From nobody Wed Jul 06 00:32:40 2022 X-Original-To: dev-commits-ports-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 47C111D0B35C; Wed, 6 Jul 2022 00:32:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ld0qr6Bnkz4pfL; Wed, 6 Jul 2022 00:32:40 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1657067560; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/8jzl8q5EOd0jhiV6KoORrQ5ekpvnrNMVqjddv9uPWE=; b=gRToHZ+ZDVN4YTiqqkdyWUCRfrwozkvPRrSFmMS4rVmPZN3PrxqekbITGNkBUUacYerxww WFkhq8ExCLl2tGfW0uLQR6ULh92kr8DbFLhQ+h+RPwLShFIK7lk2Wpm4MEljw4bgpGcIAV 0ZtKc1BCfuw6qnWdVR3Nf561jxE+FojsSsj8fV1XsUF3KWh7G/wx7ENG+z8uqjQK0lnLyA b/oHKqHv1XCZNBgfaWZElPTpMIJc5dekX6MlXVY+8JdUDKUa5+/JClTeFh1Uu4LQ0ivn6n eWRUsQSsKomK6FxjIIl4yJDiDBFlp2Of1rwSlimHIZPwD0fr+26kpF+E/UTzww== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AD03310383; Wed, 6 Jul 2022 00:32:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2660Wets042702; Wed, 6 Jul 2022 00:32:40 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2660WeaE042701; Wed, 6 Jul 2022 00:32:40 GMT (envelope-from git) Date: Wed, 6 Jul 2022 00:32:40 GMT Message-Id: <202207060032.2660WeaE042701@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Cy Schubert Subject: git: fcc343d18fd6 - 2022Q3 - wpa_supplicant* hostapd*: Resolve secondary VAP association issue List-Id: Commits to the quarterly branches of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-branches@freebsd.org X-BeenThere: dev-commits-ports-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/2022Q3 X-Git-Reftype: branch X-Git-Commit: fcc343d18fd6aaeae96ae31aa7b1406bcea518ed Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1657067560; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/8jzl8q5EOd0jhiV6KoORrQ5ekpvnrNMVqjddv9uPWE=; b=BUjSf8jvJaHYFuNweA5Vg4VlMsloRKpv1LC/weJhOFMkJXiHRxp9molX1n3iwXd4kkG4iJ Ly2/PsYVCWt3IggjSwq5W2fMxRx7Xj8N2VBmGvCjbp/ZoiCSdFeUFrMQo73T6JI/XAC1Al Av3yV5Ir3OzsMM3TFrXXJsveRR3vNr2ji62/h3ky4Bp+/sAlE4oO5aza6h91UJ8ACxdZQb IZYmJRFKmn++nThLvEjI/Mv+tPGd0gus3AV10AxTaC1WqVAv/Ya0ULHt0XMZej6TiryUi6 +SMXBb0rQRLrPf5E0YT709oCUHVefE3OE5c6ebgf6xYGm4dS/CZ8lXpmKqNpbQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1657067560; a=rsa-sha256; cv=none; b=e4owTxBIhtQlJrCwUg043lfoZGKyDydMG7IAlaDu6SR3LVjr96jX/lr2XjjBa5fv/9ue7y AdCB9jYGymv5s3mPynei38yN2IJbQelbdJUvHAi6MYZE78rIBw8KfBgBJ8jj0KKOlq7UaI BrzHjwX3To9/0icbZEqkUph6OgcADDP4d6UI54sUs1eMi9uclQNzSv9L0BmXXdk4MSSoCp pkTnOuIx8iTaf5MbkJCXw2mgcgVVSSJaRWd96qWcTW1QhKmDXMUIxwxFKYzpSJ8Aj9WN0M t1jiYERBVbyXh3hpJ7cHYxg5DcYiIf6s9Odwt6jF1HuR/B7rm7JWsvBMWLT3JA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch 2022Q3 has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=fcc343d18fd6aaeae96ae31aa7b1406bcea518ed commit fcc343d18fd6aaeae96ae31aa7b1406bcea518ed Author: J.R. Oldroyd AuthorDate: 2022-07-03 21:18:40 +0000 Commit: Cy Schubert CommitDate: 2022-07-06 00:31:53 +0000 wpa_supplicant* hostapd*: Resolve secondary VAP association issue Association will fail on a secondary open unprotected VAP when the primary VAP is configured for WPA. Examples of secondary VAPs are, hotels, universities, and commodity routers' guest networks. A broadly similar bug was discussed on Red Hat's bugzilla affecting association to a D-Link DIR-842. This suggests that as IEs were added to the 802.11 protocol the old code was increasingly inadaquate to handle the additional IEs, not only a secondary VAP. This