From c78442e92fcbfa553dddc80d049c5b276d9261fb437538c0526e77f891643d5c Mon Sep 17 00:00:00 2001 From: Lars Vogdt Date: Thu, 11 Oct 2018 12:23:42 +0000 Subject: [PATCH 1/8] Accepting request 641256 from home:kbabioch:branches:hardware - Added 0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch: Ignore unauthenticated encrypted EAPOL-Key data (CVE-2018-14526, bsc#1104205). OBS-URL: https://build.opensuse.org/request/show/641256 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=82 --- ...thenticated-encrypted-EAPOL-Key-data.patch | 44 +++++++++++++++++++ wpa_supplicant.changes | 6 +++ wpa_supplicant.spec | 4 +- 3 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch diff --git a/rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch b/rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch new file mode 100644 index 0000000..99b0549 --- /dev/null +++ b/rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch @@ -0,0 +1,44 @@ +From 3e34cfdff6b192fe337c6fb3f487f73e96582961 Mon Sep 17 00:00:00 2001 +From: Mathy Vanhoef +Date: Sun, 15 Jul 2018 01:25:53 +0200 +Subject: [PATCH] WPA: Ignore unauthenticated encrypted EAPOL-Key data + +Ignore unauthenticated encrypted EAPOL-Key data in supplicant +processing. When using WPA2, these are frames that have the Encrypted +flag set, but not the MIC flag. + +When using WPA2, EAPOL-Key frames that had the Encrypted flag set but +not the MIC flag, had their data field decrypted without first verifying +the MIC. In case the data field was encrypted using RC4 (i.e., when +negotiating TKIP as the pairwise cipher), this meant that +unauthenticated but decrypted data would then be processed. An adversary +could abuse this as a decryption oracle to recover sensitive information +in the data field of EAPOL-Key messages (e.g., the group key). +(CVE-2018-14526) + +Signed-off-by: Mathy Vanhoef +--- + src/rsn_supp/wpa.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff -upr wpa_supplicant-2.6.orig/src/rsn_supp/wpa.c wpa_supplicant-2.6/src/rsn_supp/wpa.c +--- wpa_supplicant-2.6.orig/src/rsn_supp/wpa.c 2016-10-02 21:51:11.000000000 +0300 ++++ wpa_supplicant-2.6/src/rsn_supp/wpa.c 2018-08-08 16:55:11.506831029 +0300 +@@ -2016,6 +2016,17 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, c + + if ((sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) && + (key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { ++ /* ++ * Only decrypt the Key Data field if the frame's authenticity ++ * was verified. When using AES-SIV (FILS), the MIC flag is not ++ * set, so this check should only be performed if mic_len != 0 ++ * which is the case in this code branch. ++ */ ++ if (!(key_info & WPA_KEY_INFO_MIC)) { ++ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, ++ "WPA: Ignore EAPOL-Key with encrypted but unauthenticated data"); ++ goto out; ++ } + if (wpa_supplicant_decrypt_key_data(sm, key, ver, key_data, + &key_data_len)) + goto out; diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index 166cc6a..d307de3 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Oct 11 11:58:33 UTC 2018 - Karol Babioch + +- Added 0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch: Ignore + unauthenticated encrypted EAPOL-Key data (CVE-2018-14526, bsc#1104205). + ------------------------------------------------------------------- Fri Sep 21 09:15:34 UTC 2018 - Karol Babioch diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index 1c3855d..1ac2e2f 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -51,6 +51,7 @@ Patch16: rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pen Patch17: rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch Patch18: wpa_supplicant-bnc-1099835-fix-private-key-password.patch Patch19: wpa_supplicant-bnc-1099835-clear-default_passwd_cb.patch +Patch20: rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch BuildRequires: openssl-devel BuildRequires: pkgconfig @@ -99,6 +100,7 @@ cp %{SOURCE1} wpa_supplicant/.config %patch17 -p1 %patch18 -p1 %patch19 -p1 +%patch20 -p1 %build cd wpa_supplicant From 64ca2f5a03c151940fb92794c55165f4c37e4bc348e72679bec91bf8a0073f17 Mon Sep 17 00:00:00 2001 From: Lars Vogdt Date: Thu, 11 Oct 2018 12:30:23 +0000 Subject: [PATCH 2/8] OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=83 --- wpa_supplicant.changes | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index d307de3..d8e31d2 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,8 +1,8 @@ ------------------------------------------------------------------- Thu Oct 11 11:58:33 UTC 2018 - Karol Babioch -- Added 0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch: Ignore - unauthenticated encrypted EAPOL-Key data (CVE-2018-14526, bsc#1104205). +- Added rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch: + Ignore unauthenticated encrypted EAPOL-Key data (CVE-2018-14526, bsc#1104205). ------------------------------------------------------------------- Fri Sep 21 09:15:34 UTC 2018 - Karol Babioch From ce6e50550e2b0b0f1098dd402e449e8bb104713120078bfc7051ee19c2eaa596 Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Fri, 12 Oct 2018 07:03:14 +0000 Subject: [PATCH 3/8] Accepting request 641394 from home:kbabioch:branches:hardware - Added wpa-supplicant-log-file-permission.patch: Fixes the default file permissions of the debug log file to more sane values, i.e. it is no longer world-readable (bsc#1098854). - Added wpa-supplicant-log-file-cloexec.patch: Open the debug log file with O_CLOEXEC, which will prevent file descriptor leaking to child processes (bsc#1098854). OBS-URL: https://build.opensuse.org/request/show/641394 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=84 --- wpa-supplicant-log-file-cloexec.patch | 48 +++++++++++++++ wpa-supplicant-log-file-permission.patch | 74 ++++++++++++++++++++++++ wpa_supplicant.changes | 10 ++++ wpa_supplicant.spec | 4 ++ 4 files changed, 136 insertions(+) create mode 100644 wpa-supplicant-log-file-cloexec.patch create mode 100644 wpa-supplicant-log-file-permission.patch diff --git a/wpa-supplicant-log-file-cloexec.patch b/wpa-supplicant-log-file-cloexec.patch new file mode 100644 index 0000000..b3b8774 --- /dev/null +++ b/wpa-supplicant-log-file-cloexec.patch @@ -0,0 +1,48 @@ +From 1c7db928d6e7bbe3e1ffa029b1ce28e65ab53e8a Mon Sep 17 00:00:00 2001 +In-Reply-To: <20181011202010.29226-2-karol@babioch.de> +References: <20181011202010.29226-2-karol@babioch.de> +From: Karol Babioch +Date: Thu, 11 Oct 2018 21:22:03 +0200 +Subject: [PATCH v2 2/2] Enable the close-on-exec flag for the debug log file + descriptor + +On Linux this flag will make sure that no file descriptor is accidentally +leaked into potential child processes. While this is not a problem right now, +it is considered to be good practice these days when dealing with file +descriptors on the Linux. + +Signed-off-by: Karol Babioch +--- + src/utils/wpa_debug.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/src/utils/wpa_debug.c b/src/utils/wpa_debug.c +index b412f88e3..9d159632d 100644 +--- a/src/utils/wpa_debug.c ++++ b/src/utils/wpa_debug.c +@@ -60,6 +60,9 @@ static int wpa_to_android_level(int level) + #ifdef CONFIG_DEBUG_FILE + #include + #include ++#ifdef __linux__ ++#include ++#endif /* __linux__ */ + + static int out_fd = -1; + static FILE *out_file = NULL; +@@ -567,6 +570,12 @@ int wpa_debug_open_file(const char *path) + return -1; + } + ++#ifdef __linux__ ++ if (fcntl(out_fd, F_SETFD, FD_CLOEXEC) == -1) { ++ wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to set O_CLOEXEC " ++ "on output file descriptor, using standard output"); ++ } ++#endif /* __linux__ */ + #ifndef _WIN32 + setvbuf(out_file, NULL, _IOLBF, 0); + #endif /* _WIN32 */ +-- +2.19.1 + diff --git a/wpa-supplicant-log-file-permission.patch b/wpa-supplicant-log-file-permission.patch new file mode 100644 index 0000000..98d2cfb --- /dev/null +++ b/wpa-supplicant-log-file-permission.patch @@ -0,0 +1,74 @@ +From e0e2be52057628965a4bcce2900913bc82ed011e Mon Sep 17 00:00:00 2001 +In-Reply-To: <20181011202010.29226-2-karol@babioch.de> +References: <20181011202010.29226-2-karol@babioch.de> +From: Karol Babioch +Date: Thu, 11 Oct 2018 21:21:30 +0200 +Subject: [PATCH v2 1/2] Create debug log file with more sane file permissions + +Previously the file permissions for the