diff --git a/CVE-2019-11555-1.patch b/CVE-2019-11555-1.patch deleted file mode 100644 index 47e0af99bfeb075cce98e3d425c20c719a621e05..0000000000000000000000000000000000000000 --- a/CVE-2019-11555-1.patch +++ /dev/null @@ -1,47 +0,0 @@ -From d2d1a324ce937628e4d9d9999fe113819b7d4478 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Wed, 17 Apr 2019 02:21:20 +0300 -Subject: EAP-pwd peer: Fix reassembly buffer handling - -Unexpected fragment might result in data->inbuf not being allocated -before processing and that could have resulted in NULL pointer -dereference. Fix that by explicitly checking for data->inbuf to be -available before using it. - -Signed-off-by: Jouni Malinen - -backport addr https://w1.fi/cgit/hostap/patch/?id=d2d1a324ce937628e4d9d9999fe113819b7d4478 ---- - src/eap_peer/eap_pwd.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c -index bbe9b40..f8e1afe 100644 ---- a/src/eap_peer/eap_pwd.c -+++ b/src/eap_peer/eap_pwd.c -@@ -888,6 +888,13 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret, - * buffer and ACK the fragment - */ - if (EAP_PWD_GET_MORE_BIT(lm_exch) || data->in_frag_pos) { -+ if (!data->inbuf) { -+ wpa_printf(MSG_DEBUG, -+ "EAP-pwd: No buffer for reassembly"); -+ ret->methodState = METHOD_DONE; -+ ret->decision = DECISION_FAIL; -+ return NULL; -+ } - data->in_frag_pos += len; - if (data->in_frag_pos > wpabuf_size(data->inbuf)) { - wpa_printf(MSG_INFO, "EAP-pwd: Buffer overflow attack " -@@ -914,7 +921,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret, - /* - * we're buffering and this is the last fragment - */ -- if (data->in_frag_pos) { -+ if (data->in_frag_pos && data->inbuf) { - wpa_printf(MSG_DEBUG, "EAP-pwd: Last fragment, %d bytes", - (int) len); - pos = wpabuf_head_u8(data->inbuf); --- -2.19.1 - diff --git a/CVE-2019-11555-2.patch b/CVE-2019-11555-2.patch deleted file mode 100644 index 43ea67ef06e713c75d67e10a32622866e56544b2..0000000000000000000000000000000000000000 --- a/CVE-2019-11555-2.patch +++ /dev/null @@ -1,47 +0,0 @@ -From fe76f487e28bdc61940f304f153a954cf36935ea Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Wed, 17 Apr 2019 01:55:32 +0300 -Subject: EAP-pwd server: Fix reassembly buffer handling - -data->inbuf allocation might fail and if that were to happen, the next -fragment in the exchange could have resulted in NULL pointer -dereference. Unexpected fragment with more bit might also be able to -trigger this. Fix that by explicitly checking for data->inbuf to be -available before using it. - -Signed-off-by: Jouni Malinen - -backport addr https://w1.fi/cgit/hostap/patch/?id=fe76f487e28bdc61940f304f153a954cf36935ea ---- - src/eap_server/eap_server_pwd.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c -index 275bdf8..afad505 100644 ---- a/src/eap_server/eap_server_pwd.c -+++ b/src/eap_server/eap_server_pwd.c -@@ -968,6 +968,12 @@ static void eap_pwd_process(struct eap_sm *sm, void *priv, - * the first and all intermediate fragments have the M bit set - */ - if (EAP_PWD_GET_MORE_BIT(lm_exch) || data->in_frag_pos) { -+ if (!data->inbuf) { -+ wpa_printf(MSG_DEBUG, -+ "EAP-pwd: No buffer for reassembly"); -+ eap_pwd_state(data, FAILURE); -+ return; -+ } - if ((data->in_frag_pos + len) > wpabuf_size(data->inbuf)) { - wpa_printf(MSG_DEBUG, "EAP-pwd: Buffer overflow " - "attack detected! (%d+%d > %d)", -@@ -988,7 +994,7 @@ static void eap_pwd_process(struct eap_sm *sm, void *priv, - * last fragment won't have the M bit set (but we're obviously - * buffering fragments so that's how we know it's the last) - */ -- if (data->in_frag_pos) { -+ if (data->in_frag_pos && data->inbuf) { - pos = wpabuf_head_u8(data->inbuf); - len = data->in_frag_pos; - wpa_printf(MSG_DEBUG, "EAP-pwd: Last fragment, %d bytes", --- -2.19.1 - diff --git a/CVE-2019-13377-1.patch b/CVE-2019-13377-1.patch deleted file mode 100644 index 2df2e1a1dd7e5022160b4646c8e90f3188f0fd07..0000000000000000000000000000000000000000 --- a/CVE-2019-13377-1.patch +++ /dev/null @@ -1,28 +0,0 @@ -From e43f08991f00820c1f711ca254021d5f83b5cd7d Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Thu, 25 Apr 2019 18:52:34 +0300 -Subject: [PATCH 1/6] SAE: Use const_time_memcmp() for pwd_value >= prime - comparison - -This reduces timing and memory access pattern differences for an -operation that could depend on the used password. - -Signed-off-by: Jouni Malinen -(cherry picked from commit 8e14b030e558d23f65d761895c07089404e61cf1) - -diff --git a/src/common/sae.c b/src/common/sae.c -index 72b7954..4741753 100644 ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -287,7 +287,7 @@ static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed, - wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value", - pwd_value, sae->tmp->prime_len); - -- if (os_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0) -+ if (const_time_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0) - return 0; - - x_cand = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len); --- -2.23.0 - diff --git a/CVE-2019-13377-2-pre.patch b/CVE-2019-13377-2-pre.patch deleted file mode 100644 index 886b097d119c0f5bfdc87cfeb22f73aeb16c18cf..0000000000000000000000000000000000000000 --- a/CVE-2019-13377-2-pre.patch +++ /dev/null @@ -1,246 +0,0 @@ -From 8b093db2c3f489a74b67f687becf750d24fcf626 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Sat, 13 Apr 2019 17:30:22 +0300 -Subject: EAP-pwd: Remove unused checks for cofactor > 1 cases - -None of the ECC groups supported in the implementation had a cofactor -greater than 1, so these checks are unreachable and for all cases, the -cofactor is known to be 1. Furthermore, RFC 5931 explicitly disallow use -of ECC groups with cofactor larger than 1, so this checks cannot be -needed for any curve that is compliant with the RFC. - -Remove the unneeded group cofactor checks to simplify the -implementation. ---- - src/eap_common/eap_pwd_common.c | 53 ++--------------------------------------- - src/eap_peer/eap_pwd.c | 23 +++--------------- - src/eap_server/eap_server_pwd.c | 23 ++---------------- - 3 files changed, 7 insertions(+), 92 deletions(-) - -diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c -index ccd3627..cd7cd0f 100644 ---- a/src/eap_common/eap_pwd_common.c -+++ b/src/eap_common/eap_pwd_common.c -@@ -149,7 +149,7 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* - * mask */ - size_t primebytelen = 0, primebitlen; -- struct crypto_bignum *x_candidate = NULL, *cofactor = NULL; -+ struct crypto_bignum *x_candidate = NULL; - const struct crypto_bignum *prime; - u8 mask, found_ctr = 0, is_odd = 0; - -@@ -159,21 +159,15 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - os_memset(x_bin, 0, sizeof(x_bin)); - - prime = crypto_ec_get_prime(grp->group); -- cofactor = crypto_bignum_init(); - grp->pwe = crypto_ec_point_init(grp->group); - tmp1 = crypto_bignum_init(); - pm1 = crypto_bignum_init(); - one = crypto_bignum_init_set((const u8 *) "\x01", 1); -- if (!cofactor || !grp->pwe || !tmp1 || !pm1 || !one) { -+ if ( !grp->pwe || !tmp1 || !pm1 || !one) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to