diff options
author | Felix Fietkau <nbd@nbd.name> | 2017-10-16 11:39:23 +0200 |
---|---|---|
committer | Felix Fietkau <nbd@nbd.name> | 2017-10-16 12:01:57 +0200 |
commit | bbda81ce3077dfade2a43a39f772cfec2e82a9a5 (patch) | |
tree | 85d3ecb10669b2829220c0c2f134e80094bd837e /package/network/services/hostapd/patches/600-ubus_support.patch | |
parent | 0d5c1d7f238cd5aca207268950edc70ed6cf0a05 (diff) | |
download | upstream-bbda81ce3077dfade2a43a39f772cfec2e82a9a5.tar.gz upstream-bbda81ce3077dfade2a43a39f772cfec2e82a9a5.tar.bz2 upstream-bbda81ce3077dfade2a43a39f772cfec2e82a9a5.zip |
hostapd: merge fixes for WPA packet number reuse with replayed messages and key reinstallation
Fixes:
- CERT case ID: VU#228519
- CVE-2017-13077
- CVE-2017-13078
- CVE-2017-13079
- CVE-2017-13080
- CVE-2017-13081
- CVE-2017-13082
- CVE-2017-13086
- CVE-2017-13087
- CVE-2017-13088
For more information see:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'package/network/services/hostapd/patches/600-ubus_support.patch')
-rw-r--r-- | package/network/services/hostapd/patches/600-ubus_support.patch | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch index 86f388997e..0c85a27ca5 100644 --- a/package/network/services/hostapd/patches/600-ubus_support.patch +++ b/package/network/services/hostapd/patches/600-ubus_support.patch @@ -104,8 +104,8 @@ + .frame_info = fi, + }; - if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) { - wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)", + if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) { + wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)", @@ -1757,6 +1763,12 @@ static void handle_auth(struct hostapd_d resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; @@ -116,10 +116,10 @@ + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } - if (res == HOSTAPD_ACL_PENDING) - return; - -@@ -2860,7 +2872,7 @@ void fils_hlp_timeout(void *eloop_ctx, v + if (res == HOSTAPD_ACL_PENDING) + return; + +@@ -2870,7 +2882,7 @@ void fils_hlp_timeout(void *eloop_ctx, v static void handle_assoc(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len, @@ -128,9 +128,9 @@ { u16 capab_info, listen_interval, seq_ctrl, fc; u16 resp = WLAN_STATUS_SUCCESS, reply_res; -@@ -2874,6 +2886,11 @@ static void handle_assoc(struct hostapd_ +@@ -2884,6 +2896,11 @@ static void handle_assoc(struct hostapd_ #ifdef CONFIG_FILS - int delay_assoc = 0; + int delay_assoc = 0; #endif /* CONFIG_FILS */ + struct hostapd_ubus_request req = { + .type = HOSTAPD_UBUS_ASSOC_REQ, @@ -140,7 +140,7 @@ if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_req) : sizeof(mgmt->u.assoc_req))) { -@@ -3041,6 +3058,13 @@ static void handle_assoc(struct hostapd_ +@@ -3051,6 +3068,13 @@ static void handle_assoc(struct hostapd_ } #endif /* CONFIG_MBO */ @@ -154,7 +154,7 @@ /* * sta->capability is used in check_assoc_ies() for RRM enabled * capability element. -@@ -3248,6 +3272,7 @@ static void handle_disassoc(struct hosta +@@ -3258,6 +3282,7 @@ static void handle_disassoc(struct hosta wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d", MAC2STR(mgmt->sa), le_to_host16(mgmt->u.disassoc.reason_code)); @@ -162,7 +162,7 @@ sta = ap_get_sta(hapd, mgmt->sa); if (sta == NULL) { -@@ -3313,6 +3338,8 @@ static void handle_deauth(struct hostapd +@@ -3323,6 +3348,8 @@ static void handle_deauth(struct hostapd " reason_code=%d", MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code)); @@ -171,7 +171,7 @@ sta = ap_get_sta(hapd, mgmt->sa); if (sta == NULL) { wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR " trying " -@@ -3627,7 +3654,7 @@ int ieee802_11_mgmt(struct hostapd_data +@@ -3637,7 +3664,7 @@ int ieee802_11_mgmt(struct hostapd_data if (stype == WLAN_FC_STYPE_PROBE_REQ) { @@ -180,7 +180,7 @@ return 1; } -@@ -3647,17 +3674,17 @@ int ieee802_11_mgmt(struct hostapd_data +@@ -3657,17 +3684,17 @@ int ieee802_11_mgmt(struct hostapd_data switch (stype) { case WLAN_FC_STYPE_AUTH: wpa_printf(MSG_DEBUG, "mgmt::auth"); |