[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/
commit: 319c86d1f048618da77824081843a43f049eadb5
Author: Zero_Chaos gentoo org>
AuthorDate: Mon Oct 16 13:35:32 2017 +
Commit: Richard Farina gentoo org>
CommitDate: Mon Oct 16 13:35:32 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319c86d1
net-wireless/wpa_supplicant: fix for KRACK (bug #634436)
with bonus minor syntax fix
Package-Manager: Portage-2.3.11, Repoman-2.3.3
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 +
...nstallation-of-an-already-in-use-group-ke.patch | 250 +
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ++
...04-Prevent-installation-of-an-all-zero-TK.patch | 79
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 +++
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43 +++
...llow-multiple-Reassociation-Response-fram.patch | 82 +
.../wpa_supplicant/wpa_supplicant-2.6-r3.ebuild| 397 +
9 files changed, 1405 insertions(+)
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
new file mode 100644
index 000..727684865db
--- /dev/null
+++
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
@@ -0,0 +1,174 @@
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef
+---
+ src/ap/ieee802_11.c | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h| 3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h | 1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+ struct ieee80211_ht_capabilities ht_cap;
+ struct ieee80211_vht_capabilities vht_cap;
++ int set = 1;
+
+ /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++ *
++ * Skip this if the STA has already completed FT reassociation and the
++ * TK has been configured since the TX/RX PN must not be reset to 0 for
++ * the same key.
+*/
+- if (!sta->added_unassoc)
++ if (!sta->added_unassoc &&
++ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
++ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++ set = 0;
++ }
+
+ #ifdef CONFIG_IEEE80211N
+ if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data
*hapd,
+ sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
+ sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
+ sta->vht_opmode, sta->p2p_ie ? 1 : 0,
+- sta->added_unassoc)) {
++ set)) {
+ hostapd_logger(hapd, sta->addr,
+ HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
+ "Could not %s STA to kernel driver",
+- sta->added_unassoc ? "set" : "add");
++ set ? "set" : "add");
+
+ if (sta->added_unassoc) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 3587086..707971d 100644
+--- a/src/ap/wpa_auth.c
b/src/ap/wpa_au
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/
commit: 319c86d1f048618da77824081843a43f049eadb5
Author: Zero_Chaos gentoo org>
AuthorDate: Mon Oct 16 13:35:32 2017 +
Commit: Richard Farina gentoo org>
CommitDate: Mon Oct 16 13:35:32 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319c86d1
net-wireless/wpa_supplicant: fix for KRACK (bug #634436)
with bonus minor syntax fix
Package-Manager: Portage-2.3.11, Repoman-2.3.3
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 +
...nstallation-of-an-already-in-use-group-ke.patch | 250 +
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ++
...04-Prevent-installation-of-an-all-zero-TK.patch | 79
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 +++
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43 +++
...llow-multiple-Reassociation-Response-fram.patch | 82 +
.../wpa_supplicant/wpa_supplicant-2.6-r3.ebuild| 397 +
9 files changed, 1405 insertions(+)
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
new file mode 100644
index 000..727684865db
--- /dev/null
+++
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
@@ -0,0 +1,174 @@
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef
+---
+ src/ap/ieee802_11.c | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h| 3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h | 1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+ struct ieee80211_ht_capabilities ht_cap;
+ struct ieee80211_vht_capabilities vht_cap;
++ int set = 1;
+
+ /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++ *
++ * Skip this if the STA has already completed FT reassociation and the
++ * TK has been configured since the TX/RX PN must not be reset to 0 for
++ * the same key.
+*/
+- if (!sta->added_unassoc)
++ if (!sta->added_unassoc &&
++ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
++ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++ set = 0;
++ }
+
+ #ifdef CONFIG_IEEE80211N
+ if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data
*hapd,
+ sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
+ sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
+ sta->vht_opmode, sta->p2p_ie ? 1 : 0,
+- sta->added_unassoc)) {
++ set)) {
+ hostapd_logger(hapd, sta->addr,
+ HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
+ "Could not %s STA to kernel driver",
+- sta->added_unassoc ? "set" : "add");
++ set ? "set" : "add");
+
+ if (sta->added_unassoc) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 3587086..707971d 100644
+--- a/src/ap/wpa_auth.c
b/src/ap/wpa_au
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/
commit: 319c86d1f048618da77824081843a43f049eadb5
Author: Zero_Chaos gentoo org>
AuthorDate: Mon Oct 16 13:35:32 2017 +
Commit: Richard Farina gentoo org>
CommitDate: Mon Oct 16 13:35:32 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319c86d1
net-wireless/wpa_supplicant: fix for KRACK (bug #634436)
with bonus minor syntax fix
Package-Manager: Portage-2.3.11, Repoman-2.3.3
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 +
...nstallation-of-an-already-in-use-group-ke.patch | 250 +
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ++
...04-Prevent-installation-of-an-all-zero-TK.patch | 79
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 +++
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43 +++
...llow-multiple-Reassociation-Response-fram.patch | 82 +
.../wpa_supplicant/wpa_supplicant-2.6-r3.ebuild| 397 +
9 files changed, 1405 insertions(+)
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
new file mode 100644
index 000..727684865db
--- /dev/null
+++
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
@@ -0,0 +1,174 @@
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef
+---
+ src/ap/ieee802_11.c | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h| 3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h | 1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+ struct ieee80211_ht_capabilities ht_cap;
+ struct ieee80211_vht_capabilities vht_cap;
++ int set = 1;
+
+ /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++ *
++ * Skip this if the STA has already completed FT reassociation and the
++ * TK has been configured since the TX/RX PN must not be reset to 0 for
++ * the same key.