debug log file were not explicitly set. +Instead it was implicitly relying on a secure umask, which in most cases would +result in a file that is world-readable. This is a violation of good +practices, since not very user of a file should have access to sensitive +information that might be contained in the debug log file. + +This commit will explicitly set sane default file permissions in case +the file is newly created. + +Unfortunately the fopen(3) function does not provide such a facility, so the +approach needs to be changed in the following way: + +1.) The file descriptor needs to be created manually using the open(3) +function with the correct flags and the desired mode set. + +2.) fdopen(3) can then be used on the file descriptor to associate a +file stream with it. + +Note: This modification will not change the file permissions of any already +existing debug log files, and only applies to newly created ones. + +Signed-off-by: Karol Babioch +--- + src/utils/wpa_debug.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/src/utils/wpa_debug.c b/src/utils/wpa_debug.c +index 62758d864..b412f88e3 100644 +--- a/src/utils/wpa_debug.c ++++ b/src/utils/wpa_debug.c +@@ -58,6 +58,10 @@ static int wpa_to_android_level(int level) + #ifndef CONFIG_NO_STDOUT_DEBUG + + #ifdef CONFIG_DEBUG_FILE ++#include ++#include ++ ++static int out_fd = -1; + static FILE *out_file = NULL; + #endif /* CONFIG_DEBUG_FILE */ + +@@ -548,12 +552,21 @@ int wpa_debug_open_file(const char *path) + last_path = os_strdup(path); + } + +- out_file = fopen(path, "a"); ++ out_fd = open(path, O_CREAT | O_APPEND, S_IRUSR | S_IWUSR | S_IRGRP); ++ if (out_fd < 0) { ++ wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to open " ++ "output file descriptor, using standard output"); ++ return -1; ++ } ++ ++ out_file = fdopen(out_fd, "a"); + if (out_file == NULL) { + wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to open " + "output file, using standard output"); ++ close(out_fd); + return -1; + } ++ + #ifndef _WIN32 + setvbuf(out_file, NULL, _IOLBF, 0); + #endif /* _WIN32 */ +-- +2.19.1 + diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index d8e31d2..11b10eb 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Fri Oct 12 06:55:06 UTC 2018 - Karol Babioch + +- Added wpa-supplicant-log-file-permission.patch: Fixes the default file + permissions of the debug log file to more sane values, i.e. it is no longer + world-readable (bsc#1098854). +- Added wpa-supplicant-log-file-cloexec.patch: Open the debug log file with + O_CLOEXEC, which will prevent file descriptor leaking to child processes + (bsc#1098854). + ------------------------------------------------------------------- Thu Oct 11 11:58:33 UTC 2018 - Karol Babioch diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index 1ac2e2f..5331e73 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -52,6 +52,8 @@ Patch17: rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Respons Patch18: wpa_supplicant-bnc-1099835-fix-private-key-password.patch Patch19: wpa_supplicant-bnc-1099835-clear-default_passwd_cb.patch Patch20: rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch +Patch21: wpa-supplicant-log-file-permission.patch +Patch22: wpa-supplicant-log-file-cloexec.patch BuildRequires: openssl-devel BuildRequires: pkgconfig @@ -101,6 +103,8 @@ cp %{SOURCE1} wpa_supplicant/.config %patch18 -p1 %patch19 -p1 %patch20 -p1 +%patch21 -p1 +%patch22 -p1 %build cd wpa_supplicant From 4a7dfdf397f2758de94bf9e8f8e7de19d5cde412e34c02b73151a803eff802d1 Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Fri, 12 Oct 2018 08:28:01 +0000 Subject: [PATCH 4/8] Accepting request 641409 from home:kbabioch:branches:hardware Updated patches with some feedback from upstream OBS-URL: https://build.opensuse.org/request/show/641409 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=85 --- wpa-supplicant-log-file-cloexec.patch | 19 +++++++++---------- wpa-supplicant-log-file-permission.patch | 21 ++++++++------------- 2 files changed, 17 insertions(+), 23 deletions(-) diff --git a/wpa-supplicant-log-file-cloexec.patch b/wpa-supplicant-log-file-cloexec.patch index b3b8774..96bff5e 100644 --- a/wpa-supplicant-log-file-cloexec.patch +++ b/wpa-supplicant-log-file-cloexec.patch @@ -1,9 +1,7 @@ -From 1c7db928d6e7bbe3e1ffa029b1ce28e65ab53e8a Mon Sep 17 00:00:00 2001 -In-Reply-To: <20181011202010.29226-2-karol@babioch.de> -References: <20181011202010.29226-2-karol@babioch.de> +From a386bc4950e02975ba9a21a5be82e91a53ec9281 Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Thu, 11 Oct 2018 21:22:03 +0200 -Subject: [PATCH v2 2/2] Enable the close-on-exec flag for the debug log file +Subject: [PATCH v3 2/2] Enable the close-on-exec flag for the debug log file descriptor On Linux this flag will make sure that no file descriptor is accidentally @@ -13,11 +11,11 @@ descriptors on the Linux. Signed-off-by: Karol Babioch --- - src/utils/wpa_debug.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) + src/utils/wpa_debug.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) diff --git a/src/utils/wpa_debug.c b/src/utils/wpa_debug.c -index b412f88e3..9d159632d 100644 +index 5d2f7becb..12873737c 100644 --- a/src/utils/wpa_debug.c +++ b/src/utils/wpa_debug.c @@ -60,6 +60,9 @@ static int wpa_to_android_level(int level) @@ -28,12 +26,13 @@ index b412f88e3..9d159632d 100644 +#include +#endif /* __linux__ */ - static int out_fd = -1; static FILE *out_file = NULL; -@@ -567,6 +570,12 @@ int wpa_debug_open_file(const char *path) + #endif /* CONFIG_DEBUG_FILE */ +@@ -566,6 +569,13 @@ int wpa_debug_open_file(const char *path) + close(out_fd); return -1; } - ++ +#ifdef __linux__ + if (fcntl(out_fd, F_SETFD, FD_CLOEXEC) == -1) { + wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to set O_CLOEXEC " diff --git a/wpa-supplicant-log-file-permission.patch b/wpa-supplicant-log-file-permission.patch index 98d2cfb..6a52ace 100644 --- a/wpa-supplicant-log-file-permission.patch +++ b/wpa-supplicant-log-file-permission.patch @@ -1,9 +1,7 @@ -From e0e2be52057628965a4bcce2900913bc82ed011e Mon Sep 17 00:00:00 2001 -In-Reply-To: <20181011202010.29226-2-karol@babioch.de> -References: <20181011202010.29226-2-karol@babioch.de> +From 2fb45cd0370f1bc6d452df15dc1f7bf6575ed55c Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Thu, 11 Oct 2018 21:21:30 +0200 -Subject: [PATCH v2 1/2] Create debug log file with more sane file permissions +Subject: [PATCH v3 1/2] Create debug log file with more sane file permissions Previously the file permissions for the debug log file were not explicitly set. Instead it was implicitly relying on a secure umask, which in most cases would @@ -28,29 +26,29 @@ existing debug log files, and only applies to newly created ones. Signed-off-by: Karol Babioch --- - src/utils/wpa_debug.c | 15 ++++++++++++++- - 1 file changed, 14 insertions(+), 1 deletion(-) + src/utils/wpa_debug.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/utils/wpa_debug.c b/src/utils/wpa_debug.c -index 62758d864..b412f88e3 100644 +index 62758d864..5d2f7becb 100644 --- a/src/utils/wpa_debug.c +++ b/src/utils/wpa_debug.c -@@ -58,6 +58,10 @@ static int wpa_to_android_level(int level) +@@ -58,6 +58,9 @@ static int wpa_to_android_level(int level) #ifndef CONFIG_NO_STDOUT_DEBUG #ifdef CONFIG_DEBUG_FILE +#include +#include + -+static int out_fd = -1; static FILE *out_file = NULL; #endif /* CONFIG_DEBUG_FILE */ -@@ -548,12 +552,21 @@ int wpa_debug_open_file(const char *path) +@@ -548,10 +551,19 @@ int wpa_debug_open_file(const char *path) last_path = os_strdup(path); } - out_file = fopen(path, "a"); ++ int out_fd = -1; + out_fd = open(path, O_CREAT | O_APPEND, S_IRUSR | S_IWUSR | S_IRGRP); + if (out_fd < 0) { + wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to open " @@ -65,10 +63,7 @@ index 62758d864..b412f88e3 100644 + close(out_fd); return -1; } -+ #ifndef _WIN32 - setvbuf(out_file, NULL, _IOLBF, 0); - #endif /* _WIN32 */ -- 2.19.1 From 0119febc57480a7f434f3324cf85e6996b7eaad418e509f79672588a5c84d52b Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Fri, 12 Oct 2018 13:07:32 +0000 Subject: [PATCH 5/8] Accepting request 641683 from home:kbabioch:branches:hardware - Enabled timestamps in log file when being invoked by systemd service