notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

Port details
hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
2.10_10 net on this many watch lists=2 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 2.10_10Version of this port present on the latest quarterly branch.
Maintainer: cy@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2011-02-12 04:53:00
Last Update: 2024-03-04 16:44:36
Commit Hash: 2dc822b
People watching this port, also watch:: python, cvsgraph, ladspa, php81-pear-Horde_Mapi
License: BSD3CLAUSE
WWW:
https://w1.fi/hostapd/
Description:
hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and RADIUS authentication server. The current version supports Linux (Host AP, madwifi, mac80211-based drivers) and FreeBSD (net80211). Add the following to /etc/rc.conf to use the ports version instead of the base version: hostapd_program="/usr/local/sbin/hostapd"
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
Expand this list (7 items)
Collapse this list.
  1. sbin/hostapd
  2. sbin/hostapd_cli
  3. share/man/man1/hostapd_cli.1.gz
  4. share/man/man8/hostapd.8.gz
  5. /usr/local/share/licenses/hostapd-2.10_10/catalog.mk
  6. /usr/local/share/licenses/hostapd-2.10_10/LICENSE
  7. /usr/local/share/licenses/hostapd-2.10_10/BSD3CLAUSE
Collapse this list.
Dependency lines:
  • hostapd>0:net/hostapd
To install the port:
cd /usr/ports/net/hostapd/ && make install clean
To add the package, run one of these commands:
  • pkg install net/hostapd
  • pkg install hostapd
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: hostapd
Flavors: there is no flavor information for this port.
distinfo:
TIMESTAMP = 1642436112 SHA256 (hostapd-2.10.tar.gz) = 206e7c799b678572c2e3d12030238784bc4a9f82323b0156b4c9466f1498915d SIZE (hostapd-2.10.tar.gz) = 2440435

Packages (timestamps in pop-ups are UTC):
hostapd
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest2.10_102.10_102.9_32.10_102.10_10-2.9_2-
FreeBSD:13:quarterly2.10_102.10_102.10_52.10_102.10_102.10_82.10_82.10_8
FreeBSD:14:latest2.10_102.10_102.10_52.10_102.10_102.10_5-2.10_5
FreeBSD:14:quarterly2.10_102.10_10-2.10_102.10_102.10_82.10_82.10_8
FreeBSD:15:latest2.10_102.10_10n/a2.10_10n/a2.10_92.10_92.10_9
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. gmake>=4.4.1 : devel/gmake
There are no ports dependent upon this port

Configuration Options:
No options to configure
Options name:
net_hostapd
USES:
cpe gmake ssl
pkg-message:
For install:
Add the following to /etc/rc.conf to use the ports version instead of the base version: hostapd_program="/usr/local/sbin/hostapd"
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. https://w1.fi/releases/
Collapse this list.

Number of commits found: 65

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
2.10_10
04 Mar 2024 16:44:36
commit hash: 2dc822b9e7c44abf61594cbc31379837bb35973dcommit hash: 2dc822b9e7c44abf61594cbc31379837bb35973dcommit hash: 2dc822b9e7c44abf61594cbc31379837bb35973dcommit hash: 2dc822b9e7c44abf61594cbc31379837bb35973d files touched by this commit
Cy Schubert (cy) search for other commits by this committer
net/hostapd*: Work around lack of MLME support

hostap MLME uses Linux data structures and definitions not available
in FreeBSD. The ability for hostapd to select the frequency (channel)
depends Linux MLME, though strictly it's not required. Work around the
Linux MLME requirement to configure device frequency.

The detailed description is: hostapd will only set the channel (frequency)
when Linux MLME is configured. Enabling NEED_AP_MLME will result in
numerous build errors due do Linux data structures and definitions not
available under FreeBSD. The code to set the frequency from the selected
channel is only within the NEED_AP_MLME code path because without MLME,
hostapd_get_hw_features() is an inline that always returns -1 whereas with
MLME hostapd_get_hw_features() will obtain hardware features from the
kernel. Until such time we simply set the frequency as configured.