+*/
+- if (!sta->added_unassoc)
++ if (!sta->added_unassoc &&
++ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
++ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++ set = 0;
++ }
+
+ #ifdef CONFIG_IEEE80211N
+ if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data
*hapd,
+ sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
+ sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
+ sta->vht_opmode, sta->p2p_ie ? 1 : 0,
+- sta->added_unassoc)) {
++ set)) {
+ hostapd_logger(hapd, sta->addr,
+ HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
+ "Could not %s STA to kernel driver",
+- sta->added_unassoc ? "set" : "add");
++ set ? "set" : "add");
+
+ if (sta->added_unassoc) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 3587086..707971d 100644
+--- a/src/ap/wpa_auth.c
b/src/ap/wpa_au
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/
commit: 319c86d1f048618da77824081843a43f049eadb5
Author: Zero_Chaos gentoo org>
AuthorDate: Mon Oct 16 13:35:32 2017 +
Commit: Richard Farina gentoo org>
CommitDate: Mon Oct 16 13:35:32 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319c86d1
net-wireless/wpa_supplicant: fix for KRACK (bug #634436)
with bonus minor syntax fix
Package-Manager: Portage-2.3.11, Repoman-2.3.3
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 +
...nstallation-of-an-already-in-use-group-ke.patch | 250 +
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ++
...04-Prevent-installation-of-an-all-zero-TK.patch | 79
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 +++
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43 +++
...llow-multiple-Reassociation-Response-fram.patch | 82 +
.../wpa_supplicant/wpa_supplicant-2.6-r3.ebuild| 397 +
9 files changed, 1405 insertions(+)
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
new file mode 100644
index 000..727684865db
--- /dev/null
+++
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
@@ -0,0 +1,174 @@
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef
+---
+ src/ap/ieee802_11.c | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h| 3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h | 1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+ struct ieee80211_ht_capabilities ht_cap;
+ struct ieee80211_vht_capabilities vht_cap;
++ int set = 1;
+
+ /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++ *
++ * Skip this if the STA has already completed FT reassociation and the
++ * TK has been configured since the TX/RX PN must not be reset to 0 for
++ * the same key.
+*/
+- if (!sta->added_unassoc)
++ if (!sta->added_unassoc &&
++ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
++ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++ set = 0;
++ }
+
+ #ifdef CONFIG_IEEE80211N
+ if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data
*hapd,
+ sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
+ sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
+ sta->vht_opmode, sta->p2p_ie ? 1 : 0,
+- sta->added_unassoc)) {
++ set)) {
+ hostapd_logger(hapd, sta->addr,
+ HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
+ "Could not %s STA to kernel driver",
+- sta->added_unassoc ? "set" : "add");
++ set ? "set" : "add");
+
+ if (sta->added_unassoc) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 3587086..707971d 100644
+--- a/src/ap/wpa_auth.c
b/src/ap/wpa_au
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/
commit: 319c86d1f048618da77824081843a43f049eadb5
Author: Zero_Chaos gentoo org>
AuthorDate: Mon Oct 16 13:35:32 2017 +
Commit: Richard Farina gentoo org>
CommitDate: Mon Oct 16 13:35:32 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319c86d1
net-wireless/wpa_supplicant: fix for KRACK (bug #634436)
with bonus minor syntax fix
Package-Manager: Portage-2.3.11, Repoman-2.3.3
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 +
...nstallation-of-an-already-in-use-group-ke.patch | 250 +
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ++
...04-Prevent-installation-of-an-all-zero-TK.patch | 79
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 +++
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43 +++
...llow-multiple-Reassociation-Response-fram.patch | 82 +
.../wpa_supplicant/wpa_supplicant-2.6-r3.ebuild| 397 +
9 files changed, 1405 insertions(+)
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
new file mode 100644
index 000..727684865db
--- /dev/null
+++
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
@@ -0,0 +1,174 @@
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef
+---
+ src/ap/ieee802_11.c | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h| 3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h | 1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+ struct ieee80211_ht_capabilities ht_cap;
+ struct ieee80211_vht_capabilities vht_cap;
++ int set = 1;
+
+ /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++ *
++ * Skip this if the STA has already completed FT reassociation and the
++ * TK has been configured since the TX/RX PN must not be reset to 0 for
++ * the same key.
+*/
+- if (!sta->added_unassoc)
++ if (!sta->added_unassoc &&
++ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
++ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++ set = 0;
++ }
+
+ #ifdef CONFIG_IEEE80211N
+ if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data
*hapd,
+ sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
+ sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
+ sta->vht_opmode, sta->p2p_ie ? 1 : 0,
+- sta->added_unassoc)) {
++ set)) {
+ hostapd_logger(hapd, sta->addr,
+ HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
+ "Could not %s STA to kernel driver",
+- sta->added_unassoc ? "set" : "add");
++ set ? "set" : "add");
+
+ if (sta->added_unassoc) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 3587086..707971d 100644
+--- a/src/ap/wpa_auth.c
b/src/ap/wpa_au
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/
commit: 319c86d1f048618da77824081843a43f049eadb5
Author: Zero_Chaos gentoo org>
AuthorDate: Mon Oct 16 13:35:32 2017 +
Commit: Richard Farina gentoo org>
CommitDate: Mon Oct 16 13:35:32 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319c86d1
net-wireless/wpa_supplicant: fix for KRACK (bug #634436)
with bonus minor syntax fix
Package-Manager: Portage-2.3.11, Repoman-2.3.3
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 +
...nstallation-of-an-already-in-use-group-ke.patch | 250 +
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ++
...04-Prevent-installation-of-an-all-zero-TK.patch | 79
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 +++
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43 +++
...llow-multiple-Reassociation-Response-fram.patch | 82 +
.../wpa_supplicant/wpa_supplicant-2.6-r3.ebuild| 397 +
9 files changed, 1405 insertions(+)
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
new file mode 100644
index 000..727684865db
--- /dev/null
+++
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
@@ -0,0 +1,174 @@
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef
+---
+ src/ap/ieee802_11.c | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h| 3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h | 1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+ struct ieee80211_ht_capabilities ht_cap;
+ struct ieee80211_vht_capabilities vht_cap;
++ int set = 1;
+
+ /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++ *
++ * Skip this if the STA has already completed FT reassociation and the
++ * TK has been configured since the TX/RX PN must not be reset to 0 for
++ * the same key.