file (bsc#1080798). OBS-URL: https://build.opensuse.org/request/show/641683 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=86 --- wpa_supplicant.changes | 6 ++++++ wpa_supplicant.service | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index 11b10eb..3358ca2 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Oct 12 13:04:57 UTC 2018 - Karol Babioch + +- Enabled timestamps in log file when being invoked by systemd service file + (bsc#1080798). + ------------------------------------------------------------------- Fri Oct 12 06:55:06 UTC 2018 - Karol Babioch diff --git a/wpa_supplicant.service b/wpa_supplicant.service index 2cddf41..e08030d 100644 --- a/wpa_supplicant.service +++ b/wpa_supplicant.service @@ -6,7 +6,7 @@ After=dbus.service [Service] Type=dbus BusName=fi.w1.wpa_supplicant1 -ExecStart=/usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -f /var/log/wpa_supplicant.log +ExecStart=/usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -t -f /var/log/wpa_supplicant.log [Install] WantedBy=multi-user.target From 26dd74cc1afa6f5848c92a0e6deed9e800dd47fde8a781ef34fd348a8484dc6f Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Tue, 16 Oct 2018 06:39:10 +0000 Subject: [PATCH 6/8] Accepting request 642093 from home:oertel:branches:hardware - compile eapol_test binary to allow testing via radius proxy and server (note: this does not match CONFIG_EAPOL_TEST which sets -Werror and activates an assert call inside the code of wpa_supplicant) (bsc#1111873), (fate#326725)o - add patch to fix wrong operator precedence in ieee802_11.c wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch - add patch to avoid redefinition of __bitwise macro wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch OBS-URL: https://build.opensuse.org/request/show/642093 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=87 --- ...4b966c942feb95a8ddbb7d130540b15b796d.patch | 33 ++++++++++++++++ ...debf4c6ddbc881a212b175faa6d5d0d90c8c.patch | 39 +++++++++++++++++++ wpa_supplicant.changes | 13 +++++++ wpa_supplicant.spec | 10 ++++- 4 files changed, 93 insertions(+), 2 deletions(-) create mode 100644 wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch create mode 100644 wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch diff --git a/wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch b/wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch new file mode 100644 index 0000000..5c96006 --- /dev/null +++ b/wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch @@ -0,0 +1,33 @@ +commit f5b74b966c942feb95a8ddbb7d130540b15b796d +Author: Beniamino Galvani +Date: Mon Oct 30 11:14:40 2017 +0100 + + common: Avoid conflict with __bitwise macro from linux/types.h + + Undefine the __bitwise macro before defining it to avoid conflicts + with the one from linux/types.h; the same is done some lines above + when __CHECKER__ is defined. Fixes the following warning: + + In file included from ../src/l2_packet/l2_packet_linux.c:15:0: + hostap/src/utils/common.h:438:0: warning: "__bitwise" redefined + #define __bitwise + + In file included from /usr/include/linux/filter.h:9:0, + from ../src/l2_packet/l2_packet_linux.c:13: + /usr/include/linux/types.h:21:0: note: this is the location of the previous definition + #define __bitwise __bitwise__ + + Signed-off-by: Beniamino Galvani + +diff --git a/src/utils/common.h b/src/utils/common.h +index 46e96a65b..fec7f6013 100644 +--- a/src/utils/common.h ++++ b/src/utils/common.h +@@ -435,6 +435,7 @@ void perror(const char *s); + #define __bitwise __attribute__((bitwise)) + #else + #define __force ++#undef __bitwise + #define __bitwise + #endif + diff --git a/wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch b/wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch new file mode 100644 index 0000000..f678fec --- /dev/null +++ b/wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch @@ -0,0 +1,39 @@ +commit fa67debf4c6ddbc881a212b175faa6d5d0d90c8c +Author: Jouni Malinen +Date: Sat Jan 14 01:04:31 2017 +0200 + + Fix duplicate Reassociation Request frame dropping + + Relational operators (==) have higher precedence