On Fri, 10 Oct 2014 12:00:30 +0200, David Coppa wrote: > > Hi! > > Here's an update to wpa_supplicant-2.3. > > Please test as usual (eduroam, etc.) > > Works for me with wired 802.1x > > Cheers, > David
Works fine with eduroam. OK. > Index: Makefile > =================================================================== > RCS file: /cvs/ports/security/wpa_supplicant/Makefile,v > retrieving revision 1.22 > diff -u -p -u -p -r1.22 Makefile > --- Makefile 30 Sep 2014 07:18:48 -0000 1.22 > +++ Makefile 10 Oct 2014 09:05:54 -0000 > @@ -2,8 +2,7 @@ > > COMMENT= IEEE 802.1X supplicant > > -DISTNAME= wpa_supplicant-2.2 > -REVISION= 2 > +DISTNAME= wpa_supplicant-2.3 > CATEGORIES= security net > > HOMEPAGE= http://hostap.epitest.fi/wpa_supplicant/ > Index: distinfo > =================================================================== > RCS file: /cvs/ports/security/wpa_supplicant/distinfo,v > retrieving revision 1.5 > diff -u -p -u -p -r1.5 distinfo > --- distinfo 2 Sep 2014 13:04:34 -0000 1.5 > +++ distinfo 10 Oct 2014 09:05:54 -0000 > @@ -1,2 +1,2 @@ > -SHA256 (wpa_supplicant-2.2.tar.gz) = > 4Ni4/WimWWNuq6JGuyyqy/U9ItU7K2uQ60tP7wmTyO0= > -SIZE (wpa_supplicant-2.2.tar.gz) = 2382570 > +SHA256 (wpa_supplicant-2.3.tar.gz) = > 6qpb8wVScOUhst/2Ty0gPsgED3GVi4WIJpqCwAyde2o= > +SIZE (wpa_supplicant-2.3.tar.gz) = 2398722 > Index: patches/patch-src_rsn_supp_wpa_c > =================================================================== > RCS file: patches/patch-src_rsn_supp_wpa_c > diff -N patches/patch-src_rsn_supp_wpa_c > --- patches/patch-src_rsn_supp_wpa_c 5 Sep 2014 13:18:41 -0000 1.1 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,29 +0,0 @@ > -$OpenBSD: patch-src_rsn_supp_wpa_c,v 1.1 2014/09/05 13:18:41 dcoppa Exp $ > - > -commit b7c61c9d4e968e7254112631a9f6a1a1f8ef6f7f > -Author: Jouni Malinen <j...@w1.fi> > -Date: Sat Jun 14 00:20:04 2014 +0300 > - > -Fix validation of EAPOL-Key length with AES key wrap > - > -The additional eight octet field was removed from keydatalen without > -proper validation of the Key Data Length field. It would have been > -possible for an invalid EAPOL-Key frame to be processed in a way that > -ends up reading beyond the buffer. In theory, this could have also > -resulted in writing beyond the EAPOL-Key frame buffer, but that is > -unlikely to be feasible due to the AES key wrap validation step on > -arbitrary memory contents. > - > -Signed-off-by: Jouni Malinen <j...@w1.fi> > - > ---- src/rsn_supp/wpa.c.orig Wed Jun 4 15:26:14 2014 > -+++ src/rsn_supp/wpa.c Fri Sep 5 14:33:27 2014 > -@@ -1501,7 +1501,7 @@ static int wpa_supplicant_decrypt_key_data(struct wpa_ > - ver == WPA_KEY_INFO_TYPE_AES_128_CMAC || > - sm->key_mgmt == WPA_KEY_MGMT_OSEN) { > - u8 *buf; > -- if (keydatalen % 8) { > -+ if (keydatalen < 8 || keydatalen % 8) { > - wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, > - "WPA: Unsupported AES-WRAP len %d", > - keydatalen); > Index: patches/patch-src_utils_common_c > =================================================================== > RCS file: patches/patch-src_utils_common_c > diff -N patches/patch-src_utils_common_c > --- patches/patch-src_utils_common_c 30 Sep 2014 07:18:48 -0000 1.3 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,31 +0,0 @@ > -$OpenBSD: patch-src_utils_common_c,v 1.3 2014/09/30 07:18:48 dcoppa Exp $ > - > -commit a8833b84f46626b6fb9e9f277137f26acc72c64e > -Author: Bernhard Walle <bernh...@bwalle.de> > -Date: Tue Sep 16 21:20:47 2014 +0200 > - > -util: Don't use "\e" > - > -'\e' representing ESC (0x1b) is not C standard, it's an GNU extension. > -https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes > - > ---- src/utils/common.c.orig Wed Jun 4 15:26:14 2014 > -+++ src/utils/common.c Mon Sep 29 16:58:59 2014 > -@@ -362,7 +362,7 @@ void printf_encode(char *txt, size_t maxlen, const u8 > - *txt++ = '\\'; > - *txt++ = '\\'; > - break; > -- case '\e': > -+ case '\033': > - *txt++ = '\\'; > - *txt++ = 'e'; > - break; > -@@ -427,7 +427,7 @@ size_t printf_decode(u8 *buf, size_t maxlen, const cha > - pos++; > - break; > - case 'e': > -- buf[len++] = '\e'; > -+ buf[len++] = '\033'; > - pos++; > - break; > - case 'x': > Index: patches/patch-wpa_supplicant_Makefile > =================================================================== > RCS file: > /cvs/ports/security/wpa_supplicant/patches/patch-wpa_supplicant_Makefile,v > retrieving revision 1.3 > diff -u -p -u -p -r1.3 patch-wpa_supplicant_Makefile > --- patches/patch-wpa_supplicant_Makefile 23 Mar 2014 20:02:14 -0000 > 1.3 > +++ patches/patch-wpa_supplicant_Makefile 10 Oct 2014 09:05:54 -0000 > @@ -1,6 +1,6 @@ > $OpenBSD: patch-wpa_supplicant_Makefile,v 1.3 2014/03/23 20:02:14 kili Exp $ > ---- wpa_supplicant/Makefile.orig Tue Feb 4 12:23:35 2014 > -+++ wpa_supplicant/Makefile Sun Mar 23 19:45:14 2014 > +--- wpa_supplicant/Makefile.orig Thu Oct 9 16:41:31 2014 > ++++ wpa_supplicant/Makefile Fri Oct 10 11:02:04 2014 > @@ -56,7 +56,7 @@ mkconfig: > echo CONFIG_DRIVER_WEXT=y >> .config > > @@ -10,17 +10,27 @@ $OpenBSD: patch-wpa_supplicant_Makefile, > > install: $(addprefix $(DESTDIR)$(BINDIR)/,$(BINALL)) > $(MAKE) -C ../src install > -@@ -118,13 +118,6 @@ CONFIG_ELOOP=eloop > - endif > +@@ -119,13 +119,6 @@ endif > OBJS += ../src/utils/$(CONFIG_ELOOP).o > OBJS_c += ../src/utils/$(CONFIG_ELOOP).o > -- > + > -ifeq ($(CONFIG_ELOOP), eloop) > -# Using glibc < 2.17 requires -lrt for clock_gettime() > -LIBS += -lrt > -LIBS_c += -lrt > -LIBS_p += -lrt > -endif > - > +- > ifdef CONFIG_ELOOP_POLL > CFLAGS += -DCONFIG_ELOOP_POLL > + endif > +@@ -1391,9 +1384,7 @@ OBJS += sme.o > + CFLAGS += -DCONFIG_SME > + endif > + > +-ifdef NEED_80211_COMMON > + OBJS += ../src/common/ieee802_11_common.o > +-endif > + > + ifdef NEED_EAP_COMMON > + OBJS += ../src/eap_common/eap_common.o > >