+*/
+- if (!sta->added_unassoc)
++ if (!sta->added_unassoc &&
++ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
++ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++ set = 0;
++ }
+
+ #ifdef CONFIG_IEEE80211N
+ if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data
*hapd,
+ sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
+ sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
+ sta->vht_opmode, sta->p2p_ie ? 1 : 0,
+- sta->added_unassoc)) {
++ set)) {
+ hostapd_logger(hapd, sta->addr,
+ HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
+ "Could not %s STA to kernel driver",
+- sta->added_unassoc ? "set" : "add");
++ set ? "set" : "add");
+
+ if (sta->added_unassoc) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 3587086..707971d 100644
+--- a/src/ap/wpa_auth.c
b/src/ap/wpa_au
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/
commit: 319c86d1f048618da77824081843a43f049eadb5
Author: Zero_Chaos gentoo org>
AuthorDate: Mon Oct 16 13:35:32 2017 +
Commit: Richard Farina gentoo org>
CommitDate: Mon Oct 16 13:35:32 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319c86d1
net-wireless/wpa_supplicant: fix for KRACK (bug #634436)
with bonus minor syntax fix
Package-Manager: Portage-2.3.11, Repoman-2.3.3
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 +
...nstallation-of-an-already-in-use-group-ke.patch | 250 +
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ++
...04-Prevent-installation-of-an-all-zero-TK.patch | 79
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 +++
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43 +++
...llow-multiple-Reassociation-Response-fram.patch | 82 +
.../wpa_supplicant/wpa_supplicant-2.6-r3.ebuild| 397 +
9 files changed, 1405 insertions(+)
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
new file mode 100644
index 000..727684865db
--- /dev/null
+++
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
@@ -0,0 +1,174 @@
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef
+---
+ src/ap/ieee802_11.c | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h| 3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h | 1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+ struct ieee80211_ht_capabilities ht_cap;
+ struct ieee80211_vht_capabilities vht_cap;
++ int set = 1;
+
+ /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++ *
++ * Skip this if the STA has already completed FT reassociation and the
++ * TK has been configured since the TX/RX PN must not be reset to 0 for
++ * the same key.
+*/
+- if (!sta->added_unassoc)
++ if (!sta->added_unassoc &&
++ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
++ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++ set = 0;
++ }
+
+ #ifdef CONFIG_IEEE80211N
+ if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data
*hapd,
+ sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
+ sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
+ sta->vht_opmode, sta->p2p_ie ? 1 : 0,
+- sta->added_unassoc)) {
++ set)) {
+ hostapd_logger(hapd, sta->addr,
+ HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
+ "Could not %s STA to kernel driver",
+- sta->added_unassoc ? "set" : "add");
++ set ? "set" : "add");
+
+ if (sta->added_unassoc) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 3587086..707971d 100644
+--- a/src/ap/wpa_auth.c
b/src/ap/wpa_au
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/
commit: 319c86d1f048618da77824081843a43f049eadb5
Author: Zero_Chaos gentoo org>
AuthorDate: Mon Oct 16 13:35:32 2017 +
Commit: Richard Farina gentoo org>
CommitDate: Mon Oct 16 13:35:32 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319c86d1
net-wireless/wpa_supplicant: fix for KRACK (bug #634436)
with bonus minor syntax fix
Package-Manager: Portage-2.3.11, Repoman-2.3.3
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 +
...nstallation-of-an-already-in-use-group-ke.patch | 250 +
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ++
...04-Prevent-installation-of-an-all-zero-TK.patch | 79
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 +++
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43 +++
...llow-multiple-Reassociation-Response-fram.patch | 82 +
.../wpa_supplicant/wpa_supplicant-2.6-r3.ebuild| 397 +
9 files changed, 1405 insertions(+)
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
new file mode 100644
index 000..727684865db
--- /dev/null
+++
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
@@ -0,0 +1,174 @@
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef
+---
+ src/ap/ieee802_11.c | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h| 3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h | 1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+ struct ieee80211_ht_capabilities ht_cap;
+ struct ieee80211_vht_capabilities vht_cap;
++ int set = 1;
+
+ /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++ *
++ * Skip this if the STA has already completed FT reassociation and the
++ * TK has been configured since the TX/RX PN must not be reset to 0 for
++ * the same key.
