From nobody Fri Sep 15 14:08:49 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RnGJK5vFKz4sV5b; Fri, 15 Sep 2023 14:08:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RnGJK3Ppjz4GJL; Fri, 15 Sep 2023 14:08:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694786929; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8u3vTLr3noNDJ44g9FT8hVzFnbyqUDQWWUErIwGDrUY=; b=T/udh+xfw6sp/rfiUha3UZp3OORLUiT28wFAcdA2gYyoiAl7BA/N5pH7I1rjp7fo2vSgLw HNxerdITE6oqguoBlB+kl7pTq9mnpCpxh4VT6v5AtJKrivDiexC3QPVSlMoX44tvilYCjT NPligMg2Lgd5tHTc7q/Zwrmrhu55ey+lJNznXMCdxXWVT4+UN6S2dXNBxVc7LbIf1WjFi5 MmyfPXAE8V//kItbhJWIbDqJkWx16GGePHEb6IPIeCUxfAkc7je17f41gHZGBb3meePBv/ WyXjksR8q8hxAg2D75cnyfQYTfCmGv6z9Eq54BM2fg3GqV4FGh6gRcHWFQATHw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694786929; a=rsa-sha256; cv=none; b=XnR0YyQ1LczE24qWGrsLyC4tzOSML3+1cXgObc0JJeeecP9+HhVR/KVLhUfRClSdmTpoty pii7Y9jSGr3a8NJ7bhke++A5GtKL+dWjnEmNPd/oD7NyTsdLLdjzz6ErEP7ymfRURW1iRI 5gsLPKpnuZZMwUPERRTfeEKn1zx17ddPRcCTvzWQXqhEQnzeZKPctcr1nK5BU2HEJVnOvB oK6XcSCNYn7KTEzo5CIIYcVf6/rA21Kabk8hQDVrLYSA9a7RZX0PSMoEeDPwBRgxy6xkjL +j+ky36auCpcpsmgsNkhtp5NAwHrg8+Tjw6L7Pz7P68f+bVdqANBEir+qKBQgg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694786929; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8u3vTLr3noNDJ44g9FT8hVzFnbyqUDQWWUErIwGDrUY=; b=Ci3osFC0C11OBliWpDEar98l8owrSlc7AqL3WBbNfwnTt2SRZp6hgfQYNaWPsVejNHPHWr fRNMYojV73PDXCtp8ZUu/RkLNVa035oiOC8UYho0/uJb65lMBGlpg8Wb8PfRc7MRY61qBt 9HwaiRpZv6D8f91MN8NV8G+LGC5pw361JlxFpZGBGhM8gHQIIcAv+u0kfGY7sl4/OhP+CU Gq8QCQ2rPdNQeBmMDr+vUb9gUfiTMv150Bff5Z3anEuLwDd0tu07Yz/hGoH0sGb2mI67Qm Vc1kHhVPo5l+cNVlHIG6GuZrPwQlNGffFGSVVOlORyH6shvOMCilkM2deLAYzA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RnGJK2VsczBqp; Fri, 15 Sep 2023 14:08:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 38FE8nUV090880; Fri, 15 Sep 2023 14:08:49 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 38FE8njj090877; Fri, 15 Sep 2023 14:08:49 GMT (envelope-from git) Date: Fri, 15 Sep 2023 14:08:49 GMT Message-Id: <202309151408.38FE8njj090877@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Cy Schubert Subject: git: 795667c94c9e - 2023Q3 - security/wpa_supplicant-devel: wpa: Enable receiving priority tagged (VID 0) frames List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/2023Q3 X-Git-Reftype: branch X-Git-Commit: 795667c94c9e8d44a37b32b203138c4f328f0caa Auto-Submitted: auto-generated The branch 2023Q3 has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=795667c94c9e8d44a37b32b203138c4f328f0caa commit 795667c94c9e8d44a37b32b203138c4f328f0caa Author: R. Christian McDonald AuthorDate: 2023-09-12 05:25:52 +0000 Commit: Cy Schubert CommitDate: 2023-09-15 14:07:45 +0000 security/wpa_supplicant-devel: wpa: Enable receiving priority tagged (VID 0) frames Certain internet service providers transmit vlan 0 priority tagged EAPOL frames from the ONT towards the residential gateway. VID 0 should be