PR:		276375
MFH:		2024Q1
2.10_9
22 Jan 2024 16:52:30
commit hash: c0d016fcfcbd8a7a2769aca2075ba6df0f1f069ccommit hash: c0d016fcfcbd8a7a2769aca2075ba6df0f1f069ccommit hash: c0d016fcfcbd8a7a2769aca2075ba6df0f1f069ccommit hash: c0d016fcfcbd8a7a2769aca2075ba6df0f1f069c files touched by this commit
Muhammad Moinur Rahman (bofh) search for other commits by this committer
net/hostapd: Sanitize MANPREFIX

Approved by:    portmgr (blanket)
2.10_8
12 Sep 2023 05:51:29
commit hash: 33410dc2fce35423090de7566b10b2ce4ba5795ccommit hash: 33410dc2fce35423090de7566b10b2ce4ba5795ccommit hash: 33410dc2fce35423090de7566b10b2ce4ba5795ccommit hash: 33410dc2fce35423090de7566b10b2ce4ba5795c files touched by this commit
Cy Schubert (cy) search for other commits by this committer
Author: R. Christian McDonald
net/hostapd: wpa: Enable receiving priority tagged (VID 0) frames

Certain internet service providers transmit vlan 0 priority tagged
EAPOL frames from the ONT towards the residential gateway. VID 0
should be ignored, and the frame processed according to the priority
set in the 802.1P bits and the encapsulated EtherType (i.e. EAPOL).

The pcap filter utilized by l2_packet is inadquate for this use case.

Here we modify the pcap filter to accept both unencapsulated and
encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the
original filter behavior while also matching on encapsulated EAPOL.

Sponsored by:   Rubicon Communications, LLC ("Netgate")
Reviewed by:    cy
Obtained from:	src bb5d6d14d81b
PR:             273696
MFH:		2023Q3
2.10_7
12 Sep 2023 05:51:16
commit hash: e7f23d81ae4b522701ab73482a3bb3e3a76f6e67commit hash: e7f23d81ae4b522701ab73482a3bb3e3a76f6e67commit hash: e7f23d81ae4b522701ab73482a3bb3e3a76f6e67commit hash: e7f23d81ae4b522701ab73482a3bb3e3a76f6e67 files touched by this commit
Cy Schubert (cy) search for other commits by this committer
net/hostapd: Fix uninitialized packet pointer on error

The packet pointer (called packet) will remain uninitialized when
pcap_next_ex() returns an error. This occurs when the wlan
interface is shut down using ifconfig destroy. Adding a NULL
assignment to packet duplicates what pcap_next() does.

The reason we use pcap_next_ex() in this instance is because with
pacp_next() when we receive a null pointer if there was an error
or if no packets were read. With pcap_next_ex() we can differentiate
between an error and legitimately no packets were received.

PR:             270649, 273696
Obtained from:	src 953efa5b200f
Reported by:    Robert Morris <rtm@lcs.mit.edu>
MFH:		2023Q3
2.10_6
12 Sep 2023 05:51:00
commit hash: 4ef06a46019c5369bef49faf3dd81d2ed7670192commit hash: 4ef06a46019c5369bef49faf3dd81d2ed7670192commit hash: 4ef06a46019c5369bef49faf3dd81d2ed7670192commit hash: 4ef06a46019c5369bef49faf3dd81d2ed7670192 files touched by this commit
Cy Schubert (cy) search for other commits by this committer
net/hostapd: Rename patch to current patch naming standard
2.10_6
12 Sep 2023 05:50:53
commit hash: 087cebebd616c77d469a9e337fa0c99041b3ccfbcommit hash: 087cebebd616c77d469a9e337fa0c99041b3ccfbcommit hash: 087cebebd616c77d469a9e337fa0c99041b3ccfbcommit hash: 087cebebd616c77d469a9e337fa0c99041b3ccfb files touched by this commit
Cy Schubert (cy) search for other commits by this committer
net/hostapd: driver_bsd.c: backout upstream IFF_ change and add logging

This reverts the state to our old supplicant logic setting or clearing
IFF_UP if needed.  In addition this adds logging for the cases in which
we do (not) change the interface state.

Depending on testing this seems to help bringing WiFi up or not log
any needed changes (which would be the expected wpa_supplicant logic
now).  People should look out for ``(changed)`` log entries (at least
if debugging the issue; this way we will at least have data points).

