drivers_driver_openbsd_c,v 1.3 2014/03/18 05:57:22 dcoppa Exp $ -missing include +fix includes ---- src/drivers/driver_openbsd.c.orig Fri Mar 14 10:44:23 2014 -+++ src/drivers/driver_openbsd.c Fri Mar 14 10:44:46 2014 -@@ -10,6 +10,7 @@ +--- src/drivers/driver_openbsd.c.orig Sun Sep 27 21:02:05 2015 ++++ src/drivers/driver_openbsd.c Mon Sep 28 09:51:53 2015 +@@ -9,13 +9,14 @@ + #include "includes.h" #include <sys/ioctl.h> ++#include "common.h" ++#include "driver.h" ++ #include <net/if.h> +#include <net/if_var.h> #include <net80211/ieee80211.h> #include <net80211/ieee80211_crypto.h> #include <net80211/ieee80211_ioctl.h> +- +-#include "common.h" +-#include "driver.h" + + struct openbsd_driver_data { + char ifname[IFNAMSIZ + 1]; Index: patches/patch-src_utils_eloop_c =================================================================== RCS file: /cvs/ports/security/wpa_supplicant/patches/patch-src_utils_eloop_c,v retrieving revision 1.4 diff -u -p -u -p -r1.4 patch-src_utils_eloop_c --- patches/patch-src_utils_eloop_c 18 Mar 2015 15:35:44 -0000 1.4 +++ patches/patch-src_utils_eloop_c 28 Sep 2015 11:50:23 -0000 @@ -2,9 +2,9 @@ $OpenBSD: patch-src_utils_eloop_c,v 1.4 don't try to access list members to free them unless already initialised ---- src/utils/eloop.c.orig Sun Mar 15 12:30:39 2015 -+++ src/utils/eloop.c Wed Mar 18 04:20:32 2015 -@@ -1035,6 +1035,9 @@ void eloop_destroy(void) +--- src/utils/eloop.c.orig Sun Sep 27 21:02:05 2015 ++++ src/utils/eloop.c Mon Sep 28 09:35:05 2015 +@@ -1064,6 +1064,9 @@ void eloop_destroy(void) struct eloop_timeout *timeout, *prev; struct os_reltime now; Index: patches/patch-wpa_supplicant_Makefile =================================================================== RCS file: /cvs/ports/security/wpa_supplicant/patches/patch-wpa_supplicant_Makefile,v retrieving revision 1.7 diff -u -p -u -p -r1.7 patch-wpa_supplicant_Makefile --- patches/patch-wpa_supplicant_Makefile 19 Jul 2015 21:44:07 -0000 1.7 +++ patches/patch-wpa_supplicant_Makefile 28 Sep 2015 11:50:23 -0000 @@ -1,17 +1,20 @@ $OpenBSD: patch-wpa_supplicant_Makefile,v 1.7 2015/07/19 21:44:07 jasper Exp $ ---- wpa_supplicant/Makefile.orig Sun Mar 15 12:30:39 2015 -+++ wpa_supplicant/Makefile Wed Mar 18 04:20:32 2015 -@@ -121,13 +121,6 @@ CONFIG_ELOOP=eloop - endif +--- wpa_supplicant/Makefile.orig Mon Sep 28 09:36:07 2015 ++++ wpa_supplicant/Makefile Mon Sep 28 09:36:36 2015 +@@ -131,16 +131,6 @@ endif OBJS += ../src/utils/$(CONFIG_ELOOP).o OBJS_c += ../src/utils/$(CONFIG_ELOOP).o -- + +-ifndef CONFIG_OSX -ifeq ($(CONFIG_ELOOP), eloop) -# Using glibc < 2.17 requires -lrt for clock_gettime() +-# OS X has an alternate implementation -LIBS += -lrt -LIBS_c += -lrt -LIBS_p += -lrt -endif - +-endif +- ifdef CONFIG_ELOOP_POLL CFLAGS += -DCONFIG_ELOOP_POLL + endif Index: patches/patch-wpa_supplicant_main_c =================================================================== RCS file: /cvs/ports/security/wpa_supplicant/patches/patch-wpa_supplicant_main_c,v retrieving revision 1.1 diff -u -p -u -p -r1.1 patch-wpa_supplicant_main_c --- patches/patch-wpa_supplicant_main_c 8 Sep 2014 08:28:23 -0000 1.1 +++ patches/patch-wpa_supplicant_main_c 28 Sep 2015 11:50:23 -0000 @@ -2,9 +2,9 @@ $OpenBSD: patch-wpa_supplicant_main_c,v Remove Linuxisms from usage() ---- wpa_supplicant/main.c.orig Wed Jun 4 15:26:14 2014 -+++ wpa_supplicant/main.c Mon Sep 8 09:45:48 2014 -@@ -67,7 +67,7 @@ static void usage(void) +--- wpa_supplicant/main.c.orig Sun Sep 27 21:02:05 2015 ++++ wpa_supplicant/main.c Mon Sep 28 09:35:05 2015 +@@ -68,7 +68,7 @@ static void usage(void) " -i = interface name\n" " -I = additional configuration file\n" " -d = increase debugging verbosity (-dd even more)\n" @@ -13,7 +13,7 @@ Remove Linuxisms from usage() " -e = entropy file\n"); #ifdef CONFIG_DEBUG_FILE printf(" -f = log output to debug file instead of stdout\n"); -@@ -101,8 +101,7 @@ static void usage(void) +@@ -102,8 +102,7 @@ static void usage(void) " -N = start describing new interface\n"); printf("example:\n"
