RE: svn commit: r324696 - in head/contrib/wpa: src/ap src/common src/rsn_supp wpa_supplicant
This managed to get stuck in the outbox on my phone. Better late than never. I think we need to start planning to upgrade to 2.6 (and 2.7 when it comes out), or at least thinking about it, especially with 10.x being badly out of date. Also possibly remove hostapd, instead relying on the port for that. --- Sent using a tiny phone keyboard. Apologies for any typos and autocorrect. Cy Schubert or -Original Message- From: Gordon Tetlow Sent: 17/10/2017 10:22 To: src-committ...@freebsd.org; svn-src-...@freebsd.org; svn-src-head@freebsd.org Subject: svn commit: r324696 - in head/contrib/wpa: src/ap src/common src/rsn_supp wpa_supplicant Author: gordon Date: Tue Oct 17 17:22:36 2017 New Revision: 324696 URL: https://svnweb.freebsd.org/changeset/base/324696 Log: Update wpa_supplicant/hostapd for 2017-01 vulnerability release. hostapd: Avoid key reinstallation in FT handshake Prevent reinstallation of an already in-use group key Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases Fix TK configuration to the driver in EAPOL-Key 3/4 retry case Prevent installation of an all-zero TK Fix PTK rekeying to generate a new ANonce TDLS: Reject TPK-TK reconfiguration WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used WNM: Ignore WNM-Sleep Mode Response without pending request FT: Do not allow multiple Reassociation Response frames TDLS: Ignore incoming TDLS Setup Response retries Submitted by: jhb Obtained from:https://w1.fi/security/2017-01/ (against later version) Security: FreeBSD-SA-17:07 Security: CERT VU#228519 Security: CVE-2017-13077 Security: CVE-2017-13078 Security: CVE-2017-13079 Security: CVE-2017-13080 Security: CVE-2017-13081 Security: CVE-2017-13082 Security: CVE-2017-13086 Security: CVE-2017-13087 Security: CVE-2017-13088 Differential Revision:https://reviews.freebsd.org/D12693 Modified: head/contrib/wpa/src/ap/wpa_auth.c head/contrib/wpa/src/ap/wpa_auth.h head/contrib/wpa/src/ap/wpa_auth_ft.c head/contrib/wpa/src/ap/wpa_auth_i.h head/contrib/wpa/src/common/wpa_common.h head/contrib/wpa/src/rsn_supp/tdls.c head/contrib/wpa/src/rsn_supp/wpa.c head/contrib/wpa/src/rsn_supp/wpa_ft.c head/contrib/wpa/src/rsn_supp/wpa_i.h head/contrib/wpa/wpa_supplicant/ctrl_iface.c head/contrib/wpa/wpa_supplicant/events.c head/contrib/wpa/wpa_supplicant/wnm_sta.c head/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h Modified: head/contrib/wpa/src/ap/wpa_auth.c == --- head/contrib/wpa/src/ap/wpa_auth.c Tue Oct 17 16:29:50 2017 (r324695) +++ head/contrib/wpa/src/ap/wpa_auth.c Tue Oct 17 17:22:36 2017 (r324696) @@ -1893,6 +1893,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2) } +static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) +{ + if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { + wpa_printf(MSG_ERROR, + "WPA: Failed to get random data for ANonce"); + sm->Disconnect = TRUE; + return -1; + } + wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce, + WPA_NONCE_LEN); + sm->TimeoutCtr = 0; + return 0; +} + + SM_STATE(WPA_PTK, INITPMK) { u8 msk[2 * PMK_LEN]; @@ -2414,9 +2429,12 @@ SM_STEP(WPA_PTK) SM_ENTER(WPA_PTK, AUTHENTICATION); else if (sm->ReAuthenticationRequest) SM_ENTER(WPA_PTK, AUTHENTICATION2); - else if (sm->PTKRequest) - SM_ENTER(WPA_PTK, PTKSTART); - else switch (sm->wpa_ptk_state) { + else if (sm->PTKRequest) { + if (wpa_auth_sm_ptk_update(sm) < 0) + SM_ENTER(WPA_PTK, DISCONNECTED); + else + SM_ENTER(WPA_PTK, PTKSTART); + } else switch (sm->wpa_ptk_state) { case WPA_PTK_INITIALIZE: break; case WPA_PTK_DISCONNECT: @@ -3206,6 +3224,14 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machine if (sm == NULL) return 0; return sm->wpa; +} + + +int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm) +{ + if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt)) + return 0; + return sm->tk_already_set; } Modified: head/contrib/wpa/src/ap/wpa_auth.h == --- head/contrib/wpa/src/ap/wpa_auth.h Tue Oct 17 16:29:50 2017 (r324695) +++ head/contrib/wpa/src/ap/wpa_auth.h Tue Oct 17 17:22:36 2017 (r324696) @@ -271,6 +271,7 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm int wpa_auth_get_pairwise(struct wpa_state_machine *sm); in