There is a hypothesis still pondered that the entire IFF_UP toggling
only exploits a race in net80211 (see further discssussions for more
debugging and alternative solutions see D38508 and D38753).
That may also explain why the changes to the rc startup script [1]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
07 Sep 2022 21:58:51
commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4 files touched by this commit
Stefan Eßer (se) search for other commits by this committer
Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)
2.10_5
07 Sep 2022 21:10:59
commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 files touched by this commit
Stefan Eßer (se) search for other commits by this committer
Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.10_5
20 Jul 2022 14:22:37
commit hash: 6a378e5659b93de6dbe8956246fb3bf971677624commit hash: 6a378e5659b93de6dbe8956246fb3bf971677624commit hash: 6a378e5659b93de6dbe8956246fb3bf971677624commit hash: 6a378e5659b93de6dbe8956246fb3bf971677624 files touched by this commit
Tobias C. Berner (tcberner) search for other commits by this committer
net: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  <ports@c0decafe.net>
  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Aaron Straup Cope <ascope@cpan.org>
  *  Aaron Zauner <az_mail@gmx.at>
  *  Adam Jette <jettea46@yahoo.com>
  *  Adam Weinberger <adamw@FreeBSD.org>
  *  Alan Eldridge <alane@geeksrus.net>
  *  Alex Bakhtin <Alex.Bakhtin@gmail.com>
  *  Alex Deiter <Alex.Deiter@Gmail.COM>
  *  Alex Dupre <ale@FreeBSD.org>
  *  Alex Dupre <sysadmin@alexdupre.com>
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.10_5
03 Jul 2022 21:33:18
commit hash: b3916c7a8d2599e99fabdc1735b095ff5a9f9381commit hash: b3916c7a8d2599e99fabdc1735b095ff5a9f9381commit hash: b3916c7a8d2599e99fabdc1735b095ff5a9f9381commit hash: b3916c7a8d2599e99fabdc1735b095ff5a9f9381 files touched by this commit
Cy Schubert (cy) search for other commits by this committer
Author: J.R. Oldroyd
wpa_supplicant* hostapd*: Resolve secondary VAP association issue

Association will fail on a secondary open unprotected VAP when the
primary VAP is configured for WPA. Examples of secondary VAPs are,
hotels, universities, and commodity routers' guest networks.

A broadly similar bug was discussed on Red Hat's bugzilla affecting
association to a D-Link DIR-842.

This suggests that as IEs were added to the 802.11 protocol the old code
was increasingly inadaquate to handle the additional IEs, not only a
secondary VAP.

This duplcates src commit 775611ea11db here in ports.

PR:             264238
Reported by:    Jaskie <jiangjun12321@gmail.com>
                "J.R. Oldroyd" <fbsd@opal.com>
Submitted by:   "J.R. Oldroyd" <fbsd@opal.com>
MFH:      	2022Q3
2.10_4
20 Jun 2022 14:29:09
commit hash: 05a849eec9d949b3de32e464570cefbabcd64702commit hash: 05a849eec9d949b3de32e464570cefbabcd64702commit hash: 05a849eec9d949b3de32e464570cefbabcd64702commit hash: 05a849eec9d949b3de32e464570cefbabcd64702 files touched by this commit
Cy Schubert (cy) search for other commits by this committer
*/*: Restore a missing wpa BSD driver patch

These patches were removed to sync with base where in fact base was
missing these patches and base should have been synced with the ports.

PR:		264238
Fixes:		b8477825c2dc42f6c595697a36f593c71f39fbad
		c86f32d652eb9dd023049122d8ca37cb13ed07b6
MFH:		2022Q2
2.10_3
09 Jun 2022 21:58:23
commit hash: c86f32d652eb9dd023049122d8ca37cb13ed07b6commit hash: c86f32d652eb9dd023049122d8ca37cb13ed07b6commit hash: c86f32d652eb9dd023049122d8ca37cb13ed07b6commit hash: c86f32d652eb9dd023049122d8ca37cb13ed07b6 files touched by this commit
Cy Schubert (cy) search for other commits by this committer
*/*: Restore non-IBSS part of wpa patches

b8477825c2dc42f6c595697a36f593c71f39fbad removed some non-IBSS patches.
Restore them. We only want to remove the patches that make IBSS use
ADHOC mode.