+*/
+- if (!sta->added_unassoc)
++ if (!sta->added_unassoc &&
++ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
++ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++ set = 0;
++ }
+
+ #ifdef CONFIG_IEEE80211N
+ if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data
*hapd,
+ sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
+ sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
+ sta->vht_opmode, sta->p2p_ie ? 1 : 0,
+- sta->added_unassoc)) {
++ set)) {
+ hostapd_logger(hapd, sta->addr,
+ HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
+ "Could not %s STA to kernel driver",
+- sta->added_unassoc ? "set" : "add");
++ set ? "set" : "add");
+
+ if (sta->added_unassoc) {
+ hostapd_drv_sta_remove(hapd, sta->addr);
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 3587086..707971d 100644
+--- a/src/ap/wpa_auth.c
b/src/ap/wpa_au
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/files/, ...
commit: 83775f6e5802bb8bb1a78d86b2144bc0b7d31ab2
Author: Rick Farina gentoo org>
AuthorDate: Thu Mar 17 02:15:25 2022 +
Commit: Rick Farina gentoo org>
CommitDate: Thu Mar 17 02:15:47 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83775f6e
net-wireless/wpa_supplicant: drop unused patches
Signed-off-by: Rick Farina gentoo.org>
net-wireless/wpa_supplicant/Manifest | 1 -
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 --
...nstallation-of-an-already-in-use-group-ke.patch | 250 -
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ---
...04-Prevent-installation-of-an-all-zero-TK.patch | 79 ---
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64 --
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 ---
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43
...llow-multiple-Reassociation-Response-fram.patch | 82 ---
...y-ignore-management-frame-from-unexpected.patch | 73 --
.../wpa_supplicant/wpa_supplicant-2.10-r1.ebuild | 1 -
.../wpa_supplicant/wpa_supplicant-.ebuild | 1 -
12 files changed, 1084 deletions(-)
diff --git a/net-wireless/wpa_supplicant/Manifest
b/net-wireless/wpa_supplicant/Manifest
index f3bd37dd4029..0e445ba324c5 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -1,2 +1 @@
DIST wpa_supplicant-2.10.tar.gz 3511622 BLAKE2B
7f6045e5dcf24f7ccf1ea75c99541f9d68fadaea858a6ca11a95c997de14e33b3aa89138e748664579b5a4ea493d247cf6613da3c5fae49a4dbb5cd58dace752
SHA512
021c2a48f45d39c1dc6557730be5debaee071bc0ff82a271638beee6e32314e353e49d39e2f0dc8dff6e094dcc7008cfe1c32d0c7a34a1a345a12a3f1c1e11a1
-DIST wpa_supplicant-2.9-r3-patches.tar.bz2 5266 BLAKE2B
284fdeaf6328c35b1f5e88075c62c3b008ec2c400b0cc163a59d9cf8d7c356c3e58f8798e5bade102259d2e5be2ed298b63a0001d0a4ab71d90604a8ee8bf274
SHA512
80e4950ddc99d1134a29a3e5a39767c756f7c9f9f283749e688db3435184631f0384b78954f926724ceff86c96d05b4fb042160265e9d00f976a96e864b7ecc5
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644
index 727684865dbd..
---
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef
- src/ap/ieee802_11.c | 16 +---
- src/ap/wpa_auth.c| 11 +++
- src/ap/wpa_auth.h| 3 ++-
- src/ap/wpa_auth_ft.c | 10 ++
- src/ap/wpa_auth_i.h | 1 +
- 5 files changed, 37 insertions(+), 4 deletions(-)
-
-diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
-index 4e04169..333035f 100644
a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
- {
- struct ieee80211_ht_capabilities ht_cap;
- struct ieee80211_vht_capabilities vht_cap;
-+ int set = 1;
-
- /*
-* Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
-* FT-over-the-DS, where a station re-associates back to the same AP but
-* skips the authentication flow, or if working with a driver that
-* does not support full AP client state.
-+ *
-+ * Skip this if the STA has already completed FT reassociation and the
-+ * TK has been configured since the TX/RX PN must not be reset to 0 for
-+ * the same key.
-*/
-- if (!sta->added_unassoc)
-+ if (!sta->added_unassoc &&
-+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/files/, ...
commit: 83775f6e5802bb8bb1a78d86b2144bc0b7d31ab2
Author: Rick Farina gentoo org>
AuthorDate: Thu Mar 17 02:15:25 2022 +
Commit: Rick Farina gentoo org>
CommitDate: Thu Mar 17 02:15:47 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83775f6e
net-wireless/wpa_supplicant: drop unused patches
Signed-off-by: Rick Farina gentoo.org>
net-wireless/wpa_supplicant/Manifest | 1 -
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 --
...nstallation-of-an-already-in-use-group-ke.patch | 250 -
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ---
...04-Prevent-installation-of-an-all-zero-TK.patch | 79 ---
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64 --
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 ---
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43
...llow-multiple-Reassociation-Response-fram.patch | 82 ---
...y-ignore-management-frame-from-unexpected.patch | 73 --
.../wpa_supplicant/wpa_supplicant-2.10-r1.ebuild | 1 -
.../wpa_supplicant/wpa_supplicant-.ebuild | 1 -
12 files changed, 1084 deletions(-)
diff --git a/net-wireless/wpa_supplicant/Manifest
b/net-wireless/wpa_supplicant/Manifest
index f3bd37dd4029..0e445ba324c5 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -1,2 +1 @@
DIST wpa_supplicant-2.10.tar.gz 3511622 BLAKE2B
7f6045e5dcf24f7ccf1ea75c99541f9d68fadaea858a6ca11a95c997de14e33b3aa89138e748664579b5a4ea493d247cf6613da3c5fae49a4dbb5cd58dace752
SHA512
021c2a48f45d39c1dc6557730be5debaee071bc0ff82a271638beee6e32314e353e49d39e2f0dc8dff6e094dcc7008cfe1c32d0c7a34a1a345a12a3f1c1e11a1
-DIST wpa_supplicant-2.9-r3-patches.tar.bz2 5266 BLAKE2B
284fdeaf6328c35b1f5e88075c62c3b008ec2c400b0cc163a59d9cf8d7c356c3e58f8798e5bade102259d2e5be2ed298b63a0001d0a4ab71d90604a8ee8bf274
SHA512
80e4950ddc99d1134a29a3e5a39767c756f7c9f9f283749e688db3435184631f0384b78954f926724ceff86c96d05b4fb042160265e9d00f976a96e864b7ecc5
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644
index 727684865dbd..
---
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef
- src/ap/ieee802_11.c | 16 +---
- src/ap/wpa_auth.c| 11 +++
- src/ap/wpa_auth.h| 3 ++-
- src/ap/wpa_auth_ft.c | 10 ++
- src/ap/wpa_auth_i.h | 1 +
- 5 files changed, 37 insertions(+), 4 deletions(-)
-
-diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
-index 4e04169..333035f 100644
a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
- {
- struct ieee80211_ht_capabilities ht_cap;
- struct ieee80211_vht_capabilities vht_cap;
-+ int set = 1;
-
- /*
-* Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
-* FT-over-the-DS, where a station re-associates back to the same AP but
-* skips the authentication flow, or if working with a driver that
-* does not support full AP client state.
-+ *
-+ * Skip this if the STA has already completed FT reassociation and the
-+ * TK has been configured since the TX/RX PN must not be reset to 0 for
-+ * the same key.
-*/
-- if (!sta->added_unassoc)
-+ if (!sta->added_unassoc &&
-+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/files/, ...
commit: 83775f6e5802bb8bb1a78d86b2144bc0b7d31ab2
Author: Rick Farina gentoo org>
AuthorDate: Thu Mar 17 02:15:25 2022 +
Commit: Rick Farina gentoo org>
CommitDate: Thu Mar 17 02:15:47 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83775f6e
net-wireless/wpa_supplicant: drop unused patches
Signed-off-by: Rick Farina gentoo.org>
net-wireless/wpa_supplicant/Manifest | 1 -
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 --
...nstallation-of-an-already-in-use-group-ke.patch | 250 -
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ---
...04-Prevent-installation-of-an-all-zero-TK.patch | 79 ---
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64 --
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 ---
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43
...llow-multiple-Reassociation-Response-fram.patch | 82 ---
...y-ignore-management-frame-from-unexpected.patch | 73 --
.../wpa_supplicant/wpa_supplicant-2.10-r1.ebuild | 1 -
.../wpa_supplicant/wpa_supplicant-.ebuild | 1 -
12 files changed, 1084 deletions(-)
diff --git a/net-wireless/wpa_supplicant/Manifest
b/net-wireless/wpa_supplicant/Manifest
index f3bd37dd4029..0e445ba324c5 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -1,2 +1 @@
DIST wpa_supplicant-2.10.tar.gz 3511622 BLAKE2B
7f6045e5dcf24f7ccf1ea75c99541f9d68fadaea858a6ca11a95c997de14e33b3aa89138e748664579b5a4ea493d247cf6613da3c5fae49a4dbb5cd58dace752
SHA512
021c2a48f45d39c1dc6557730be5debaee071bc0ff82a271638beee6e32314e353e49d39e2f0dc8dff6e094dcc7008cfe1c32d0c7a34a1a345a12a3f1c1e11a1
-DIST wpa_supplicant-2.9-r3-patches.tar.bz2 5266 BLAKE2B
284fdeaf6328c35b1f5e88075c62c3b008ec2c400b0cc163a59d9cf8d7c356c3e58f8798e5bade102259d2e5be2ed298b63a0001d0a4ab71d90604a8ee8bf274
SHA512
80e4950ddc99d1134a29a3e5a39767c756f7c9f9f283749e688db3435184631f0384b78954f926724ceff86c96d05b4fb042160265e9d00f976a96e864b7ecc5
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644
index 727684865dbd..
---
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef
- src/ap/ieee802_11.c | 16 +---
- src/ap/wpa_auth.c| 11 +++
- src/ap/wpa_auth.h| 3 ++-
- src/ap/wpa_auth_ft.c | 10 ++
- src/ap/wpa_auth_i.h | 1 +
- 5 files changed, 37 insertions(+), 4 deletions(-)
-
-diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
-index 4e04169..333035f 100644
a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
- {
- struct ieee80211_ht_capabilities ht_cap;
- struct ieee80211_vht_capabilities vht_cap;
-+ int set = 1;
-
- /*
-* Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
-* FT-over-the-DS, where a station re-associates back to the same AP but
-* skips the authentication flow, or if working with a driver that
-* does not support full AP client state.
-+ *
-+ * Skip this if the STA has already completed FT reassociation and the
-+ * TK has been configured since the TX/RX PN must not be reset to 0 for
-+ * the same key.
-*/
-- if (!sta->added_unassoc)
-+ if (!sta->added_unassoc &&
-+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/files/, ...
commit: 83775f6e5802bb8bb1a78d86b2144bc0b7d31ab2
Author: Rick Farina gentoo org>
AuthorDate: Thu Mar 17 02:15:25 2022 +
Commit: Rick Farina gentoo org>
CommitDate: Thu Mar 17 02:15:47 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83775f6e
net-wireless/wpa_supplicant: drop unused patches
Signed-off-by: Rick Farina gentoo.org>
net-wireless/wpa_supplicant/Manifest | 1 -
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 --
...nstallation-of-an-already-in-use-group-ke.patch | 250 -
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ---
...04-Prevent-installation-of-an-all-zero-TK.patch | 79 ---
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64 --
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 ---
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43
...llow-multiple-Reassociation-Response-fram.patch | 82 ---
...y-ignore-management-frame-from-unexpected.patch | 73 --
.../wpa_supplicant/wpa_supplicant-2.10-r1.ebuild | 1 -
.../wpa_supplicant/wpa_supplicant-.ebuild | 1 -
12 files changed, 1084 deletions(-)
diff --git a/net-wireless/wpa_supplicant/Manifest
b/net-wireless/wpa_supplicant/Manifest
index f3bd37dd4029..0e445ba324c5 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -1,2 +1 @@
DIST wpa_supplicant-2.10.tar.gz 3511622 BLAKE2B
7f6045e5dcf24f7ccf1ea75c99541f9d68fadaea858a6ca11a95c997de14e33b3aa89138e748664579b5a4ea493d247cf6613da3c5fae49a4dbb5cd58dace752
SHA512
021c2a48f45d39c1dc6557730be5debaee071bc0ff82a271638beee6e32314e353e49d39e2f0dc8dff6e094dcc7008cfe1c32d0c7a34a1a345a12a3f1c1e11a1
-DIST wpa_supplicant-2.9-r3-patches.tar.bz2 5266 BLAKE2B
284fdeaf6328c35b1f5e88075c62c3b008ec2c400b0cc163a59d9cf8d7c356c3e58f8798e5bade102259d2e5be2ed298b63a0001d0a4ab71d90604a8ee8bf274
SHA512
80e4950ddc99d1134a29a3e5a39767c756f7c9f9f283749e688db3435184631f0384b78954f926724ceff86c96d05b4fb042160265e9d00f976a96e864b7ecc5
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644
index 727684865dbd..
---
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef
- src/ap/ieee802_11.c | 16 +---
- src/ap/wpa_auth.c| 11 +++
- src/ap/wpa_auth.h| 3 ++-
- src/ap/wpa_auth_ft.c | 10 ++
- src/ap/wpa_auth_i.h | 1 +
- 5 files changed, 37 insertions(+), 4 deletions(-)
-
-diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
-index 4e04169..333035f 100644
a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
- {
- struct ieee80211_ht_capabilities ht_cap;
- struct ieee80211_vht_capabilities vht_cap;
-+ int set = 1;
-
- /*
-* Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
-* FT-over-the-DS, where a station re-associates back to the same AP but
-* skips the authentication flow, or if working with a driver that
-* does not support full AP client state.
-+ *
-+ * Skip this if the STA has already completed FT reassociation and the
-+ * TK has been configured since the TX/RX PN must not be reset to 0 for
-+ * the same key.
-*/
-- if (!sta->added_unassoc)
-+ if (!sta->added_unassoc &&
-+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/files/, ...
commit: 83775f6e5802bb8bb1a78d86b2144bc0b7d31ab2
Author: Rick Farina gentoo org>
AuthorDate: Thu Mar 17 02:15:25 2022 +
Commit: Rick Farina gentoo org>
CommitDate: Thu Mar 17 02:15:47 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83775f6e
net-wireless/wpa_supplicant: drop unused patches
Signed-off-by: Rick Farina gentoo.org>
net-wireless/wpa_supplicant/Manifest | 1 -
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 --
...nstallation-of-an-already-in-use-group-ke.patch | 250 -
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ---
...04-Prevent-installation-of-an-all-zero-TK.patch | 79 ---
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64 --
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 ---
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43
...llow-multiple-Reassociation-Response-fram.patch | 82 ---
...y-ignore-management-frame-from-unexpected.patch | 73 --
.../wpa_supplicant/wpa_supplicant-2.10-r1.ebuild | 1 -
.../wpa_supplicant/wpa_supplicant-.ebuild | 1 -
12 files changed, 1084 deletions(-)
diff --git a/net-wireless/wpa_supplicant/Manifest
b/net-wireless/wpa_supplicant/Manifest
index f3bd37dd4029..0e445ba324c5 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -1,2 +1 @@
DIST wpa_supplicant-2.10.tar.gz 3511622 BLAKE2B
7f6045e5dcf24f7ccf1ea75c99541f9d68fadaea858a6ca11a95c997de14e33b3aa89138e748664579b5a4ea493d247cf6613da3c5fae49a4dbb5cd58dace752
SHA512
021c2a48f45d39c1dc6557730be5debaee071bc0ff82a271638beee6e32314e353e49d39e2f0dc8dff6e094dcc7008cfe1c32d0c7a34a1a345a12a3f1c1e11a1
-DIST wpa_supplicant-2.9-r3-patches.tar.bz2 5266 BLAKE2B
284fdeaf6328c35b1f5e88075c62c3b008ec2c400b0cc163a59d9cf8d7c356c3e58f8798e5bade102259d2e5be2ed298b63a0001d0a4ab71d90604a8ee8bf274
SHA512
80e4950ddc99d1134a29a3e5a39767c756f7c9f9f283749e688db3435184631f0384b78954f926724ceff86c96d05b4fb042160265e9d00f976a96e864b7ecc5
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644
index 727684865dbd..
---
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef
- src/ap/ieee802_11.c | 16 +---
- src/ap/wpa_auth.c| 11 +++
- src/ap/wpa_auth.h| 3 ++-
- src/ap/wpa_auth_ft.c | 10 ++
- src/ap/wpa_auth_i.h | 1 +
- 5 files changed, 37 insertions(+), 4 deletions(-)
-
-diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
-index 4e04169..333035f 100644
a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
- {
- struct ieee80211_ht_capabilities ht_cap;
- struct ieee80211_vht_capabilities vht_cap;
-+ int set = 1;
-
- /*
-* Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
-* FT-over-the-DS, where a station re-associates back to the same AP but
-* skips the authentication flow, or if working with a driver that
-* does not support full AP client state.
