diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2019-05-04 01:52:25 +0200 |
---|---|---|
committer | Petr Štetiar <ynezz@true.cz> | 2019-11-14 20:59:58 +0100 |
commit | 80b58a9db6a514138e979ccf06d0fe4dc52f0907 (patch) | |
tree | 0658866191081fad509033aea534091df2299a27 /package/network/services/hostapd/patches/061-0001-OpenSSL-Use-constant-time-operations-for-private-big.patch | |
parent | e1854815aa4e8d85cc7a831d665a8a43d00f41c0 (diff) | |
download | upstream-80b58a9db6a514138e979ccf06d0fe4dc52f0907.tar.gz upstream-80b58a9db6a514138e979ccf06d0fe4dc52f0907.tar.bz2 upstream-80b58a9db6a514138e979ccf06d0fe4dc52f0907.zip |
hostapd: Update to version 2.8 (2019-04-21)
This also syncs the configuration files with the default configuration
files, but no extra options are activated or deactivated.
The mesh patches were partially merged into hostapd 2.8, the remaining
patches were extracted from patchwork and are now applied by OpenWrt.
The patches still have open questions which are not fixed by the author.
They were taken from this page:
https://patchwork.ozlabs.org/project/hostap/list/?series=62725&state=*
The changes in 007-mesh-apply-channel-attributes-before-running-Mesh.patch
where first applied to hostapd, but later reverted in hostapd commit
3e949655ccc5 because they caused memory leaks.
The size of the ipkgs increase a bit (between 1.3% and 2.3%):
old 2018-12-02 (2.7):
283337 wpad-basic_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
252857 wpad-mini_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
417473 wpad-openssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
415105 wpad-wolfssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
new 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit 8af79550e6c280717660f66032d89d21007b15d2)
Diffstat (limited to 'package/network/services/hostapd/patches/061-0001-OpenSSL-Use-constant-time-operations-for-private-big.patch')
-rw-r--r-- | package/network/services/hostapd/patches/061-0001-OpenSSL-Use-constant-time-operations-for-private-big.patch | 88 |
1 files changed, 0 insertions, 88 deletions
diff --git a/package/network/services/hostapd/patches/061-0001-OpenSSL-Use-constant-time-operations-for-private-big.patch b/package/network/services/hostapd/patches/061-0001-OpenSSL-Use-constant-time-operations-for-private-big.patch deleted file mode 100644 index 7a73b09ff9..0000000000 --- a/package/network/services/hostapd/patches/061-0001-OpenSSL-Use-constant-time-operations-for-private-big.patch +++ /dev/null @@ -1,88 +0,0 @@ -From d42c477cc794163a3757956bbffca5cea000923c Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <jouni@codeaurora.org> -Date: Tue, 26 Feb 2019 11:43:03 +0200 -Subject: [PATCH 01/14] OpenSSL: Use constant time operations for private - bignums - -This helps in reducing measurable timing differences in operations -involving private information. BoringSSL has removed BN_FLG_CONSTTIME -and expects specific constant time functions to be called instead, so a -bit different approach is needed depending on which library is used. - -The main operation that needs protection against side channel attacks is -BN_mod_exp() that depends on private keys (the public key validation -step in crypto_dh_derive_secret() is an exception that can use the -faster version since it does not depend on private keys). - -crypto_bignum_div() is currently used only in SAE FFC case with not -safe-prime groups and only with values that do not depend on private -keys, so it is not critical to protect it. - -crypto_bignum_inverse() is currently used only in SAE FFC PWE -derivation. The additional protection here is targeting only OpenSSL. -BoringSSL may need conversion to using BN_mod_inverse_blinded(). - -This is related to CVE-2019-9494 and CVE-2019-9495. - -Signed-off-by: Jouni Malinen <jouni@codeaurora.org> ---- - src/crypto/crypto_openssl.c | 20 +++++++++++++++----- - 1 file changed, 15 insertions(+), 5 deletions(-) - ---- a/src/crypto/crypto_openssl.c -+++ b/src/crypto/crypto_openssl.c -@@ -549,7 +549,8 @@ int crypto_mod_exp(const u8 *base, size_ - bn_result == NULL) - goto error; - -- if (BN_mod_exp(bn_result, bn_base, bn_exp, bn_modulus, ctx) != 1) -+ if (BN_mod_exp_mont_consttime(bn_result, bn_base, bn_exp, bn_modulus, -+ ctx, NULL) != 1) - goto error; - - *result_len = BN_bn2bin(bn_result, result); -@@ -1295,8 +1296,9 @@ int crypto_bignum_exptmod(const struct c - bnctx = BN_CTX_new(); - if (bnctx == NULL) - return -1; -- res = BN_mod_exp((BIGNUM *) d, (const BIGNUM *) a, (const BIGNUM *) b, -- (const BIGNUM *) c, bnctx); -+ res = BN_mod_exp_mont_consttime((BIGNUM *) d, (const BIGNUM *) a, -+ (const BIGNUM *) b, (const BIGNUM *) c, -+ bnctx, NULL); - BN_CTX_free(bnctx); - - return res ? 0 : -1; -@@ -1315,6 +1317,11 @@ int crypto_bignum_inverse(const struct c - bnctx = BN_CTX_new(); - if (bnctx == NULL) - return -1; -+#ifdef OPENSSL_IS_BORINGSSL -+ /* TODO: use BN_mod_inverse_blinded() ? */ -+#else /* OPENSSL_IS_BORINGSSL */ -+ BN_set_flags((BIGNUM *) a, BN_FLG_CONSTTIME); -+#endif /* OPENSSL_IS_BORINGSSL */ - res = BN_mod_inverse((BIGNUM *) c, (const BIGNUM *) a, - (const BIGNUM *) b, bnctx); - BN_CTX_free(bnctx); -@@ -1348,6 +1355,9 @@ int crypto_bignum_div(const struct crypt - bnctx = BN_CTX_new(); - if (bnctx == NULL) - return -1; -+#ifndef OPENSSL_IS_BORINGSSL -+ BN_set_flags((BIGNUM *) a, BN_FLG_CONSTTIME); -+#endif /* OPENSSL_IS_BORINGSSL */ - res = BN_div((BIGNUM *) c, NULL, (const BIGNUM *) a, - (const BIGNUM *) b, bnctx); - BN_CTX_free(bnctx); -@@ -1439,8 +1449,8 @@ int crypto_bignum_legendre(const struct - /* exp = (p-1) / 2 */ - !BN_sub(exp, (const BIGNUM *) p, BN_value_one()) || - !BN_rshift1(exp, exp) || -- !BN_mod_exp(tmp, (const BIGNUM *) a, exp, (const BIGNUM *) p, -- bnctx)) -+ !BN_mod_exp_mont_consttime(tmp, (const BIGNUM *) a, exp, -+ (const BIGNUM *) p, bnctx, NULL)) - goto fail; - - if (BN_is_word(tmp, 1)) |