Fixes:		b8477825c2dc42f6c595697a36f593c71f39fbad
2.10_2
09 Jun 2022 20:41:39
commit hash: b8477825c2dc42f6c595697a36f593c71f39fbadcommit hash: b8477825c2dc42f6c595697a36f593c71f39fbadcommit hash: b8477825c2dc42f6c595697a36f593c71f39fbadcommit hash: b8477825c2dc42f6c595697a36f593c71f39fbad files touched by this commit
Cy Schubert (cy) search for other commits by this committer
*/*: FreeBSD's WPA does support IBSS mode

FreeBSD's WPA does support IBSS mode. Remove the hack that forces ADHOC
mode when IBSS is requested.
2.10_1
16 Apr 2022 15:55:56
commit hash: c586ac04eb662dea00ab81b226fa3e41a5110b21commit hash: c586ac04eb662dea00ab81b226fa3e41a5110b21commit hash: c586ac04eb662dea00ab81b226fa3e41a5110b21commit hash: c586ac04eb662dea00ab81b226fa3e41a5110b21 files touched by this commit
Cy Schubert (cy) search for other commits by this committer
*/{wpa_supplicant*,hostapd*}: Fix wpa 100% CPU when USB wlan NIC removed

hostapd calls pcap_next(3) to read the next packet off the wlan interface.
pcap_next() returns a pointer to the packet header but does not indicate
success or failure. Unfortunately this results in an infinite loop (100%
CPU) when the wlan device disappears, i.e. when a USB wlan device is
manually removed or a USB error results in the device removal. However
pcap_next_ex(3) does return success or failure. To resolve this we use
pcap_next_ex(), forcing hostapd to exit when the error is encountered.

An error message is printed to syslog or stderr when debugging (-d flag)
is enabled. Unfortunately wpa_printf() only works when debugging is enabled.

PR:		253608
Reported by:	Damjan Jovanovic <damjan.jov@gmail.com>,
		bz (privately)
MFH:		2022Q2
2.10
31 Jan 2022 21:44:16
commit hash: 74e181d200eeb192160951934cd3b16014682d8ccommit hash: 74e181d200eeb192160951934cd3b16014682d8ccommit hash: 74e181d200eeb192160951934cd3b16014682d8ccommit hash: 74e181d200eeb192160951934cd3b16014682d8c files touched by this commit
Cy Schubert (cy) search for other commits by this committer
*/*: Fix wpa_supplicant* and hostapd* EAPOL_TEST build

Fix EAPOL_TEST build. Local funcion os_fdatasync() is valid under
FreeBSD as fdatasync(2) is supported.

PR:		261636
Reported by:	David Siebörger <drs-freebsd@sieborger.nom.za>
MFH:		2022Q1
2.10
17 Jan 2022 17:00:45
commit hash: f5e549a9f44e992c0a2f34b2f7686198f5590badcommit hash: f5e549a9f44e992c0a2f34b2f7686198f5590badcommit hash: f5e549a9f44e992c0a2f34b2f7686198f5590badcommit hash: f5e549a9f44e992c0a2f34b2f7686198f5590bad files touched by this commit
Cy Schubert (cy) search for other commits by this committer
net/hostapd: Update to 2.10

The long awaited hostapd 2.10 is finally here.
2.9_4
14 Sep 2021 10:55:26
commit hash: af1b44de7c7f16ffb71c29214166acd0b2cce08bcommit hash: af1b44de7c7f16ffb71c29214166acd0b2cce08bcommit hash: af1b44de7c7f16ffb71c29214166acd0b2cce08bcommit hash: af1b44de7c7f16ffb71c29214166acd0b2cce08b files touched by this commit
Bernhard Froehlich (decke) search for other commits by this committer
net/hostapd: Fix CPE information because current one is deprecated

Approved by:    portmgr (blanket)
2.9_4
14 Jun 2021 16:04:00
commit hash: ed47e1ecc5db5576f6a2d4a47e083b2366bd65cccommit hash: ed47e1ecc5db5576f6a2d4a47e083b2366bd65cccommit hash: ed47e1ecc5db5576f6a2d4a47e083b2366bd65cccommit hash: ed47e1ecc5db5576f6a2d4a47e083b2366bd65cc files touched by this commit
Cy Schubert (cy) search for other commits by this committer
*/*: Sync hostapd* and wpa_supplicant* with base ce276fe26d92010776

Use IFM_IEEE80211_ADHOC for now on FreeBSD for IBSS operation.

Base commit by adrian@ on Nov 26, 2015.

This commit syncs ports with base.