-+ *
-+ * Skip this if the STA has already completed FT reassociation and the
-+ * TK has been configured since the TX/RX PN must not be reset to 0 for
-+ * the same key.
-*/
-- if (!sta->added_unassoc)
-+ if (!sta->added_unassoc &&
-+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/files/, ...
commit: 83775f6e5802bb8bb1a78d86b2144bc0b7d31ab2
Author: Rick Farina gentoo org>
AuthorDate: Thu Mar 17 02:15:25 2022 +
Commit: Rick Farina gentoo org>
CommitDate: Thu Mar 17 02:15:47 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83775f6e
net-wireless/wpa_supplicant: drop unused patches
Signed-off-by: Rick Farina gentoo.org>
net-wireless/wpa_supplicant/Manifest | 1 -
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 --
...nstallation-of-an-already-in-use-group-ke.patch | 250 -
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ---
...04-Prevent-installation-of-an-all-zero-TK.patch | 79 ---
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64 --
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 ---
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43
...llow-multiple-Reassociation-Response-fram.patch | 82 ---
...y-ignore-management-frame-from-unexpected.patch | 73 --
.../wpa_supplicant/wpa_supplicant-2.10-r1.ebuild | 1 -
.../wpa_supplicant/wpa_supplicant-.ebuild | 1 -
12 files changed, 1084 deletions(-)
diff --git a/net-wireless/wpa_supplicant/Manifest
b/net-wireless/wpa_supplicant/Manifest
index f3bd37dd4029..0e445ba324c5 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -1,2 +1 @@
DIST wpa_supplicant-2.10.tar.gz 3511622 BLAKE2B
7f6045e5dcf24f7ccf1ea75c99541f9d68fadaea858a6ca11a95c997de14e33b3aa89138e748664579b5a4ea493d247cf6613da3c5fae49a4dbb5cd58dace752
SHA512
021c2a48f45d39c1dc6557730be5debaee071bc0ff82a271638beee6e32314e353e49d39e2f0dc8dff6e094dcc7008cfe1c32d0c7a34a1a345a12a3f1c1e11a1
-DIST wpa_supplicant-2.9-r3-patches.tar.bz2 5266 BLAKE2B
284fdeaf6328c35b1f5e88075c62c3b008ec2c400b0cc163a59d9cf8d7c356c3e58f8798e5bade102259d2e5be2ed298b63a0001d0a4ab71d90604a8ee8bf274
SHA512
80e4950ddc99d1134a29a3e5a39767c756f7c9f9f283749e688db3435184631f0384b78954f926724ceff86c96d05b4fb042160265e9d00f976a96e864b7ecc5
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644
index 727684865dbd..
---
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef
- src/ap/ieee802_11.c | 16 +---
- src/ap/wpa_auth.c| 11 +++
- src/ap/wpa_auth.h| 3 ++-
- src/ap/wpa_auth_ft.c | 10 ++
- src/ap/wpa_auth_i.h | 1 +
- 5 files changed, 37 insertions(+), 4 deletions(-)
-
-diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
-index 4e04169..333035f 100644
a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
- {
- struct ieee80211_ht_capabilities ht_cap;
- struct ieee80211_vht_capabilities vht_cap;
-+ int set = 1;
-
- /*
-* Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
-* FT-over-the-DS, where a station re-associates back to the same AP but
-* skips the authentication flow, or if working with a driver that
-* does not support full AP client state.
-+ *
-+ * Skip this if the STA has already completed FT reassociation and the
-+ * TK has been configured since the TX/RX PN must not be reset to 0 for
-+ * the same key.
-*/
-- if (!sta->added_unassoc)
-+ if (!sta->added_unassoc &&
-+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/files/, ...
commit: 83775f6e5802bb8bb1a78d86b2144bc0b7d31ab2
Author: Rick Farina gentoo org>
AuthorDate: Thu Mar 17 02:15:25 2022 +
Commit: Rick Farina gentoo org>
CommitDate: Thu Mar 17 02:15:47 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83775f6e
net-wireless/wpa_supplicant: drop unused patches
Signed-off-by: Rick Farina gentoo.org>
net-wireless/wpa_supplicant/Manifest | 1 -
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 --
...nstallation-of-an-already-in-use-group-ke.patch | 250 -
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ---
...04-Prevent-installation-of-an-all-zero-TK.patch | 79 ---
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64 --
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 ---
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43
...llow-multiple-Reassociation-Response-fram.patch | 82 ---
...y-ignore-management-frame-from-unexpected.patch | 73 --
.../wpa_supplicant/wpa_supplicant-2.10-r1.ebuild | 1 -
.../wpa_supplicant/wpa_supplicant-.ebuild | 1 -
12 files changed, 1084 deletions(-)
diff --git a/net-wireless/wpa_supplicant/Manifest
b/net-wireless/wpa_supplicant/Manifest
index f3bd37dd4029..0e445ba324c5 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -1,2 +1 @@
DIST wpa_supplicant-2.10.tar.gz 3511622 BLAKE2B
7f6045e5dcf24f7ccf1ea75c99541f9d68fadaea858a6ca11a95c997de14e33b3aa89138e748664579b5a4ea493d247cf6613da3c5fae49a4dbb5cd58dace752
SHA512
021c2a48f45d39c1dc6557730be5debaee071bc0ff82a271638beee6e32314e353e49d39e2f0dc8dff6e094dcc7008cfe1c32d0c7a34a1a345a12a3f1c1e11a1
-DIST wpa_supplicant-2.9-r3-patches.tar.bz2 5266 BLAKE2B
284fdeaf6328c35b1f5e88075c62c3b008ec2c400b0cc163a59d9cf8d7c356c3e58f8798e5bade102259d2e5be2ed298b63a0001d0a4ab71d90604a8ee8bf274
SHA512
80e4950ddc99d1134a29a3e5a39767c756f7c9f9f283749e688db3435184631f0384b78954f926724ceff86c96d05b4fb042160265e9d00f976a96e864b7ecc5
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644
index 727684865dbd..