than the ternary + conditional in C. The last_subtype check for association/reassociation + was broken due to incorrect assumption about the precedence. Fix this by + adding parenthesis around the ternary conditional. + + The previous implementation worked for Association Request frames by + accident since WLAN_FC_STYPE_ASSOC_REQ happens to have value 0 and when + the last receive frame was an Association Request frame, the + sta->last_subtype == reassoc check was true and non-zero + WLAN_FC_STYPE_REASSOC_REQ was interpreted as true. However, this was + broken for Reassociation Request frame. reassoc == 1 in that case could + have matched received Association Response frame (subtype == 1), but + those are not received in AP mode and as such, this did not break other + behavior apart from not being able to drop duplicated Reassociation + Request frames. + + Signed-off-by: Jouni Malinen + +diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c +index 060b63517..92a7ec6db 100644 +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -2527,8 +2527,8 @@ static void handle_assoc(struct hostapd_data *hapd, + if ((fc & WLAN_FC_RETRY) && + sta->last_seq_ctrl != WLAN_INVALID_MGMT_SEQ && + sta->last_seq_ctrl == seq_ctrl && +- sta->last_subtype == reassoc ? WLAN_FC_STYPE_REASSOC_REQ : +- WLAN_FC_STYPE_ASSOC_REQ) { ++ sta->last_subtype == (reassoc ? WLAN_FC_STYPE_REASSOC_REQ : ++ WLAN_FC_STYPE_ASSOC_REQ)) { + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, + "Drop repeated association frame seq_ctrl=0x%x", diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index 3358ca2..abbb7a4 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Mon Oct 15 16:20:25 CEST 2018 - ro@suse.de + +- compile eapol_test binary to allow testing via + radius proxy and server + (note: this does not match CONFIG_EAPOL_TEST which sets -Werror + and activates an assert call inside the code of wpa_supplicant) + (bsc#1111873), (fate#326725)o +- add patch to fix wrong operator precedence in ieee802_11.c + wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch +- add patch to avoid redefinition of __bitwise macro + wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch + ------------------------------------------------------------------- Fri Oct 12 13:04:57 UTC 2018 - Karol Babioch diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index 5331e73..fa13325 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -54,6 +54,8 @@ Patch19: wpa_supplicant-bnc-1099835-clear-default_passwd_cb.patch Patch20: rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch Patch21: wpa-supplicant-log-file-permission.patch Patch22: wpa-supplicant-log-file-cloexec.patch +Patch23: wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch +Patch24: wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch BuildRequires: openssl-devel BuildRequires: pkgconfig @@ -105,10 +107,13 @@ cp %{SOURCE1} wpa_supplicant/.config %patch20 -p1 %patch21 -p1 %patch22 -p1 +%patch23 -p1 +%patch24 -p1 %build cd wpa_supplicant CFLAGS="%{optflags}" make V=1 %{?_smp_mflags} +CFLAGS="%{optflags}" make V=1 %{?_smp_mflags} eapol_test cd wpa_gui-qt4 %qmake5 make %{?_smp_mflags} @@ -118,6 +123,7 @@ install -d %{buildroot}/%{_sbindir} install -m 0755 wpa_supplicant/wpa_cli %{buildroot}%{_sbindir} install -m 0755 wpa_supplicant/wpa_passphrase %{buildroot}%{_sbindir} install -m 0755 wpa_supplicant/wpa_supplicant %{buildroot}%{_sbindir} +install -m 0755 wpa_supplicant/eapol_test %{buildroot}%{_sbindir} install -d %{buildroot}%{_sysconfdir}/dbus-1/system.d install -m 0644 wpa_supplicant/dbus/dbus-wpa_supplicant.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/wpa_supplicant.conf install -d %{buildroot}/%{_sysconfdir}/%{name} @@ -130,9 +136,8 @@ install -m 644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/logrotate.d/wpa_supplicant install -d %{buildroot}/%{_rundir}/%{name} install -d %{buildroot}%{_mandir}/man{5,8} install -m 0644 wpa_supplicant/doc/docbook/*.8 %{buildroot}%{_mandir}/man8 -# wpa_supplicant is built without CONFIG_PRIVSEP and CONFIG_EAPOL_TEST +# wpa_supplicant is built without CONFIG_PRIVSEP rm %{buildroot}%{_mandir}/man8/wpa_priv.