PR:		203086
Submitted by:	avos
MFH:		2020Q2
2.9_3
06 Apr 2021 14:31:13
commit hash: 135fdeebb99c3569e42d8162b265e15d29bd937dcommit hash: 135fdeebb99c3569e42d8162b265e15d29bd937dcommit hash: 135fdeebb99c3569e42d8162b265e15d29bd937dcommit hash: 135fdeebb99c3569e42d8162b265e15d29bd937d files touched by this commit
Mathieu Arnold (mat) search for other commits by this committer
all: Remove all other $FreeBSD keywords.
2.9_3
06 Apr 2021 14:31:07
commit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344eb files touched by this commit
Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
2.9_3
20 Jan 2021 17:14:16
Revision:562150Original commit files touched by this commit
cy search for other commits by this committer
This is the ports version of src commit
d70886d063166786ded0007af8cdcbf57b7b4827.

wpa_supplicant uses PF_ROUTE to return the routing table in order to
determine the length of the routing table buffer. As of 81728a538d24
wpa_supplicant is started before the routing table has been populated
resulting in the length of zero to be returned. This causes
wpa_supplicant to loop endlessly. (The workaround is to kill and restart
wpa_supplicant as by the time it is restarted the routing table is
populated.)

(Personally, I was not able to reproduce this unless wlan0 was a member of
lagg0. However, others experienced this problem on standalone wlan0.)

PR:		252844
Submitted by:	shu <ankohuu _ outlook.com>
Reported by:	shu <ankohuu _ outlook.com>
Reviewed by:	cy
Differential Revision:	https://reviews.freebsd.org/D28249
2.9_2
09 Jun 2020 05:48:26
Revision:538281Original commit files touched by this commit
cy search for other commits by this committer
UPnP SUBSCRIBE misbehavior in hostapd WPS AP

As published by our hostapd  upstream

Vulnerability

General security vulnerability in the way the callback URLs in the UPnP
SUBSCRIBE command are used were reported (VU#339275, CVE-2020-12695).
Some of the described issues may be applicable to the use of UPnP in WPS
AP mode functionality for supporting external registrars.

Such issues could allow a device connected to the local network (i.e., a
device that has been authorized to transmit packets in the network in
which the AP is located) could trigger the AP to initiate a HTTP
(TCP/IP) connection to an arbitrary URL, including connections to
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.9_1
20 May 2020 04:20:02
Revision:535967Original commit files touched by this commit
cy search for other commits by this committer
Chase src r361272:

Silence the once per second CTRL-EVENT-SCAN-FAILED errors when the WiFi
radio is disabled through the communication device toggle key (also known
as the RF raidio kill button). Only the CTRL-EVENT-DISCONNECTED will be
issued.

Submitted by:	avg
Reported by:	avg
MFH:		2020Q2
2.9
22 Aug 2019 03:33:56
Revision:509577Original commit files touched by this commit
cy search for other commits by this committer
Update 2.8 --> 2.9
2.8
14 Aug 2019 08:48:51
Revision:508903Original commit files touched by this commit
mat search for other commits by this committer
Convert to UCL & cleanup pkg-message (categories n)

(and missed 3 missed files from previous categories.)
2.8
17 Jun 2019 20:15:41
Revision:504433Original commit files touched by this commit
cy search for other commits by this committer
For users who build and install FreeBSD using WITHOUT_WIRELESS
simply altering /etc/rc.conf isn't enough to make use of the ports
versions of hostapd and wpa_supplicant. This is because the rc.d
scripts are not installed when WITHOUT_WIRELESS is specified as a
build option. This patch checks for the rc scripts existence and
if they do not exist, installs the ports versions of the same
scripts, which are added by this revision.

This patch does not change the package in any way and there is no way
to enable this outside of removal of hostapd or wpa_supplicant
(depending on the port). Users who build their own world using the
WITHOUT_WIRELESS flag will almost always not use binary packages. Hence
the automatic detection and install of the rc scripts. Making this an
option would IMO increase the number of bug reports due to people
inadvertently setting or not setting an option.

To enable this a person must:

1. buildworld and installworld -DWITHOUT_WIRELESS
2. Build and install the desired wpa_supplicant and/or hostapd port
   on servers one wishes to install them on.

PR:		238571
2.8
22 Apr 2019 15:56:59
Revision:499654Original commit files touched by this commit
cy search for other commits by this committer
Update wpa_supplicant/hostapd 2.7 --> 2.8
2.7_1
05 Mar 2019 03:56:22
Revision:494674Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Also document usage in pkg-message for binary package users.