duplcates src commit 775611ea11db here in ports. PR: 264238 Reported by: Jaskie "J.R. Oldroyd" Submitted by: "J.R. Oldroyd" (cherry picked from commit b3916c7a8d2599e99fabdc1735b095ff5a9f9381) --- net/hostapd-devel/Makefile | 1 + .../files/patch-src_drivers_driver__bsd.c | 109 ++++++++++++++++++--- net/hostapd/Makefile | 2 +- net/hostapd/files/patch-src_drivers_driver__bsd.c | 107 +++++++++++++++++--- security/wpa_supplicant-devel/Makefile | 1 + .../files/patch-src_drivers_driver__bsd.c | 109 ++++++++++++++++++--- security/wpa_supplicant/Makefile | 2 +- .../files/patch-src_drivers_driver__bsd.c | 107 +++++++++++++++++--- 8 files changed, 390 insertions(+), 48 deletions(-) diff --git a/net/hostapd-devel/Makefile b/net/hostapd-devel/Makefile index 6cc447a6a92b..59298e7651ee 100644 --- a/net/hostapd-devel/Makefile +++ b/net/hostapd-devel/Makefile @@ -2,6 +2,7 @@ PORTNAME= hostapd PORTVERSION= ${COMMIT_DATE} +PORTREVISION= 1 CATEGORIES= net PKGNAMESUFFIX= -devel diff --git a/net/hostapd-devel/files/patch-src_drivers_driver__bsd.c b/net/hostapd-devel/files/patch-src_drivers_driver__bsd.c index dda055f26664..db2f4291d682 100644 --- a/net/hostapd-devel/files/patch-src_drivers_driver__bsd.c +++ b/net/hostapd-devel/files/patch-src_drivers_driver__bsd.c @@ -1,6 +1,14 @@ ---- src/drivers/driver_bsd.c.orig 2022-05-24 13:30:39.000000000 -0700 -+++ src/drivers/driver_bsd.c 2022-06-20 07:18:14.191871000 -0700 -@@ -853,14 +853,18 @@ +--- src/drivers/driver_bsd.c.orig 2022-06-20 04:39:26.000000000 -0700 ++++ src/drivers/driver_bsd.c 2022-07-03 14:14:25.865828000 -0700 +@@ -14,6 +14,7 @@ + #include "driver.h" + #include "eloop.h" + #include "common/ieee802_11_defs.h" ++#include "common/ieee802_11_common.h" + #include "common/wpa_common.h" + + #include +@@ -853,14 +854,18 @@ drv = bsd_get_drvindex(global, ifm->ifm_index); if (drv == NULL) return; @@ -22,7 +30,50 @@ wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' UP", drv->ifname); wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, -@@ -1220,7 +1224,10 @@ +@@ -1197,13 +1202,41 @@ + } + + static int ++wpa_driver_bsd_set_rsn_wpa_ie(struct bsd_driver_data * drv, ++ struct wpa_driver_associate_params *params, const u8 *ie) ++{ ++ int privacy; ++ size_t ie_len = ie[1] ? ie[1] + 2 : 0; ++ ++ /* XXX error handling is wrong but unclear what to do... */ ++ if (wpa_driver_bsd_set_wpa_ie(drv, ie, ie_len) < 0) ++ return -1; ++ ++ privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && ++ params->group_suite == WPA_CIPHER_NONE && ++ params->key_mgmt_suite == WPA_KEY_MGMT_NONE); ++ wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, ++ privacy); ++ ++ if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) ++ return -1; ++ ++ if (ie_len && ++ set80211param(drv, IEEE80211_IOC_WPA, ++ ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) ++ return -1; ++ ++ return 0; ++} ++ ++static int + wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) + { + struct bsd_driver_data *drv = priv; + struct ieee80211req_mlme mlme; + u32 mode; +- int privacy; + int ret = 0; ++ const u8 *wpa_ie, *rsn_ie; + + wpa_printf(MSG_DEBUG, + "%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u" +@@ -1220,7 +1253,10 @@ mode = 0 /* STA */; break; case IEEE80211_MODE_IBSS: @@ -33,21 +84,55 @@ break; case IEEE80211_MODE_AP: mode = IFM_IEEE80211_HOSTAP; -@@ -1267,6 +1274,13 @@ - params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) - return -1; +@@ -1249,24 +1285,33 @@ + ret = -1; + if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0) + ret = -1; +- /* XXX error handling is wrong but unclear what to do... */ +- if (wpa_driver_bsd_set_wpa_ie(drv, params->wpa_ie, params->wpa_ie_len) < 0) +- return -1; + +- privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && +- params->group_suite == WPA_CIPHER_NONE && +- params->key_mgmt_suite == WPA_KEY_MGMT_NONE && +- params->wpa_ie_len == 0); +- wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, privacy); ++ if (params->wpa_ie_len) { ++ rsn_ie = get_ie(params->wpa_ie, params->wpa_ie_len, ++ WLAN_EID_RSN); ++ if (rsn_ie) { ++ if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, ++ rsn_ie) < 0) ++ return -1; ++ } ++ else { ++ wpa_ie = get_vendor_ie(params->wpa_ie, ++ params->wpa_ie_len, WPA_IE_VENDOR_TYPE); ++ if (wpa_ie) { ++ if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, ++ wpa_ie) < 0) ++ return -1; ++ } ++ } ++ } +- if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) + /* + * NB: interface must be marked UP for association + * or scanning (ap_scan=2) + */ + if (bsd_get_iface_flags(drv) < 0) -+ return -1; -+ + return -1; + +- if (params->wpa_ie_len && +- set80211param(drv, IEEE80211_IOC_WPA, +- params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) +- return -1; +- os_memset(&mlme, 0, sizeof(mlme)); mlme.im_op = IEEE80211_MLME_ASSOC; if (params->ssid != NULL) -@@ -1485,6 +1499,17 @@ +@@ -1485,6 +1530,17 @@ if (devcaps.dc_drivercaps & IEEE80211_C_WPA2) drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK; @@ -65,7 +150,7 @@ if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_WEP) drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 | -@@ -1493,6 +1518,7 @@ +@@ -1493,6 +1549,7 @@ drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP; if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_AES_CCM) drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP; @@ -73,7 +158,7 @@ if (devcaps.dc_drivercaps & IEEE80211_C_HOSTAP) drv->capa.flags |= WPA_DRIVER_FLAGS_AP; -@@ -1545,6 +1571,8 @@ +@@ -1545,6 +1602,8 @@ } if (ifmr.ifm_current & IFM_IEEE80211_HOSTAP) return IEEE80211_M_HOSTAP; diff --git a/net/hostapd/Makefile b/net/hostapd/Makefile index 114041a960bb..ff3f148c9dd6 100644 --- a/net/hostapd/Makefile +++ b/net/hostapd/Makefile @@ -2,7 +2,7 @@ PORTNAME= hostapd PORTVERSION= 2.10 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= net MASTER_SITES= https://w1.fi/releases/ diff --git a/net/hostapd/files/patch-src_drivers_driver__bsd.c b/net/hostapd/files/patch-src_drivers_driver__bsd.c index 2c49538712af..112a8230671c 100644 --- a/net/hostapd/files/patch-src_drivers_driver__bsd.c +++ b/net/hostapd/files/patch-src_drivers_driver__bsd.c @@ -1,6 +1,14 @@ --- src/drivers/driver_bsd.c.orig 2022-01-16 12:51:29.000000000 -0800 -+++ src/drivers/driver_bsd.c 2022-06-20 07:14:50.617305000 -0700 -@@ -853,14 +853,18 @@ ++++ src/drivers/driver_bsd.c 2022-07-03 14:12:06.167581000 -0700 +@@ -14,6 +14,7 @@ + #include "driver.h" + #include "eloop.h" + #include "common/ieee802_11_defs.h" ++#include "common/ieee802_11_common.h" + #include "common/wpa_common.h" + + #include +@@ -853,14 +854,18 @@ drv = bsd_get_drvindex(global, ifm->ifm_index); if (drv == NULL) return; @@ -22,7 +30,50 @@ wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' UP", drv->ifname); wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, -@@ -1220,7 +1224,10 @@ +@@ -1197,13 +1202,41 @@ + } + + static int ++wpa_driver_bsd_set_rsn_wpa_ie(struct bsd_driver_data * drv, ++ struct wpa_driver_associate_params *params, const u8 *ie) ++{ ++ int privacy; ++ size_t ie_len = ie[1] ? ie[1] + 2 : 0; ++ ++ /* XXX error handling is wrong but unclear what to do... */ ++ if (wpa_driver_bsd_set_wpa_ie(drv, ie, ie_len) < 0) ++ return -1; ++ ++ privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && ++ params->group_suite == WPA_CIPHER_NONE && ++ params->key_mgmt_suite == WPA_KEY_MGMT_NONE); ++ wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, ++ privacy); ++ ++ if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) ++ return -1; ++ ++ if (ie_len && ++ set80211param(drv, IEEE80211_IOC_WPA, ++ ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) ++ return -1; ++ ++ return 0; ++} ++ ++static int + wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) + { + struct bsd_driver_data *drv = priv; + struct ieee80211req_mlme mlme; + u32 mode; +- int privacy; + int ret = 0; ++ const u8 *wpa_ie, *rsn_ie; + + wpa_printf(MSG_DEBUG, + "%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u" +@@ -1220,7 +1253,10 @@ mode = 0 /* STA */; break; case IEEE80211_MODE_IBSS: @@ -33,21 +84,55 @@ break; case IEEE80211_MODE_AP: mode = IFM_IEEE80211_HOSTAP; -@@ -1267,6 +1274,13 @@ - params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) - return -1; +@@ -1249,24 +1285,33 @@ + ret = -1; + if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0) + ret = -1; +- /* XXX error handling is wrong but unclear what to do... */ +- if (wpa_driver_bsd_set_wpa_ie(drv, params->wpa_ie, params->wpa_ie_len) < 0) +- return -1; + +- privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && +- params->group_suite == WPA_CIPHER_NONE && +- params->key_mgmt_suite == WPA_KEY_MGMT_NONE && +- params->wpa_ie_len == 0); +- wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, privacy); ++ if (params->wpa_ie_len) { ++ rsn_ie = get_ie(params->wpa_ie, params->wpa_ie_len, ++ WLAN_EID_RSN); ++ if (rsn_ie) { ++ if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, ++ rsn_ie) < 0) ++ return -1; ++ } ++ else { ++ wpa_ie = get_vendor_ie(params->wpa_ie, ++ params->wpa_ie_len, WPA_IE_VENDOR_TYPE); ++ if (wpa_ie) { ++ if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, ++ wpa_ie) < 0) ++ return -1; ++ } ++ } ++ } +- if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) + /* + * NB: interface must be marked UP for association + * or scanning (ap_scan=2) + */ + if (bsd_get_iface_flags(drv) < 0) -+ return -1; -+ + return -1; + +- if (params->wpa_ie_len && +- set80211param(drv, IEEE80211_IOC_WPA, +- params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) +- return -1; +- os_memset(&mlme, 0, sizeof(mlme)); mlme.im_op = IEEE80211_MLME_ASSOC; if (params->ssid != NULL) -@@ -1485,6 +1499,17 @@ +@@ -1485,6 +1530,17 @@ if (devcaps.dc_drivercaps & IEEE80211_C_WPA2) drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK; @@ -65,7 +150,7 @@ if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_WEP) drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 | -@@ -1493,6 +1518,7 @@ +@@ -1493,6 +1549,7 @@ drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP; if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_AES_CCM) drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP; @@ -73,7 +158,7 @@ if (devcaps.dc_drivercaps & IEEE80211_C_HOSTAP) drv->capa.flags |= WPA_DRIVER_FLAGS_AP; -@@ -1545,6 +1571,8 @@ +@@ -1545,6 +1602,8 @@ } if (ifmr.ifm_current & IFM_IEEE80211_HOSTAP) return IEEE80211_M_HOSTAP; diff --git a/security/wpa_supplicant-devel/Makefile b/security/wpa_supplicant-devel/Makefile index 7beb397b67a2..efae4a6c5792 100644 --- a/security/wpa_supplicant-devel/Makefile +++ b/security/wpa_supplicant-devel/Makefile @@ -1,5 +1,6 @@ PORTNAME= wpa_supplicant PORTVERSION= ${COMMIT_DATE} +PORTREVISION= 1 CATEGORIES= security net PKGNAMESUFFIX= -devel diff --git a/security/wpa_supplicant-devel/files/patch-src_drivers_driver__bsd.c b/security/wpa_supplicant-devel/files/patch-src_drivers_driver__bsd.c index 6a400fd174c2..19470678ef08 100644 --- a/security/wpa_supplicant-devel/files/patch-src_drivers_driver__bsd.c +++ b/security/wpa_supplicant-devel/files/patch-src_drivers_driver__bsd.c @@ -1,6 +1,14 @@ ---- src/drivers/driver_bsd.c.orig 2022-05-24 13:30:39.000000000 -0700 -+++ src/drivers/driver_bsd.c 2022-06-20 07:13:36.571991000 -0700 -@@ -853,14 +853,18 @@ +--- src/drivers/driver_bsd.c.orig 2022-06-20 04:39:26.000000000 -0700 ++++ src/drivers/driver_bsd.c 2022-07-03 14:15:42.260043000 -0700 +@@ -14,6 +14,7 @@ + #include "driver.h" + #include "eloop.h" + #include "common/ieee802_11_defs.h" ++#include "common/ieee802_11_common.h" + #include "common/wpa_common.h" + + #include +@@ -853,14 +854,18 @@ drv = bsd_get_drvindex(global, ifm->ifm_index); if (drv == NULL) return; @@ -22,7 +30,50 @@ wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' UP", drv->ifname); wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, -@@ -1220,7 +1224,10 @@ +@@ -1197,13 +1202,41 @@ + } + + static int ++wpa_driver_bsd_set_rsn_wpa_ie(struct bsd_driver_data * drv, ++ struct wpa_driver_associate_params *params, const u8 *ie) ++{ ++ int privacy; ++ size_t ie_len = ie[1] ? ie[1] + 2 : 0; ++ ++ /* XXX error handling is wrong but unclear what to do... */ ++ if (wpa_driver_bsd_set_wpa_ie(drv, ie, ie_len) < 0) ++ return -1; ++ ++ privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && ++ params->group_suite == WPA_CIPHER_NONE && ++ params->key_mgmt_suite == WPA_KEY_MGMT_NONE); ++ wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, ++ privacy); ++ ++ if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) ++ return -1; ++ ++ if (ie_len && ++ set80211param(drv, IEEE80211_IOC_WPA, ++ ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) ++ return -1; ++ ++ return 0; ++} ++ ++static int + wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) + { + struct bsd_driver_data *drv = priv; + struct ieee80211req_mlme mlme; + u32 mode; +- int privacy; + int ret = 0; ++ const u8 *wpa_ie, *rsn_ie; + + wpa_printf(MSG_DEBUG, + "%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u" +@@ -1220,7 +1253,10 @@ mode = 0 /* STA */; break; case IEEE80211_MODE_IBSS: @@ -33,21 +84,55 @@ break; case IEEE80211_MODE_AP: mode = IFM_IEEE80211_HOSTAP; -@@ -1267,6 +1274,13 @@ - params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) - return -1; +@@ -1249,24 +1285,33 @@ + ret = -1; + if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0) + ret = -1; +- /* XXX error handling is wrong but unclear what to do... */ +- if (wpa_driver_bsd_set_wpa_ie(drv, params->wpa_ie, params->wpa_ie_len) < 0) +- return -1; + +- privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && +- params->group_suite == WPA_CIPHER_NONE && +- params->key_mgmt_suite == WPA_KEY_MGMT_NONE && +- params->wpa_ie_len == 0); +- wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, privacy); ++ if (params->wpa_ie_len) { ++ rsn_ie = get_ie(params->wpa_ie, params->wpa_ie_len, ++ WLAN_EID_RSN); ++ if (rsn_ie) { ++ if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, ++ rsn_ie) < 0) ++ return -1; ++ } ++ else { ++ wpa_ie = get_vendor_ie(params->wpa_ie, ++ params->wpa_ie_len, WPA_IE_VENDOR_TYPE); ++ if (wpa_ie) { ++ if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, ++ wpa_ie) < 0) ++ return -1; ++ } ++ } ++ } +- if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) + /* + * NB: interface must be marked UP for association + * or scanning (ap_scan=2) + */ + if (bsd_get_iface_flags(drv) < 0) -+ return -1; -+ + return -1; + +- if (params->wpa_ie_len && +- set80211param(drv, IEEE80211_IOC_WPA, +- params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) +- return -1; +- os_memset(&mlme, 0, sizeof(mlme)); mlme.im_op = IEEE80211_MLME_ASSOC; if (params->ssid != NULL) -@@ -1485,6 +1499,17 @@ +@@ -1485,6 +1530,17 @@ if (devcaps.dc_drivercaps & IEEE80211_C_WPA2) drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK; @@ -65,7 +150,7 @@ if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_WEP) drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 | -@@ -1493,6 +1518,7 @@ +@@ -1493,6 +1549,7 @@ drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP; if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_AES_CCM) drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP; @@ -73,7 +158,7 @@ if (devcaps.dc_drivercaps & IEEE80211_C_HOSTAP) drv->capa.flags |= WPA_DRIVER_FLAGS_AP; -@@ -1545,6 +1571,8 @@ +@@ -1545,6 +1602,8 @@ } if (ifmr.ifm_current & IFM_IEEE80211_HOSTAP) return IEEE80211_M_HOSTAP; diff --git a/security/wpa_supplicant/Makefile b/security/wpa_supplicant/Makefile index 1b3e5889d2c6..d58333174c06 100644 --- a/security/wpa_supplicant/Makefile +++ b/security/wpa_supplicant/Makefile @@ -1,6 +1,6 @@ PORTNAME= wpa_supplicant PORTVERSION= 2.10 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= security net MASTER_SITES= https://w1.fi/releases/ diff --git a/security/wpa_supplicant/files/patch-src_drivers_driver__bsd.c b/security/wpa_supplicant/files/patch-src_drivers_driver__bsd.c index 440233164126..56df017d59d1 100644 --- a/security/wpa_supplicant/files/patch-src_drivers_driver__bsd.c +++ b/security/wpa_supplicant/files/patch-src_drivers_driver__bsd.c @@ -1,6 +1,14 @@ --- src/drivers/driver_bsd.c.orig 2022-01-16 12:51:29.000000000 -0800 -+++ src/drivers/driver_bsd.c 2022-06-20 07:11:44.629814000 -0700 -@@ -853,14 +853,18 @@ ++++ src/drivers/driver_bsd.c 2022-07-03 14:09:49.672011000 -0700 +@@ -14,6 +14,7 @@ + #include "driver.h" + #include "eloop.h" + #include "common/ieee802_11_defs.h" ++#include "common/ieee802_11_common.h" + #include "common/wpa_common.h" + + #include +@@ -853,14 +854,18 @@ drv = bsd_get_drvindex(global, ifm->ifm_index); if (drv == NULL) return; @@ -22,7 +30,50 @@ wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' UP", drv->ifname); wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, -@@ -1220,7 +1224,10 @@ +@@ -1197,13 +1202,41 @@ + } + + static int ++wpa_driver_bsd_set_rsn_wpa_ie(struct bsd_driver_data * drv, ++ struct wpa_driver_associate_params *params, const