Remove $FreeBSD$: one-line sh pattern

Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/

wpa: Import wpa_supplicant/hostapd commits up to b4f7506ff

Merge vendor commits 40c7ff83e74eabba5a7e2caefeea12372b2d3f9a,
efec8223892b3e677acb46eae84ec3534989971f, and
2f6c3ea9600b494d24cac5a38c1cea0ac192245e.

Tested by: philip
MFC after: 2 months

wpa: Fix a SIGBUS error in wpa_sm_set_rekey_offload

Incorrectly linked built-in wpa functions resulted in overwriting
sm->ctx->set_rekey_offload with garbage. It was initialized correctly
however it changed after wpa_supplicant became a daemon.

No SIGBUS violations reported by dhw@ were experienced during testing
of the original commit by msyelf or philip@.

Reported by: dhw
Tested by: dhw
MFC after: 2 months
X-MFC with: 25ecdc7d52770caf1c9b44b5ec11f468f6b636f3

wpa: Restructure wpa build

The current WPA build assumes a flat namespace. However the latest sources
from w1.fi now have a duplicate config.c, in two separate subdirectories.
The flat namespace will overwrite config.o with the output from the most
recently modified config.c, of which there are two of them.

This commit resolves this problem by building each component in
wpa's src subdirectory tree into its own .a archive, just as the w1.fi
upstream build as used by the port does. The advantages of this approach
are:

1. Duplicate source file names, i.e. config.c in the wpa_supplicant
direcory and another config.c in src/utils in the next wpa
will result in both compiles writing to the same .o file.

2. This restructure simplifies maintanence. A develper needs only to add
new files as identified by git status in the vendor branch to the
appropriate Makefile within the usr.sbin/wpa tree. This also reduces
time required to prepare a new import and should reduce error.

3. The new wpa build structure more closely represents the build as
performed by the upstream tarball.

This is in preparation for the next wpa update from w1.fi.

Reviewed by: philip
Tested by: philip
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D30372

[wpa] Add support for hostapd/wpa_supplicant when WITHOUT_CRYPT=YES
is enabled.

This builds wpa_supplicant / hostpad using internal encryption routines
rather than using libcrypt.

This has been supported in wpa for years now, however since we use
local makefiles for this, we bitrotted dependencies and configuration
options.

Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D27958

MK_OPENSSL makes RELEASE_CRUNCH redundant here

Since these things are more completely controlled by the MK_OPENSSL knob, remove
RELEASE_CRUNCH here. It's no longer needed for the release and other users can
use the more proper knob if they so desire.

MFV r346563:

Update wpa_supplicant/hostapd 2.7 --> 2.8

Upstream documents the following advisories:

- https://w1.fi/security/2019-1/sae-side-channel-attacks.txt
- https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt
- https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
- https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
- https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-\
with-unexpected-fragment.txt

Relnotes: yes
MFC after: 1 week (or less)
Security: CVE-2019-9494, VU#871675, CVE-2019-9495, CVE-2019-9496,
CVE-2019-9497, CVE-2019-9498, CVE-2019-9499

MFV r341618:

Update wpa 2.6 --> 2.7.

Update hostapd/wpa_supplicant to version 2.5.

Tested by several people on current@/wireless@.

Relnotes: yes

Fix wpa/hostapd build without OpenSSL.

Convert usr.sbin to LIBADD
Reduce overlinking

Merge hostapd / wpa_supplicant 2.0.

Reviewed by: adrian (driver_bsd + usr.sbin/wpa)

Move crypto stuff into a common Makefile. While here fix the
WITHOUT_OPENSSL build by using the wpa's internal crypto support if
openssl is not available, this allows us to unconditionally enable
EAP support.

MFC after: 2 weeks

wpa: Fix a SIGBUS error in wpa_sm_set_rekey_offload

Incorrectly linked built-in wpa functions resulted in overwriting
sm->ctx->set_rekey_offload with garbage. It was initialized correctly
however it changed after wpa_supplicant became a daemon.

No SIGBUS violations reported by dhw@ were experienced during testing
of the original commit by msyelf or philip@.

Reported by: dhw
Tested by: dhw
MFC after: 2 months
X-MFC with: 25ecdc7d52770caf1c9b44b5ec11f468f6b636f3

wpa: Restructure wpa build

The current WPA build assumes a flat namespace. However the latest sources
from w1.fi now have a duplicate config.c, in two separate subdirectories.
The flat namespace will overwrite config.o with the output from the most
recently modified config.c, of which there are two of them.

This commit resolves this problem by building each component in
wpa's src subdirectory tree into its own .a archive, just as the w1.fi
upstream build as used by the port does. The advantages of this approach
are:

1. Duplicate source file names, i.e. config.c in the wpa_supplicant
direcory and another config.c in src/utils in the next wpa
will result in both compiles writing to the same .o file.

2. This restructure simplifies maintanence. A develper needs only to add
new files as identified by git status in the vendor branch to the
appropriate Makefile within the usr.sbin/wpa tree. This also reduces
time required to prepare a new import and should reduce error.

3. The new wpa build structure more closely represents the build as
performed by the upstream tarball.

This is in preparation for the next wpa update from w1.fi.

Reviewed by: philip
Tested by: philip
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D30372

[wpa] Add support for hostapd/wpa_supplicant when WITHOUT_CRYPT=YES
is enabled.

This builds wpa_supplicant / hostpad using internal encryption routines
rather than using libcrypt.

This has been supported in wpa for years now, however since we use
local makefiles for this, we bitrotted dependencies and configuration
options.

Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D27958

MK_OPENSSL makes RELEASE_CRUNCH redundant here

Since these things are more completely controlled by the MK_OPENSSL knob, remove
RELEASE_CRUNCH here. It's no longer needed for the release and other users can
use the more proper knob if they so desire.

Fix wpa/hostapd build without OpenSSL.

Convert usr.sbin to LIBADD
Reduce overlinking

Move crypto stuff into a common Makefile. While here fix the
WITHOUT_OPENSSL build by using the wpa's internal crypto support if
openssl is not available, this allows us to unconditionally enable
EAP support.

MFC after: 2 weeks