create bignums"); - goto fail; - } - -- if (crypto_ec_cofactor(grp->group, cofactor) < 0) { -- wpa_printf(MSG_INFO, "EAP-pwd: unable to get cofactor for " -- "curve"); -- goto fail; -- } - primebitlen = crypto_ec_prime_len_bits(grp->group); - primebytelen = crypto_ec_prime_len(grp->group); - if ((prfbuf = os_malloc(primebytelen)) == NULL) { -@@ -342,19 +336,6 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - goto fail; - } - -- if (!crypto_bignum_is_one(cofactor)) { -- /* make sure the point is not in a small sub-group */ -- if (crypto_ec_point_mul(grp->group, grp->pwe, cofactor, -- grp->pwe) != 0) { -- wpa_printf(MSG_INFO, -- "EAP-pwd: cannot multiply generator by order"); -- goto fail; -- } -- if (crypto_ec_point_is_at_infinity(grp->group, grp->pwe)) { -- wpa_printf(MSG_INFO, "EAP-pwd: point is at infinity"); -- goto fail; -- } -- } - wpa_printf(MSG_DEBUG, "EAP-pwd: found a PWE in %02d tries", found_ctr); - - if (0) { -@@ -364,7 +345,6 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - ret = 1; - } - /* cleanliness and order.... */ -- crypto_bignum_deinit(cofactor, 1); - crypto_bignum_deinit(x_candidate, 1); - crypto_bignum_deinit(pm1, 0); - crypto_bignum_deinit(tmp1, 1); -@@ -491,35 +471,7 @@ struct crypto_ec_point * eap_pwd_get_element(EAP_PWD_group *group, - goto fail; - } - -- cofactor = crypto_bignum_init(); -- if (!cofactor || crypto_ec_cofactor(group->group, cofactor) < 0) { -- wpa_printf(MSG_INFO, -- "EAP-pwd: Unable to get cofactor for curve"); -- goto fail; -- } -- -- if (!crypto_bignum_is_one(cofactor)) { -- struct crypto_ec_point *point; -- int ok = 1; -- -- /* check to ensure peer's element is not in a small sub-group */ -- point = crypto_ec_point_init(group->group); -- if (!point || -- crypto_ec_point_mul(group->group, element, -- cofactor, point) != 0 || -- crypto_ec_point_is_at_infinity(group->group, point)) -- ok = 0; -- crypto_ec_point_deinit(point, 0); -- -- if (!ok) { -- wpa_printf(MSG_INFO, -- "EAP-pwd: Small sub-group check on peer element failed"); -- goto fail; -- } -- } -- - out: -- crypto_bignum_deinit(cofactor, 0); - return element; - fail: - crypto_ec_point_deinit(element, 0); -diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c -index 8064f3f..1ed00e2 100644 ---- a/src/eap_peer/eap_pwd.c -+++ b/src/eap_peer/eap_pwd.c -@@ -347,7 +347,7 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, - const u8 *payload, size_t payload_len) - { - struct crypto_ec_point *K = NULL, *point = NULL; -- struct crypto_bignum *mask = NULL, *cofactor = NULL; -+ struct crypto_bignum *mask = NULL; - const u8 *ptr; - u8 *scalar = NULL, *element = NULL; - size_t prime_len, order_len; -@@ -370,20 +370,14 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, - - data->private_value = crypto_bignum_init(); - data->my_element = crypto_ec_point_init(data->grp->group); -- cofactor = crypto_bignum_init(); - data->my_scalar = crypto_bignum_init(); - mask = crypto_bignum_init(); -- if (!data->private_value || !data->my_element || !cofactor || -+ if (!data->private_value || !data->my_element || - !data->my_scalar || !mask) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): scalar allocation fail"); - goto fin; - } - -- if (crypto_ec_cofactor(data->grp->group, cofactor) < 0) { -- wpa_printf(MSG_INFO, "EAP-pwd (peer): unable to get cofactor " -- "for curve"); -- goto fin; -- } - - if (crypto_bignum_rand(data->private_value, - crypto_ec_get_order(data->grp->group)) < 0 || -@@ -470,17 +464,9 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, - goto