* -rm %{buildroot}%{_mandir}/man8/eapol_test.* install -m 0644 wpa_supplicant/doc/docbook/*.5 %{buildroot}%{_mandir}/man5 install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir} install -d %{buildroot}%{_unitdir} @@ -160,6 +165,7 @@ ln -s wpa_supplicant.service %{buildroot}%{_unitdir}/dbus-fi.w1.wpa_supplicant1. %files %defattr(-,root,root) %doc wpa_supplicant/ChangeLog COPYING README wpa_supplicant/todo.txt wpa_supplicant/examples wpa_supplicant/wpa_supplicant.conf +%{_sbindir}/eapol_test %{_sbindir}/rcwpa_supplicant %{_sbindir}/wpa_cli %{_sbindir}/wpa_passphrase From d9173377698439d3db6651dd6a5038c42a33d07eed7d3aafb8eb466672cf5a98 Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Tue, 16 Oct 2018 07:35:51 +0000 Subject: [PATCH 7/8] Accepting request 642205 from home:kbabioch:branches:hardware - Renamed patches: - wpa-supplicant-log-file-permission.patch -> wpa_supplicant-log-file-permission.patch - wpa-supplicant-log-file-cloexec.patch -> wpa_supplicant-log-file-cloexec.patch - wpa_supplicant-log-file-permission.patch: Using O_WRONLY flag - Enabled timestamps in log files (bsc#1080798). - compile eapol_test binary to allow testing via radius proxy and server (bsc#1111873), (fate#326725) - Added rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch: OBS-URL: https://build.opensuse.org/request/show/642205 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=88 --- fi.epitest.hostap.WPASupplicant.service | 2 +- fi.w1.wpa_supplicant1.service | 2 +- ...h => wpa_supplicant-log-file-cloexec.patch | 0 ...> wpa_supplicant-log-file-permission.patch | 2 +- wpa_supplicant.changes | 22 ++++++++++--------- wpa_supplicant.spec | 4 ++-- wpa_supplicant@.service | 2 +- 7 files changed, 18 insertions(+), 16 deletions(-) rename wpa-supplicant-log-file-cloexec.patch => wpa_supplicant-log-file-cloexec.patch (100%) rename wpa-supplicant-log-file-permission.patch => wpa_supplicant-log-file-permission.patch (96%) diff --git a/fi.epitest.hostap.WPASupplicant.service b/fi.epitest.hostap.WPASupplicant.service index a2592eb..4052a7c 100644 --- a/fi.epitest.hostap.WPASupplicant.service +++ b/fi.epitest.hostap.WPASupplicant.service @@ -1,5 +1,5 @@ [D-BUS Service] Name=fi.epitest.hostap.WPASupplicant -Exec=/usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -f /var/log/wpa_supplicant.log +Exec=/usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -t -f /var/log/wpa_supplicant.log User=root SystemdService=wpa_supplicant.service diff --git a/fi.w1.wpa_supplicant1.service b/fi.w1.wpa_supplicant1.service index a8bcd27..7e69463 100644 --- a/fi.w1.wpa_supplicant1.service +++ b/fi.w1.wpa_supplicant1.service @@ -1,5 +1,5 @@ [D-BUS Service] Name=fi.w1.wpa_supplicant1 -Exec=/usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -f /var/log/wpa_supplicant.log +Exec=/usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -t -f /var/log/wpa_supplicant.log User=root SystemdService=wpa_supplicant.service diff --git a/wpa-supplicant-log-file-cloexec.patch b/wpa_supplicant-log-file-cloexec.patch similarity index 100% rename from wpa-supplicant-log-file-cloexec.patch rename to wpa_supplicant-log-file-cloexec.patch diff --git a/wpa-supplicant-log-file-permission.patch b/wpa_supplicant-log-file-permission.patch similarity index 96% rename from wpa-supplicant-log-file-permission.patch rename to wpa_supplicant-log-file-permission.patch index 6a52ace..8f14185 100644 --- a/wpa-supplicant-log-file-permission.patch +++ b/wpa_supplicant-log-file-permission.patch @@ -49,7 +49,7 @@ index 62758d864..5d2f7becb 100644 - out_file = fopen(path, "a"); + int out_fd = -1; -+ out_fd = open(path, O_CREAT | O_APPEND, S_IRUSR | S_IWUSR | S_IRGRP); ++ out_fd = open(path, O_CREAT | O_WRONLY | O_APPEND, S_IRUSR | S_IWUSR | S_IRGRP); + if (out_fd < 0) { + wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to open " + "output file descriptor, using standard output"); diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index abbb7a4..3fb8346 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,22 +1,24 @@ +------------------------------------------------------------------- +Tue