---
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef
- src/ap/ieee802_11.c | 16 +---
- src/ap/wpa_auth.c| 11 +++
- src/ap/wpa_auth.h| 3 ++-
- src/ap/wpa_auth_ft.c | 10 ++
- src/ap/wpa_auth_i.h | 1 +
- 5 files changed, 37 insertions(+), 4 deletions(-)
-
-diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
-index 4e04169..333035f 100644
a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
- {
- struct ieee80211_ht_capabilities ht_cap;
- struct ieee80211_vht_capabilities vht_cap;
-+ int set = 1;
-
- /*
-* Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
-* FT-over-the-DS, where a station re-associates back to the same AP but
-* skips the authentication flow, or if working with a driver that
-* does not support full AP client state.
-+ *
-+ * Skip this if the STA has already completed FT reassociation and the
-+ * TK has been configured since the TX/RX PN must not be reset to 0 for
-+ * the same key.
-*/
-- if (!sta->added_unassoc)
-+ if (!sta->added_unassoc &&
-+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+
[gentoo-commits] repo/gentoo:master commit in: net-wireless/wpa_supplicant/files/2017-1/, net-wireless/wpa_supplicant/files/, ...
commit: 83775f6e5802bb8bb1a78d86b2144bc0b7d31ab2
Author: Rick Farina gentoo org>
AuthorDate: Thu Mar 17 02:15:25 2022 +
Commit: Rick Farina gentoo org>
CommitDate: Thu Mar 17 02:15:47 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83775f6e
net-wireless/wpa_supplicant: drop unused patches
Signed-off-by: Rick Farina gentoo.org>
net-wireless/wpa_supplicant/Manifest | 1 -
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 --
...nstallation-of-an-already-in-use-group-ke.patch | 250 -
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 ---
...04-Prevent-installation-of-an-all-zero-TK.patch | 79 ---
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64 --
...6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 ---
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43
...llow-multiple-Reassociation-Response-fram.patch | 82 ---
...y-ignore-management-frame-from-unexpected.patch | 73 --
.../wpa_supplicant/wpa_supplicant-2.10-r1.ebuild | 1 -
.../wpa_supplicant/wpa_supplicant-.ebuild | 1 -
12 files changed, 1084 deletions(-)
diff --git a/net-wireless/wpa_supplicant/Manifest
b/net-wireless/wpa_supplicant/Manifest
index f3bd37dd4029..0e445ba324c5 100644
--- a/net-wireless/wpa_supplicant/Manifest
+++ b/net-wireless/wpa_supplicant/Manifest
@@ -1,2 +1 @@
DIST wpa_supplicant-2.10.tar.gz 3511622 BLAKE2B
7f6045e5dcf24f7ccf1ea75c99541f9d68fadaea858a6ca11a95c997de14e33b3aa89138e748664579b5a4ea493d247cf6613da3c5fae49a4dbb5cd58dace752
SHA512
021c2a48f45d39c1dc6557730be5debaee071bc0ff82a271638beee6e32314e353e49d39e2f0dc8dff6e094dcc7008cfe1c32d0c7a34a1a345a12a3f1c1e11a1
-DIST wpa_supplicant-2.9-r3-patches.tar.bz2 5266 BLAKE2B
284fdeaf6328c35b1f5e88075c62c3b008ec2c400b0cc163a59d9cf8d7c356c3e58f8798e5bade102259d2e5be2ed298b63a0001d0a4ab71d90604a8ee8bf274
SHA512
80e4950ddc99d1134a29a3e5a39767c756f7c9f9f283749e688db3435184631f0384b78954f926724ceff86c96d05b4fb042160265e9d00f976a96e864b7ecc5
diff --git
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
b/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644
index 727684865dbd..
---
a/net-wireless/wpa_supplicant/files/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef
- src/ap/ieee802_11.c | 16 +---
- src/ap/wpa_auth.c| 11 +++
- src/ap/wpa_auth.h| 3 ++-
- src/ap/wpa_auth_ft.c | 10 ++
- src/ap/wpa_auth_i.h | 1 +
- 5 files changed, 37 insertions(+), 4 deletions(-)
-
-diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
-index 4e04169..333035f 100644
a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
- {
- struct ieee80211_ht_capabilities ht_cap;
- struct ieee80211_vht_capabilities vht_cap;
-+ int set = 1;
-
- /*
-* Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
-* FT-over-the-DS, where a station re-associates back to the same AP but
-* skips the authentication flow, or if working with a driver that
-* does not support full AP client state.
-+ *
-+ * Skip this if the STA has already completed FT reassociation and the
-+ * TK has been configured since the TX/RX PN must not be reset to 0 for
-+ * the same key.
-*/
-- if (!sta->added_unassoc)
-+ if (!sta->added_unassoc &&
-+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+
