From nobody Fri Sep 15 14:08:48 2023 X-Original-To: dev-commits-ports-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RnGJJ5F85z4sTxQ; Fri, 15 Sep 2023 14:08:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RnGJJ2gzvz4G6x; Fri, 15 Sep 2023 14:08:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694786928; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BMljuUobrGwAvWHQqRV7IkUTTysOT7qMXDAb0ud8bdM=; b=Meg2Jx2w1ahMEei5/NdsqsCZbReMEZYa33ee9cIluxd1czzGgIgsQPjTL2pF1amRXTMYNo iY/fkAPi+AMmC3xtiF4Nie/J0hTNTkVZ+8tCWJE5dZDcfOtONkARep4Pv09TrH/WZadE++ mS6p/UILrPWE+/wkm8Jz82cxpBDvht5vmdEaHeO1Tp+S5w7Fx8VLPPxratoRzNgSdMJ0f8 76sFD35hEJLKyUMMVivjE7qGmeZrqAcp9bjpNq8eMIpig8Lf2ArK1umHNs5yt6iBO9F1iY +ZlV9TLXTg6zqfBoqL1kFHHh31+4RAqLvBN88foEwwC6ngts/QNq92pAgLNllA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694786928; a=rsa-sha256; cv=none; b=kbrTtri9U3tg4eMfvZPp/n9J9ZK7SDA3mYwb2wtBBlY9JWPe20pGI3meceOKGuZCYt6K9L wFaH3sWRUfjVC3+/Sd8tVi9WD+n0MGylOEQm/G/mzKZ+bu1lpDsIfzqNbTTggbFPdn/5A0 ADuDY9YMOVRWB3at9WnnfJd2v3HwprneKXNQMwuoI/9pkQTLGJ1mJegnE2d9neMF3kybhE oU602DjFz4pX1t/2pfHTSpLUV8AbDbgzjw8Tjq1z6q1M4UK5ItF6qChvUr/Oc+oLYc8Czr hiARMnpQsfDyI+77JOgI7Zl5QOOMhaWxZBQ4FbNsEXi8GdFfpwAgruuk6w191w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694786928; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BMljuUobrGwAvWHQqRV7IkUTTysOT7qMXDAb0ud8bdM=; b=rn0AKOEaJXi9Drae+fhOOYxJymZn7/4Lq0GEJDjjX8fwpwduWvfoIjQkbT/XO3r5gXZbcG dcnx+Z/DKIjSgaSMUa8fRXX6hB8JCQaKYpAyoL9RvjnJbrWXvsv3UHvcb+4PmAvhYpxgHJ AuEGiXna7himGLQdq8+J5M8URsldHzHbB1T+cB6W+Lbul8s18m0UXV4DKRq/uVgg/dub2m uRJG1gpfde6btShKkrEXdWAA0QS3mhapJDpMsY6hpmyUB6pFY9Zdld+Rc8M0yGbvUbTAT6 4WRjhn2zRyrshkl3bJFIYi20aCPtAahmiQPE0qPCNsyQBMmP0oiNlNcRsuwXyw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RnGJJ1ngzzBVK; Fri, 15 Sep 2023 14:08:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 38FE8mIU090818; Fri, 15 Sep 2023 14:08:48 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 38FE8mBK090815; Fri, 15 Sep 2023 14:08:48 GMT (envelope-from git) Date: Fri, 15 Sep 2023 14:08:48 GMT Message-Id: <202309151408.38FE8mBK090815@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Cy Schubert Subject: git: e09453d1ecfe - 2023Q3 - security/wpa_supplicant: wpa: Enable receiving priority tagged (VID 0) frames List-Id: Commits to the quarterly branches of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-branches@freebsd.org X-BeenThere: dev-commits-ports-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/2023Q3 X-Git-Reftype: branch X-Git-Commit: e09453d1ecfe3010b64a5f240df497dec741551c Auto-Submitted: auto-generated The branch 2023Q3 has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=e09453d1ecfe3010b64a5f240df497dec741551c commit e09453d1ecfe3010b64a5f240df497dec741551c Author: R. Christian McDonald AuthorDate: 2023-09-12 05:24:29 +0000 Commit: Cy Schubert CommitDate: 2023-09-15 14:07:45 +0000 security/wpa_supplicant: wpa: Enable receiving priority tagged (VID 