ignored, and the frame processed according to the priority set in the 802.1P bits and the encapsulated EtherType (i.e. EAPOL). The pcap filter utilized by l2_packet is inadquate for this use case. Here we modify the pcap filter to accept both unencapsulated and encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the original filter behavior while also matching on encapsulated EAPOL. Sponsored by: Rubicon Communications, LLC ("Netgate") Reviewed by: cy Obtained from: src bb5d6d14d81b PR: 273696 (cherry picked from commit 218c7064c3d83484a007ee54cc6556d58c657b4b) --- security/wpa_supplicant-devel/Makefile | 2 +- .../patch-src_l2__packet_l2__packet__freebsd.c | 30 ++++++++++++++++++++-- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/security/wpa_supplicant-devel/Makefile b/security/wpa_supplicant-devel/Makefile index ccc6c1b32cdd..c45a6aff8251 100644 --- a/security/wpa_supplicant-devel/Makefile +++ b/security/wpa_supplicant-devel/Makefile @@ -1,6 +1,6 @@ PORTNAME= wpa_supplicant PORTVERSION= ${COMMIT_DATE} -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security net PKGNAMESUFFIX= -devel diff --git a/security/wpa_supplicant-devel/files/patch-src_l2__packet_l2__packet__freebsd.c b/security/wpa_supplicant-devel/files/patch-src_l2__packet_l2__packet__freebsd.c index 224ca67ee95f..74a89e71f0f8 100644 --- a/security/wpa_supplicant-devel/files/patch-src_l2__packet_l2__packet__freebsd.c +++ b/security/wpa_supplicant-devel/files/patch-src_l2__packet_l2__packet__freebsd.c @@ -1,5 +1,5 @@ --- src/l2_packet/l2_packet_freebsd.c.orig 2023-09-05 10:38:47.000000000 -0700 -+++ src/l2_packet/l2_packet_freebsd.c 2023-09-11 22:12:22.076149000 -0700 ++++ src/l2_packet/l2_packet_freebsd.c 2023-09-11 22:20:43.328481000 -0700 @@ -8,7 +8,10 @@ */ @@ -12,7 +12,15 @@ #include #endif /* __APPLE__ */ #include -@@ -76,24 +79,28 @@ +@@ -20,6 +23,7 @@ + #include + #endif /* __sun__ */ + ++#include + #include + #include + #include +@@ -76,24 +80,33 @@ { struct l2_packet_data *l2 = eloop_ctx; pcap_t *pcap = sock_ctx; @@ -43,6 +51,24 @@ buf = (unsigned char *) (ethhdr + 1); - len = hdr.caplen - sizeof(*ethhdr); + len = hdr->caplen - sizeof(*ethhdr); ++ /* handle 8021Q encapsulated frames */ ++ if (ethhdr->h_proto == htons(ETH_P_8021Q)) { ++ buf += ETHER_VLAN_ENCAP_LEN; ++ len -= ETHER_VLAN_ENCAP_LEN; ++ } } l2->rx_callback(l2->rx_callback_ctx, ethhdr->h_source, buf, len); } +@@ -122,10 +135,10 @@ + os_snprintf(pcap_filter, sizeof(pcap_filter), + "not ether src " MACSTR " and " + "( ether dst " MACSTR " or ether dst " MACSTR " ) and " +- "ether proto 0x%x", ++ "( ether proto 0x%x or ( vlan 0 and ether proto 0x%x ) )", + MAC2STR(l2->own_addr), /* do not receive own packets */ + MAC2STR(l2->own_addr), MAC2STR(pae_group_addr), +- protocol); ++ protocol, protocol); + if (pcap_compile(l2->pcap, &pcap_fp, pcap_filter, 1, pcap_netp) < 0) { + fprintf(stderr, "pcap_compile: %s\n", pcap_geterr(l2->pcap)); + return -1;