fin; - } - -- /* ensure that the shared key isn't in a small sub-group */ -- if (!crypto_bignum_is_one(cofactor)) { -- if (crypto_ec_point_mul(data->grp->group, K, cofactor, K) < 0) { -- wpa_printf(MSG_INFO, "EAP-PWD (peer): cannot multiply " -- "shared key point by order"); -- goto fin; -- } -- } - - /* -- * This check is strictly speaking just for the case above where -+ * This check is strictly speaking just for the case where - * co-factor > 1 but it was suggested that even though this is probably - * never going to happen it is a simple and safe check "just to be - * sure" so let's be safe. -@@ -529,7 +515,6 @@ fin: - os_free(scalar); - os_free(element); - crypto_bignum_deinit(mask, 1); -- crypto_bignum_deinit(cofactor, 1); - crypto_ec_point_deinit(K, 1); - crypto_ec_point_deinit(point, 1); - if (data->outbuf == NULL) -diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c -index b952b67..aa0f0d8 100644 ---- a/src/eap_server/eap_server_pwd.c -+++ b/src/eap_server/eap_server_pwd.c -@@ -602,7 +602,6 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - const u8 *payload, size_t payload_len) - { - const u8 *ptr; -- struct crypto_bignum *cofactor = NULL; - struct crypto_ec_point *K = NULL, *point = NULL; - int res = 0; - size_t prime_len, order_len; -@@ -621,20 +620,14 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - } - - data->k = crypto_bignum_init(); -- cofactor = crypto_bignum_init(); - point = crypto_ec_point_init(data->grp->group); - K = crypto_ec_point_init(data->grp->group); -- if (!data->k || !cofactor || !point || !K) { -+ if (!data->k || !point || !K) { - wpa_printf(MSG_INFO, "EAP-PWD (server): peer data allocation " - "fail"); - goto fin; - } - -- if (crypto_ec_cofactor(data->grp->group, cofactor) < 0) { -- wpa_printf(MSG_INFO, "EAP-PWD (server): unable to get " -- "cofactor for curve"); -- goto fin; -- } - - /* element, x then y, followed by scalar */ - ptr = payload; -@@ -666,18 +659,9 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - goto fin; - } - -- /* ensure that the shared key isn't in a small sub-group */ -- if (!crypto_bignum_is_one(cofactor)) { -- if (crypto_ec_point_mul(data->grp->group, K, cofactor, -- K) != 0) { -- wpa_printf(MSG_INFO, "EAP-PWD (server): cannot " -- "multiply shared key point by order!\n"); -- goto fin; -- } -- } - - /* -- * This check is strictly speaking just for the case above where -+ * This check is strictly speaking just for the case where - * co-factor > 1 but it was suggested that even though this is probably - * never going to happen it is a simple and safe check "just to be - * sure" so let's be safe. -@@ -697,7 +681,6 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - fin: - crypto_ec_point_deinit(K, 1); - crypto_ec_point_deinit(point, 1); -- crypto_bignum_deinit(cofactor, 1); - - if (res) - eap_pwd_state(data, PWD_Confirm_Req); --- -2.23.0 - diff --git a/CVE-2019-13377-2-pre1.patch b/CVE-2019-13377-2-pre1.patch deleted file mode 100644 index 3631686b9ad910d2fc19bdd5e379c40ae5d3546f..0000000000000000000000000000000000000000 --- a/CVE-2019-13377-2-pre1.