PR:		236230
Reported by:	mt@markoturk.info
MFH:		2019Q1
2.7
06 Dec 2018 20:11:16
Revision:486778Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 2.6 --> 2.7
2.6_2
17 Aug 2018 02:18:42
Revision:477405Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Pet portlint.
2.6_2
17 Aug 2018 02:12:19
Revision:477404Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
leres@ suggested in D16718 and offline that I assume maintainership
of net/hostapd.

Suggested by:	leres@
Approved by:	leres@
2.6_2
17 Aug 2018 02:12:14
Revision:477403Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Chase net/wpa_supplicant r477202 and base contrib/wpa r337819.

WPA: Ignore unauthenticated encrypted EAPOL-Key data

Though hostapd is technically not vulnerable, the mitigation for
CVE-2018-14526 does apply cleanly, therefore it is applied to maintain
consistency with net/wpa_supplicant and wpa in base.

Approved by:	leres@
MFH:		2018Q3
Differential Revision:	https://reviews.freebsd.org/D16718
2.6_1
17 Aug 2018 02:12:07
Revision:477402Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
In preparation for applying security patches, switch to grouping of
patches per site as suggested by mat@.

Suggested by:	mat@
Differential Revision:	https://reviews.freebsd.org/D16718
2.6_1
03 Apr 2018 21:32:40
Revision:466381Original commit files touched by this commit This port version is marked as vulnerable.
leres search for other commits by this committer
Update patches to unbreak build with LibreSSL 2.7 and the
OpenSSL 1.1 API.

PR:		227172
Submitted by:	brnrd
Reported by:	brnrd
Reviewed by:	ler (mentor)
Approved by:	ler (mentor)
Differential Revision:	https://reviews.freebsd.org/D14957
2.6_1
21 Oct 2017 00:45:50
Revision:452566Original commit files touched by this commit This port version is marked as vulnerable.
leres search for other commits by this committer
Update pkg-descr and Makefile in my ports to use https where possible.
Remove obsolete mirrors.

 - devel/arduino
 - devel/arduino-irremote
 - net/hostapd
 - security/broccoli
 - sysutils/lbl-cf
 - sysutils/lbl-hf
 - www/mini_httpd

Reviewed by:	ler (mentor), matthew (mentor)
Approved by:	ler (mentor), matthew (mentor)
Differential Revision:	https://reviews.freebsd.org/D12748
2.6_1
17 Oct 2017 01:30:47
Revision:452257Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Add patch set 2017-1.

A vulnerability was found in how a number of implementations can be
triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by
replaying a specific frame that is used to manage the keys. Such
reinstallation of the encryption key can result in two different types
of vulnerabilities: disabling replay protection and significantly
reducing the security of encryption to the point of allowing frames to
be decrypted or some parts of the keys to be determined by an attacker
depending on which cipher is used.

Approved by:	leres (maintainer)
Security:	https://w1.fi/security/2017-1/ \
		wpa-packet-number-reuse-with-replayed-messages.txt
Security:	https://www.krackattacks.com/
MFH:		2017Q4
Differential Revision:	D12691
2.6
17 Oct 2017 01:30:44
Revision:452256Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Use https site.

Approved by:	leres (maintainer)
MFH:		2017Q4
Differential Revision:	D12691 (part of)
2.6
15 Sep 2017 18:18:26
Revision:449916Original commit files touched by this commit This port version is marked as vulnerable.
leres search for other commits by this committer
Update MAINTAINER on my ports and "Created by" on the ones I created
to use my @FreeBSD.org email address.

 - devel/arduino
 - devel/arduino-glcd
 - devel/arduino-irremote
 - devel/arduino-mk
 - devel/arduino-sevseg
 - net/hostapd
 - net/py-pcap
 - security/bro
 - security/broccoli
 - security/create-cert
 - sysutils/lbl-cf
 - sysutils/lbl-hf
 - www/mini_httpd

Reviewed by:	ler (mentor)
Approved by:	ler (mentor)
Differential Revision:	https://reviews.freebsd.org/D12374
2.6
07 May 2017 22:18:43
Revision:440391Original commit files touched by this commit This port version is marked as vulnerable.
ler search for other commits by this committer
net/hostapd fails to compile with libressl

Not bumping PORTREVISION as default options are NOT libressl

PR:		218802
Submitted by:	w.schwarzenfeld@utanet.at
Approved by:	adamw (mentor, implicit), leres@ee.lbl.gov (maintainer)
2.6
29 Mar 2017 01:49:02
Revision:437179Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix build broken by r436625.