Oct 16 06:45:59 UTC 2018 - Karol Babioch + +- Renamed patches: + - wpa-supplicant-log-file-permission.patch -> wpa_supplicant-log-file-permission.patch + - wpa-supplicant-log-file-cloexec.patch -> wpa_supplicant-log-file-cloexec.patch +- wpa_supplicant-log-file-permission.patch: Using O_WRONLY flag +- Enabled timestamps in log files (bsc#1080798). + ------------------------------------------------------------------- Mon Oct 15 16:20:25 CEST 2018 - ro@suse.de -- compile eapol_test binary to allow testing via - radius proxy and server +- compile eapol_test binary to allow testing via radius proxy and server (note: this does not match CONFIG_EAPOL_TEST which sets -Werror and activates an assert call inside the code of wpa_supplicant) - (bsc#1111873), (fate#326725)o + (bsc#1111873), (fate#326725) - add patch to fix wrong operator precedence in ieee802_11.c wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch - add patch to avoid redefinition of __bitwise macro wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch -------------------------------------------------------------------- -Fri Oct 12 13:04:57 UTC 2018 - Karol Babioch - -- Enabled timestamps in log file when being invoked by systemd service file - (bsc#1080798). - ------------------------------------------------------------------- Fri Oct 12 06:55:06 UTC 2018 - Karol Babioch @@ -30,7 +32,7 @@ Fri Oct 12 06:55:06 UTC 2018 - Karol Babioch ------------------------------------------------------------------- Thu Oct 11 11:58:33 UTC 2018 - Karol Babioch -- Added rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch: +- Added rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch: Ignore unauthenticated encrypted EAPOL-Key data (CVE-2018-14526, bsc#1104205). ------------------------------------------------------------------- diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index fa13325..54b0b16 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -52,8 +52,8 @@ Patch17: rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Respons Patch18: wpa_supplicant-bnc-1099835-fix-private-key-password.patch Patch19: wpa_supplicant-bnc-1099835-clear-default_passwd_cb.patch Patch20: rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch -Patch21: wpa-supplicant-log-file-permission.patch -Patch22: wpa-supplicant-log-file-cloexec.patch +Patch21: wpa_supplicant-log-file-permission.patch +Patch22: wpa_supplicant-log-file-cloexec.patch Patch23: wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch Patch24: wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch diff --git a/wpa_supplicant@.service b/wpa_supplicant@.service index e569a77..90d4029 100644 --- a/wpa_supplicant@.service +++ b/wpa_supplicant@.service @@ -6,7 +6,7 @@ After=dbus.service [Service] Type=dbus BusName=fi.w1.wpa_supplicant1 -ExecStart=/usr/sbin/wpa_supplicant -i%i -c /etc/wpa_supplicant/wpa_supplicant.conf -u -f /var/log/wpa_supplicant.log +ExecStart=/usr/sbin/wpa_supplicant -i%i -c /etc/wpa_supplicant/wpa_supplicant.conf -u -t -f /var/log/wpa_supplicant.log [Install] WantedBy=multi-user.target From 466605296e33bdc1eebd1696f5ff27322eca47d71bbbb603ec2c611dbe31b320 Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Fri, 19 Oct 2018 11:33:25 +0000 Subject: [PATCH 8/8] Accepting request 643169 from home:kbabioch:branches:hardware - Enabled timestamps in log files (bsc#1080798) OBS-URL: https://build.opensuse.org/request/show/643169 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=89 --- wpa_supplicant.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index 3fb8346..c3ee1cd 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -5,7 +5,7 @@ Tue Oct 16 06:45:59 UTC 2018 - Karol Babioch - wpa-supplicant-log-file-permission.patch -> wpa_supplicant-log-file-permission.patch - wpa-supplicant-log-file-cloexec.patch -> wpa_supplicant-log-file-cloexec.patch - wpa_supplicant-log-file-permission.patch: Using O_WRONLY flag -- Enabled timestamps in log files (bsc#1080798). +- Enabled timestamps in log files (bsc#1080798) ------------------------------------------------------------------- Mon Oct 15 16:20:25 CEST 2018 - ro@suse.de