[Buildroot] [PATCH] aircrack-ng: security bump to version 1.2-rc1

Peter Korsgaard jacmet at uclibc.org
Tue Nov 11 21:23:56 UTC 2014


>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:

Hi,

 > On 11/11/2014 05:14 PM, Peter Korsgaard wrote:
 >> > +	# libnl has issues when linking statically
 >> > +	# they need fixing in libnl itself
 >> > +	select BR2_PACKAGE_LIBNL if !BR2_PREFER_STATIC_LIB
 >> 
 >> So libnl isn't really a hard dependency? Why do we then force it for
 >> !static?

 > This one is torny i must confess :)
 > libnl isn't a hard dep, but it's recommended for functionality.
 > And also it's brought in by iw anyway, so generally it will always be
 > available, i'm just accounting for it in proper terms (documenting the
 > brokeness for static).
 > It wasn't used in the previous release directly.

Ok. It would be good with a short notice about it in the commit message.

 >> > -ifeq ($(BR2_PACKAGE_SQLITE),y)
 >> > -	AIRCRACK_NG_MAKE_OPTS = sqlite=true
 >> > -	AIRCRACK_NG_MAKE_OPTS += \
 >> > -		LIBSQL="-lsqlite3$(if $(BR2_PREFER_STATIC_LIB), -lpthread)"
 >> > +# Account for libz for openssl, and libpthread in static
 >> > +AIRCRACK_NG_LDFLAGS = $(TARGET_LDFLAGS) -lz \
 >> > +	$(if $(BR2_PREFER_STATIC_LIB),-lpthread)
 >> 
 >> Shouldn't the -lz part also be inside the PREFER_STATIC_LIB conditional?
 >> Or does aircrach-ng use zlib directly? (if so, it should select it and
 >> add it to _DEPENDENCIES)

 > This is from the previous version, so i don't have a hand in it other
 > than adding the comment.
 > Looking at the code it's used directly by wesside-ng so we have a
 > missing zlib select (no problem seen because openssl pulls it in).
 > And it's not accounted for in any docs.
 > I'll stick the select in.

Ok, thanks.

 > Frankly getting aircrack-ng to get to build on static cleanly was very
 > messy (see patches, hacks) and work still needs to be done in libnl-land.
 > I prioritized the security bump over static hence dropped the libnl
 > feature in the process, it was a compromise until i sort the libnl bits out.
 > Regards.

I don't think we need to spend a lot of effort on building something
like this statically if upstream doesn't really support it. I wouldn't
have any problems with making it depend on !STATIC.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list