PR:		218036
2.6
21 Mar 2017 17:50:36
Revision:436625Original commit files touched by this commit This port version is marked as vulnerable.
krion search for other commits by this committer
Update net/hostapd to 2.6 and fix multiple vulnerabilities

PR:		217907
Submitted by:	maintainer
Approved by:	mat (mentor)
Differential Revision: https://reviews.freebsd.org/D10051
2.5
30 Sep 2016 20:14:33
Revision:423019Original commit files touched by this commit This port version is marked as vulnerable.
marino search for other commits by this committer
net/hostapd: Update os_unix.h to follow os_unix.c change

For completeness, make update os_unix.h patch to match the previous
commit to os_unix.c (no impact for FreeBSD)
2.5
30 Sep 2016 17:29:08
Revision:423004Original commit files touched by this commit This port version is marked as vulnerable.
marino search for other commits by this committer
net/hostapd: Fix build on DragonFly and with LibreSSL

1. Return the driver_bsd.c patch, it's still required for DF
2. Modify the os_unix.c patch to include exception for DF
3. Add patch to fix build with LibreSSL (originates from OpenBSD)
4. There's no configure set, so replace ineffective configure arg
   with CFLAGS and LDFLAGS for non-base SSL library

Approved by:	SSL blanket and DF blanket
2.5
23 Sep 2016 18:20:11
Revision:422688Original commit files touched by this commit This port version is marked as vulnerable.
madpilot search for other commits by this committer
Update to 2.5

PR:		212779
Submitted by:	leres at ee.lbl.gov (maintainer)
2.4_2
13 Sep 2016 05:01:26
Revision:421977Original commit files touched by this commit This port version is marked as vulnerable.
marino search for other commits by this committer
net/hostapd: Remove PORTS_SSL option and use SSL_DEFAULT

The port is now configured depending on the SSL base specified by the
SSL_DEFAULT variable.  Before it would break by default if SSL_DEFAULT
was set to non-base.  This changes puts hostapd in line with the rest
of the ports tree.

Approved by:	SSL blanket
2.4_1
16 Jun 2016 13:23:13
Revision:416966Original commit files touched by this commit This port version is marked as vulnerable.
mat search for other commits by this committer
Fix usage of WITH_OPENSSL_BASE, WITH_OPENSSL_PORT and OPENSSL_PORT.

WITH_OPENSSL_* can't be set after bsd.port.pre.mk.
Fold all other usage into using SSL_DEFAULT == foo

PR:		210149
Submitted by:	mat
Exp-run by:	antoine
Sponsored by:	The FreeBSD Foundation, Absolight
Differential Revision:	https://reviews.freebsd.org/D6577
2.4_1
06 Sep 2015 17:15:42
Revision:396228Original commit files touched by this commit This port version is marked as vulnerable.
danfe search for other commits by this committer
Remove BROKEN_* statements, the port builds fine everywhere.
2.4_1
02 Jun 2015 09:52:01
Revision:388314Original commit files touched by this commit This port version is marked as vulnerable.
marino search for other commits by this committer
net/hostapd: Address 3 latest security advisories

These are combined upstream patches 2015-2, 2015-3, 2015-4
They address the following security advisories:

  * CVE-2015-4141
  * CVE-2015-4142
  * CVE-2015-4143
  * CVE-2015-4144
  * CVE-2015-4145
  * CVE-2015-4146

These advisories also apply to security/wpa_supplicant

PR:		200567
Submitted by:	Jason Unovitch
Approved by:	maintainer (Craig Leres)
2.4
03 May 2015 15:12:06
Revision:385279Original commit files touched by this commit This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Add CPE info

Approved by:	portmgr blanket
2.4
01 Apr 2015 18:57:32
Revision:382939Original commit files touched by this commit This port version is marked as vulnerable.
marino search for other commits by this committer
net/hostapd: Unbreak new version on DragonFly
2.4
29 Mar 2015 12:15:41
Revision:382595Original commit files touched by this commit This port version is marked as vulnerable.
marino search for other commits by this committer
net/hostapd: Upgrade version 2.3 => 2.4, add PORTS_SSL option

PR:		198889
Submitted by:	maintainer (leres - ee.lbl.gov)
2.3_1
15 Jan 2015 09:05:38
Revision:377064Original commit files touched by this commit This port version is marked as vulnerable.
tijl search for other commits by this committer
Add missing USE_OPENSSL=yes

PR:		195796
2.3
16 Oct 2014 07:19:53
Revision:370974Original commit files touched by this commit This port version is marked as vulnerable.
marino search for other commits by this committer
net/hostapd: Upgrade version 2.2 => 2.3

While upgrading to the latest version released last week:
  * Rebase .config file on latest sample versoin
  * Support non-default prefixes
  * Merge new contents of do-configure target into post-patch target

PR:		194315
Approved by:	maintainer: (Craig Leres)
2.2
12 Oct 2014 10:46:35
Revision:370693Original commit files touched by this commit This port version is marked as vulnerable.
marino search for other commits by this committer
net/hostapd: Update WWW + MASTER_SITES and support DragonFly

The domain for hostapd has changed from hostap.epitest.fi to w1.fi
although the former still redirects.  Update WWW and MASTER_SITES to
reflect the new name.

Regenerate the l2 packet patch so that hostapd also builds on DragonFly
(no-op for FreeBSD).

While here, rearrange makefile to remove need for <pre> and <post> and
use of $PORTNAME in $WRKSRC which would break if PORTNAME changes.
2.2
07 Jun 2014 05:26:52
Revision:356881Original commit files touched by this commit This port version is marked as vulnerable.
danilo search for other commits by this committer
- Update from 2.1 to 2.2 [1]
- Use just BSD3CLAUSE as LICENSE (according to README)

PR:		ports/190726
Submitted by:	leres@ee.lbl.gov [1]
2.1
04 Apr 2014 13:56:36
Revision:350124Original commit files touched by this commit This port version is marked as vulnerable.
bapt search for other commits by this committer
s/-script://
2.1
13 Mar 2014 10:06:42
Revision:348049Original commit files touched by this commit This port version is marked as vulnerable.
pawel search for other commits by this committer
Update to version 2.1

PR:		ports/187459
Submitted by:	maintainer
2.0
28 Feb 2014 08:42:58
Revision:346465Original commit files touched by this commit This port version is marked as vulnerable.
ehaupt search for other commits by this committer
Support staging
2.0
20 Sep 2013 22:10:25
Revision:327755Original commit files touched by this commit This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
net)
2.0
14 Aug 2013 22:35:54
Revision:324744Original commit files touched by this commit Sanity Test Failure This port version is marked as vulnerable.
ak search for other commits by this committer
- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)
2.0
02 Feb 2013 11:44:41
Revision:311422Original commit files touched by this commit This port version is marked as vulnerable.
pawel search for other commits by this committer
Update to version 2.0

PR:		ports/175438
Submitted by:	Craig Leres <leres@ee.lbl.gov> (maintainer)
1.0
18 Jun 2012 22:27:36
Original commit files touched by this commit This port version is marked as vulnerable.
jgh search for other commits by this committer
- Update to 1.0
- Use ports framework for build:
  - Bonus: Now honours CC/CFLAGS/LDFLAGS
- Remove DISTNAME override
- Update LICENSE (GPLv2 not GPLv1)
- Mark MAKE_JOBS_SAFE
- Patch Makefile to see $(CC) not "CC" when not verbose
- Pet portlint (LICENSE order)

- while here shift where arch is tested, and use MAN{1,8}PREFIX

PR:     ports/169154 (based on)
Submitted by:   koobs.freebsd@gmail.com
Approved by:    maintainer, leres@ee.lbl.gov
0.7.3
10 Nov 2011 05:38:32
Original commit files touched by this commit This port version is marked as vulnerable.
linimon search for other commits by this committer
Mark broken on powerpc as well as sparc64.  (In fact, on all the tier-2s.)

Hat:            portmgr
0.7.3
10 Aug 2011 09:13:47
Original commit files touched by this commit This port version is marked as vulnerable.
linimon search for other commits by this committer
Mark as broken on sparc64: does not compile.
0.7.3
12 Feb 2011 04:52:47
Original commit files touched by this commit This port version is marked as vulnerable.
miwi search for other commits by this committer
hostapd is a user space daemon for access point and authentication
servers. It implements IEEE 802.11 access point management, IEEE
802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and
RADIUS authentication server. The current version supports Linux
(Host AP, madwifi, mac80211-based drivers) and FreeBSD (net80211).

WWW: http://hostap.epitest.fi/hostapd/

PR:             ports/154621
Submitted by:   leres at ee.lbl.gov

Number of commits found: 65