u8 *ie) ++{ ++ int privacy; ++ size_t ie_len = ie[1] ? ie[1] + 2 : 0; ++ ++ /* XXX error handling is wrong but unclear what to do... */ ++ if (wpa_driver_bsd_set_wpa_ie(drv, ie, ie_len) < 0) ++ return -1; ++ ++ privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && ++ params->group_suite == WPA_CIPHER_NONE && ++ params->key_mgmt_suite == WPA_KEY_MGMT_NONE); ++ wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, ++ privacy); ++ ++ if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) ++ return -1; ++ ++ if (ie_len && ++ set80211param(drv, IEEE80211_IOC_WPA, ++ ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) ++ return -1; ++ ++ return 0; ++} ++ ++static int + wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) + { + struct bsd_driver_data *drv = priv; + struct ieee80211req_mlme mlme; + u32 mode; +- int privacy; + int ret = 0; ++ const u8 *wpa_ie, *rsn_ie; + + wpa_printf(MSG_DEBUG, + "%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u" +@@ -1220,7 +1253,10 @@ mode = 0 /* STA */; break; case IEEE80211_MODE_IBSS: @@ -33,21 +84,55 @@ break; case IEEE80211_MODE_AP: mode = IFM_IEEE80211_HOSTAP; -@@ -1267,6 +1274,13 @@ - params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) - return -1; +@@ -1249,24 +1285,33 @@ + ret = -1; + if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0) + ret = -1; +- /* XXX error handling is wrong but unclear what to do... */ +- if (wpa_driver_bsd_set_wpa_ie(drv, params->wpa_ie, params->wpa_ie_len) < 0) +- return -1; + +- privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && +- params->group_suite == WPA_CIPHER_NONE && +- params->key_mgmt_suite == WPA_KEY_MGMT_NONE && +- params->wpa_ie_len == 0); +- wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, privacy); ++ if (params->wpa_ie_len) { ++ rsn_ie = get_ie(params->wpa_ie, params->wpa_ie_len, ++ WLAN_EID_RSN); ++ if (rsn_ie) { ++ if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, ++ rsn_ie) < 0) ++ return -1; ++ } ++ else { ++ wpa_ie = get_vendor_ie(params->wpa_ie, ++ params->wpa_ie_len, WPA_IE_VENDOR_TYPE); ++ if (wpa_ie) { ++ if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, ++ wpa_ie) < 0) ++ return -1; ++ } ++ } ++ } +- if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) + /* + * NB: interface must be marked UP for association + * or scanning (ap_scan=2) + */ + if (bsd_get_iface_flags(drv) < 0) -+ return -1; -+ + return -1; + +- if (params->wpa_ie_len && +- set80211param(drv, IEEE80211_IOC_WPA, +- params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) +- return -1; +- os_memset(&mlme, 0, sizeof(mlme)); mlme.im_op = IEEE80211_MLME_ASSOC; if (params->ssid != NULL) -@@ -1485,6 +1499,17 @@ +@@ -1485,6 +1530,17 @@ if (devcaps.dc_drivercaps & IEEE80211_C_WPA2) drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK; @@ -65,7 +150,7 @@ if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_WEP) drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 | -@@ -1493,6 +1518,7 @@ +@@ -1493,6 +1549,7 @@ drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP; if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_AES_CCM) drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP; @@ -73,7 +158,7 @@ if (devcaps.dc_drivercaps & IEEE80211_C_HOSTAP) drv->capa.flags |= WPA_DRIVER_FLAGS_AP; -@@ -1545,6 +1571,8 @@ +@@ -1545,6 +1602,8 @@ } if (ifmr.ifm_current & IFM_IEEE80211_HOSTAP) return IEEE80211_M_HOSTAP;