0) frames Certain internet service providers transmit vlan 0 priority tagged EAPOL frames from the ONT towards the residential gateway. VID 0 should be ignored, and the frame processed according to the priority set in the 802.1P bits and the encapsulated EtherType (i.e. EAPOL). The pcap filter utilized by l2_packet is inadquate for this use case. Here we modify the pcap filter to accept both unencapsulated and encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the original filter behavior while also matching on encapsulated EAPOL. Sponsored by: Rubicon Communications, LLC ("Netgate") Reviewed by: cy Obtained from: src bb5d6d14d81b PR: 273696 (cherry picked from commit 3a88706af1e87ff0bd2857398137194da462c85c) --- security/wpa_supplicant/Makefile | 2 +- .../patch-src_l2__packet_l2__packet__freebsd.c | 30 ++++++++++++++++++++-- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/security/wpa_supplicant/Makefile b/security/wpa_supplicant/Makefile index 4c39d4748128..917544b9cf72 100644 --- a/security/wpa_supplicant/Makefile +++ b/security/wpa_supplicant/Makefile @@ -1,6 +1,6 @@ PORTNAME= wpa_supplicant PORTVERSION= 2.10 -PORTREVISION= 8 +PORTREVISION= 9 CATEGORIES= security net MASTER_SITES= https://w1.fi/releases/ diff --git a/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c b/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c index 19f47461772f..1575ae69bd85 100644 --- a/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c +++ b/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c @@ -1,5 +1,5 @@ --- src/l2_packet/l2_packet_freebsd.c.orig 2022-01-16 12:51:29.000000000 -0800 -+++ src/l2_packet/l2_packet_freebsd.c 2023-09-10 23:29:49.674128000 -0700 ++++ src/l2_packet/l2_packet_freebsd.c 2023-09-11 22:19:01.713695000 -0700 @@ -8,7 +8,8 @@ */ @@ -10,7 +10,15 @@ #include #endif /* __APPLE__ */ #include -@@ -76,24 +77,28 @@ +@@ -20,6 +21,7 @@ + #include + #endif /* __sun__ */ + ++#include + #include + #include + #include +@@ -76,24 +78,33 @@ { struct l2_packet_data *l2 = eloop_ctx; pcap_t *pcap = sock_ctx; @@ -41,6 +49,24 @@ buf = (unsigned char *) (ethhdr + 1); - len = hdr.caplen - sizeof(*ethhdr); + len = hdr->caplen - sizeof(*ethhdr); ++ /* handle 8021Q encapsulated frames */ ++ if (ethhdr->h_proto == htons(ETH_P_8021Q)) { ++ buf += ETHER_VLAN_ENCAP_LEN; ++ len -= ETHER_VLAN_ENCAP_LEN; ++ } } l2->rx_callback(l2->rx_callback_ctx, ethhdr->h_source, buf, len); } +@@ -122,10 +133,10 @@ + os_snprintf(pcap_filter, sizeof(pcap_filter), + "not ether src " MACSTR " and " + "( ether dst " MACSTR " or ether dst " MACSTR " ) and " +- "ether proto 0x%x", ++ "( ether proto 0x%x or ( vlan 0 and ether proto 0x%x ) )", + MAC2STR(l2->own_addr), /* do not receive own packets */ + MAC2STR(l2->own_addr), MAC2STR(pae_group_addr), +- protocol); ++ protocol, protocol); + if (pcap_compile(l2->pcap, &pcap_fp, pcap_filter, 1, pcap_netp) < 0) { + fprintf(stderr, "pcap_compile: %s\n", pcap_geterr(l2->pcap)); + return -1;