svn commit: r324696 - in head/contrib/wpa: src/ap src/common src/rsn_supp wpa_supplicant
Author: gordon Date: Tue Oct 17 17:22:36 2017 New Revision: 324696 URL: https://svnweb.freebsd.org/changeset/base/324696 Log: Update wpa_supplicant/hostapd for 2017-01 vulnerability release. hostapd: Avoid key reinstallation in FT handshake Prevent reinstallation of an already in-use group key Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases Fix TK configuration to the driver in EAPOL-Key 3/4 retry case Prevent installation of an all-zero TK Fix PTK rekeying to generate a new ANonce TDLS: Reject TPK-TK reconfiguration WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used WNM: Ignore WNM-Sleep Mode Response without pending request FT: Do not allow multiple Reassociation Response frames TDLS: Ignore incoming TDLS Setup Response retries Submitted by: jhb Obtained from:https://w1.fi/security/2017-01/ (against later version) Security: FreeBSD-SA-17:07 Security: CERT VU#228519 Security: CVE-2017-13077 Security: CVE-2017-13078 Security: CVE-2017-13079 Security: CVE-2017-13080 Security: CVE-2017-13081 Security: CVE-2017-13082 Security: CVE-2017-13086 Security: CVE-2017-13087 Security: CVE-2017-13088 Differential Revision:https://reviews.freebsd.org/D12693 Modified: head/contrib/wpa/src/ap/wpa_auth.c head/contrib/wpa/src/ap/wpa_auth.h head/contrib/wpa/src/ap/wpa_auth_ft.c head/contrib/wpa/src/ap/wpa_auth_i.h head/contrib/wpa/src/common/wpa_common.h head/contrib/wpa/src/rsn_supp/tdls.c head/contrib/wpa/src/rsn_supp/wpa.c head/contrib/wpa/src/rsn_supp/wpa_ft.c head/contrib/wpa/src/rsn_supp/wpa_i.h head/contrib/wpa/wpa_supplicant/ctrl_iface.c head/contrib/wpa/wpa_supplicant/events.c head/contrib/wpa/wpa_supplicant/wnm_sta.c head/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h Modified: head/contrib/wpa/src/ap/wpa_auth.c == --- head/contrib/wpa/src/ap/wpa_auth.c Tue Oct 17 16:29:50 2017 (r324695) +++ head/contrib/wpa/src/ap/wpa_auth.c Tue Oct 17 17:22:36 2017 (r324696) @@ -1893,6 +1893,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2) } +static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) +{ + if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { + wpa_printf(MSG_ERROR, + "WPA: Failed to get random data for ANonce"); + sm->Disconnect = TRUE; + return -1; + } + wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce, + WPA_NONCE_LEN); + sm->TimeoutCtr = 0; + return 0; +} + + SM_STATE(WPA_PTK, INITPMK) { u8 msk[2 * PMK_LEN]; @@ -2414,9 +2429,12 @@ SM_STEP(WPA_PTK) SM_ENTER(WPA_PTK, AUTHENTICATION); else if (sm->ReAuthenticationRequest) SM_ENTER(WPA_PTK, AUTHENTICATION2); - else if (sm->PTKRequest) - SM_ENTER(WPA_PTK, PTKSTART); - else switch (sm->wpa_ptk_state) { + else if (sm->PTKRequest) { + if (wpa_auth_sm_ptk_update(sm) < 0) + SM_ENTER(WPA_PTK, DISCONNECTED); + else + SM_ENTER(WPA_PTK, PTKSTART); + } else switch (sm->wpa_ptk_state) { case WPA_PTK_INITIALIZE: break; case WPA_PTK_DISCONNECT: @@ -3206,6 +3224,14 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machine if (sm == NULL) return 0; return sm->wpa; +} + + +int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm) +{ + if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt)) + return 0; + return sm->tk_already_set; } Modified: head/contrib/wpa/src/ap/wpa_auth.h == --- head/contrib/wpa/src/ap/wpa_auth.h Tue Oct 17 16:29:50 2017 (r324695) +++ head/contrib/wpa/src/ap/wpa_auth.h Tue Oct 17 17:22:36 2017 (r324696) @@ -271,6 +271,7 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm int wpa_auth_get_pairwise(struct wpa_state_machine *sm); int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm); int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm); +int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm); int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm, struct rsn_pmksa_cache_entry *entry); struct rsn_pmksa_cache_entry * Modified: head/contrib/wpa/src/ap/wpa_auth_ft.c == --- head/contrib/wpa/src/ap/wpa_auth_ft.c Tue Oct 17 16:29:50 2017 (r324695) +++ head/contrib/wpa/src/ap/wpa_auth_ft.c Tue Oct 17 17:22:36 2017 (r324696) @@ -780,6 +780,14 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm