@ -1,4 +1,4 @@
{ lib , stdenv , fetchurl , pkg-config , libnl , openssl , sqlite ? null }:
{ lib , stdenv , fetchurl , fetchpatch , pkg-config , libnl , openssl , sqlite ? null }:
stdenv . mkDerivation rec {
pname = " h o s t a p d " ;
@ -43,6 +43,12 @@ stdenv.mkDerivation rec {
url = " h t t p s : / / w 1 . f i / s e c u r i t y / 2 0 2 0 - 1 / 0 0 0 3 - W P S - U P n P - H a n d l e - H T T P - i n i t i a t i o n - f a i l u r e s - f o r - e v e n t s - . p a t c h " ;
sha256 = " 1 2 n p q p 2 s k g r j 9 3 4 w w k q i c g q k s m a 0 f x z 0 9 d i 2 9 n 1 b 5 f m 5 i 4 n j l 8 d 8 " ;
} )
# In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
( fetchpatch {
name = " C V E - 2 0 2 1 - 3 0 0 0 4 . p a t c h " ;
url = " h t t p s : / / w 1 . f i / c g i t / h o s t a p / p a t c h / ? i d = a 0 5 4 1 3 3 4 a 6 3 9 4 f 8 2 3 7 a 4 3 9 3 b 7 3 7 2 6 9 3 c d 7 e 9 6 f 1 5 " ;
sha256 = " 1 g b h l z 4 1 x 1 a r 1 h p p n b 7 6 p q x j 6 v i m i y p y 7 c 4 k q 6 h 6 5 8 6 3 7 s 4 a m 3 x g " ;
} )
] ;
outputs = [ " o u t " " m a n " ] ;