[Buildroot] [PATCH] aircrack-ng: security bump to version 1.2-rc1

Gustavo Zacarias gustavo at zacarias.com.ar
Tue Nov 11 20:24:51 UTC 2014


On 11/11/2014 05:14 PM, Peter Korsgaard wrote:

>  > +	# libnl has issues when linking statically
>  > +	# they need fixing in libnl itself
>  > +	select BR2_PACKAGE_LIBNL if !BR2_PREFER_STATIC_LIB
> 
> So libnl isn't really a hard dependency? Why do we then force it for
> !static?

This one is torny i must confess :)
libnl isn't a hard dep, but it's recommended for functionality.
And also it's brought in by iw anyway, so generally it will always be
available, i'm just accounting for it in proper terms (documenting the
brokeness for static).
It wasn't used in the previous release directly.

>  >  	select BR2_PACKAGE_OPENSSL
>  >  	select BR2_PACKAGE_IW # runtime
>  >  	depends on BR2_TOOLCHAIN_HAS_THREADS
> 
>  > --- a/package/aircrack-ng/aircrack-ng.mk
>  > +++ b/package/aircrack-ng/aircrack-ng.mk
>  > @@ -4,33 +4,54 @@
>  >  #
>  >  ################################################################################
>  
>  > -AIRCRACK_NG_VERSION = 1.1
>  > +AIRCRACK_NG_VERSION = 1.2-rc1
>  >  AIRCRACK_NG_SITE = http://download.aircrack-ng.org
>  >  AIRCRACK_NG_LICENSE = GPLv2+
>  >  AIRCRACK_NG_LICENSE_FILES = LICENSE
>  > -AIRCRACK_NG_DEPENDENCIES = openssl
>  > +AIRCRACK_NG_DEPENDENCIES = openssl host-pkgconf
>  
>  > -ifeq ($(BR2_PACKAGE_SQLITE),y)
>  > -	AIRCRACK_NG_MAKE_OPTS = sqlite=true
>  > -	AIRCRACK_NG_MAKE_OPTS += \
>  > -		LIBSQL="-lsqlite3$(if $(BR2_PREFER_STATIC_LIB), -lpthread)"
>  > +# Account for libz for openssl, and libpthread in static
>  > +AIRCRACK_NG_LDFLAGS = $(TARGET_LDFLAGS) -lz \
>  > +	$(if $(BR2_PREFER_STATIC_LIB),-lpthread)
> 
> Shouldn't the -lz part also be inside the PREFER_STATIC_LIB conditional?
> Or does aircrach-ng use zlib directly? (if so, it should select it and
> add it to _DEPENDENCIES)

This is from the previous version, so i don't have a hand in it other
than adding the comment.
Looking at the code it's used directly by wesside-ng so we have a
missing zlib select (no problem seen because openssl pulls it in).
And it's not accounted for in any docs.
I'll stick the select in.

Frankly getting aircrack-ng to get to build on static cleanly was very
messy (see patches, hacks) and work still needs to be done in libnl-land.
I prioritized the security bump over static hence dropped the libnl
feature in the process, it was a compromise until i sort the libnl bits out.
Regards.




More information about the buildroot mailing list