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 92e1b96c26a84e503847bdd22ebadf697c4031ad Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Sat, 13 Apr 2019 17:20:57 +0300 -Subject: EAP-pwd: Disallow ECC groups with a prime under 256 bits - -Based on the SAE implementation guidance update to not allow ECC groups -with a prime that is under 256 bits, reject groups 25, 26, and 27 in -EAP-pwd. - -Signed-off-by: Jouni Malinen ---- - -diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c -index a2dd386..ccd3627 100644 ---- a/src/eap_common/eap_pwd_common.c -+++ b/src/eap_common/eap_pwd_common.c -@@ -84,11 +84,23 @@ static int eap_pwd_kdf(const u8 *key, size_t keylen, const u8 *label, - return 0; - } - -+static int eap_pwd_suitable_group(u16 num) -+{ -+ /* Do not allow ECC groups with prime under 256 bits based on guidance -+ * for the similar design in SAE. */ -+ return num == 19 || num == 20 || num == 21 || -+ num == 28 || num == 29 || num == 30; -+} - EAP_PWD_group * get_eap_pwd_group(u16 num) - { - EAP_PWD_group *grp; - - grp = os_zalloc(sizeof(EAP_PWD_group)); -+ if (!eap_pwd_suitable_group(num)) { -+ wpa_printf(MSG_INFO, "EAP-pwd: unsuitable group %u", num); -+ return NULL; -+ } -+ - if (!grp) - return NULL; - grp->group = crypto_ec_init(num); --- -2.23.0 - diff --git a/CVE-2019-13377-2.patch b/CVE-2019-13377-2.patch deleted file mode 100644 index d419574e37549b0b72ef31a3e76787cb1ffae816..0000000000000000000000000000000000000000 --- a/CVE-2019-13377-2.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 20d7bd83c43fb24c4cf84d3045254d3ee1957166 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Thu, 25 Apr 2019 19:07:05 +0300 -Subject: [PATCH 2/6] EAP-pwd: Use const_time_memcmp() for pwd_value >= prime - comparison - -This reduces timing and memory access pattern differences for an -operation that could depend on the used password. - -Signed-off-by: Jouni Malinen -(cherry picked from commit 7958223fdcfe82479e6ed71019a84f6d4cbf799c) ---- - src/eap_common/eap_pwd_common.c | 13 ++++++++----- - 1 file changed, 8 insertions(+), 5 deletions(-) - -diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c -index cd7cd0f..a2aaafe 100644 ---- a/src/eap_common/eap_pwd_common.c -+++ b/src/eap_common/eap_pwd_common.c -@@ -142,6 +142,7 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - u8 qnr_bin[MAX_ECC_PRIME_LEN]; - u8 qr_or_qnr_bin[MAX_ECC_PRIME_LEN]; - u8 x_bin[MAX_ECC_PRIME_LEN]; -+ u8 prime_bin[MAX_ECC_PRIME_LEN]; - struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL, *pm1 = NULL; - struct crypto_hash *hash; - unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr; -@@ -159,6 +160,11 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - os_memset(x_bin, 0, sizeof(x_bin)); - - prime = crypto_ec_get_prime(grp->group); -+ primebitlen = crypto_ec_prime_len_bits(grp->group); -+ primebytelen = crypto_ec_prime_len(grp->group); -+ if (crypto_bignum_to_bin(prime, prime_bin, sizeof(prime_bin), -+ primebytelen) < 0) -+ return -1; - grp->pwe = crypto_ec_point_init(grp->group); - tmp1 = crypto_bignum_init(); - pm1 = crypto_bignum_init(); -@@ -168,8 +174,6 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - goto fail; - } - -- primebitlen = crypto_ec_prime_len_bits(grp->group); -- primebytelen = crypto_ec_prime_len(grp->group); - if ((prfbuf = os_malloc(primebytelen)) == NULL) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to malloc space for prf " - "buffer"); -@@ -235,6 +239,8 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - if (primebitlen % 8) - buf_shift_right(prfbuf, primebytelen, - 8 - primebitlen % 8); -+ if (const_time_memcmp(prfbuf, prime_bin, primebytelen) >= 0) -+ continue; - - crypto_bignum_deinit(x_candidate, 1); - x_candidate = crypto_bignum_init_set(prfbuf, primebytelen); -@@ -244,9 +250,6 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - goto fail; - } - -- if (crypto_bignum_cmp(x_candidate, prime) >= 0) -- continue; -- - wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: x_candidate", - prfbuf, primebytelen); - const_time_select_bin(found, x_bin, prfbuf, primebytelen, --- -2.23.0 - diff --git a/CVE-2019-13377-3.patch b/CVE-2019-13377-3.patch deleted file mode 100644 index 07d41ed2ecac95a827d7fdde3cb084853cd7a8d5..0000000000000000000000000000000000000000 --- a/CVE-2019-13377-3.patch +++ /dev/null @@ -1,66 +0,0 @@ -From ee34d8cfbd0fbf7ba7429531d4bee1c43b074d8b Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Thu, 25 Apr 2019 19:23:05 +0300 -Subject: [PATCH 3/6] OpenSSL: Use BN_bn2binpad() or BN_bn2bin_padded() if - available - -This converts crypto_bignum_to_bin() to use the OpenSSL/BoringSSL -functions BN_bn2binpad()/BN_bn2bin_padded(), when available, to avoid -differences in runtime and memory access patterns depending on the -leading bytes of the BIGNUM value. - -OpenSSL 1.0.2 and LibreSSL do not include such functions, so those cases -are still using the previous implementation where the BN_num_bytes() -call may result in different memory access pattern. - -Signed-off-by: Jouni Malinen -(cherry picked from commit 1e237903f5b5d3117342daf006c5878cdb45e3d3) ---- - src/crypto/crypto_openssl.c | 16 ++++++++++++++++ - 1 file changed, 16 insertions(+) - -diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c -index 748a7ad..00b61b9 100644 ---- a/src/crypto/crypto_openssl.c -+++ b/src/crypto/crypto_openssl.c -@@ -1129,14 +1129,27 @@ void crypto_bignum_deinit(struct crypto_bignum *n, int clear) - int crypto_bignum_to_bin(const struct crypto_bignum *a, - u8 *buf, size_t buflen, size_t padlen) - { -+#ifdef OPENSSL_IS_BORINGSSL -+#else /* OPENSSL_IS_BORINGSSL */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+#else - int num_bytes, offset; -+#endif -+#endif /* OPENSSL_IS_BORINGSSL */ - - if (TEST_FAIL()) - return -1; - - if (padlen > buflen) - return -1; -- -+#ifdef OPENSSL_IS_BORINGSSL -+ if (BN_bn2bin_padded(buf, padlen, (const BIGNUM *) a) == 0) -+ return -1; -+ return padlen; -+#else /* OPENSSL_IS_BORINGSSL */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+ return BN_bn2binpad((const BIGNUM *) a, buf, padlen); -+#else - num_bytes = BN_num_bytes((const BIGNUM *) a); - if ((size_t) num_bytes > buflen) - return -1; -@@ -1149,6 +1162,8 @@ int crypto_bignum_to_bin(const struct crypto_bignum *a, - BN_bn2bin((const BIGNUM *) a, buf + offset); - - return num_bytes + offset; -+#endif -+#endif /* OPENSSL_IS_BORINGSSL */ - } - - --- -2.23.0 - diff --git a/CVE-2019-13377-4.patch b/CVE-2019-13377-4.patch deleted file mode 100644 index f685a601041c62a77c149785759e90b3be6a063d..0000000000000000000000000000000000000000 --- a/CVE-2019-13377-4.patch +++ /dev/null @@ -1,59 +0,0 @@ -From a25b48118d75f3c2d7cb1b2c3b4cffb13091a34c Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Mon, 24 Jun 2019 23:01:06 +0300 -Subject: [PATCH 4/6] SAE: Run through prf result processing even if it >= - prime - -This reduces differences in timing and memory access within the -hunting-and-pecking loop for ECC groups that have a prime that is not -close to a power of two (e.g., Brainpool curves). - -Signed-off-by: Jouni Malinen -(cherry picked from commit 147bf7b88a9c231322b5b574263071ca6dbb0503) ---- - src/common/sae.c | 15 ++++++++++++--- - 1 file changed, 12 insertions(+), 3 deletions(-) - -diff --git a/src/common/sae.c b/src/common/sae.c -index 4741753..e155a71 100644 ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -274,6 +274,8 @@ static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed, - struct crypto_bignum *y_sqr, *x_cand; - int res; - size_t bits; -+ int cmp_prime; -+ unsigned int in_range; - - wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-seed", pwd_seed, SHA256_MAC_LEN); - -@@ -287,8 +289,13 @@ static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed, - wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value", - pwd_value, sae->tmp->prime_len); - -- if (const_time_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0) -- return 0; -+ cmp_prime = const_time_memcmp(pwd_value, prime, sae->tmp->prime_len); -+ /* Create a const_time mask for selection based on prf result -+ * being smaller than prime. */ -+ in_range = const_time_fill_msb((unsigned int) cmp_prime); -+ /* The algorithm description would skip the next steps if -+ * cmp_prime >= 0 (reutnr 0 here), but go through them regardless to -+ * minimize externally observable differences in behavior. */ - - x_cand = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len); - if (!x_cand) -@@ -300,7 +307,9 @@ static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed, - - res = is_quadratic_residue_blind(sae, prime, bits, qr, qnr, y_sqr); - crypto_bignum_deinit(y_sqr, 1); -- return res; -+ if (res < 0) -+ return res; -+ return const_time_select_int(in_range, res, 0); - } - - --- -2.23.0 - diff --git a/CVE-2019-13377-5.patch b/CVE-2019-13377-5.patch deleted file mode 100644 index dfdf4ac034eec15e5d8b9963d695414bc38f4d0a..0000000000000000000000000000000000000000 --- a/CVE-2019-13377-5.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 00a6cc73da61b03c146b6c341d0d1e572bcef432 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Mon, 24 Jun 2019 23:02:51 +0300 -Subject: [PATCH 5/6] EAP-pwd: Run through prf result processing even if it >= - prime - -This reduces differences in timing and memory access within the -hunting-and-pecking loop for ECC groups that have a prime that is not -close to a power of two (e.g., Brainpool curves). - -Signed-off-by: Jouni Malinen -(cherry picked from commit cd803299ca485eb857e37c88f973fccfbb8600e5) - ---- - src/eap_common/eap_pwd_common.c | 13 ++++++++++--- - 1 file changed, 10 insertions(+), 3 deletions(-) - -diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c -index a2aaafe..8e7966e 100644 ---- a/src/eap_common/eap_pwd_common.c -+++ b/src/eap_common/eap_pwd_common.c -@@ -153,6 +153,8 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - struct crypto_bignum *x_candidate = NULL; - const struct crypto_bignum *prime; - u8 mask, found_ctr = 0, is_odd = 0; -+ int cmp_prime; -+ unsigned int in_range; - - if (grp->pwe) - return -1; -@@ -239,8 +241,13 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - if (primebitlen % 8) - buf_shift_right(prfbuf, primebytelen, - 8 - primebitlen % 8); -- if (const_time_memcmp(prfbuf, prime_bin, primebytelen) >= 0) -- continue; -+ cmp_prime = const_time_memcmp(prfbuf, prime_bin, primebytelen); -+ /* Create a const_time mask for selection based on prf result -+ * being smaller than prime. */ -+ in_range = const_time_fill_msb((unsigned int) cmp_prime); -+ /* The algorithm description would skip the next steps if -+ * cmp_prime >= 0, but go through them regardless to minimize -+ * externally observable differences in behavior. */ - - crypto_bignum_deinit(x_candidate, 1); - x_candidate = crypto_bignum_init_set(prfbuf, primebytelen); -@@ -308,7 +315,7 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - goto fail; - mask = const_time_eq(res, check); - found_ctr = const_time_select_u8(found, found_ctr, ctr); -- found |= mask; -+ found |= mask & in_range; - } - if (found == 0) { - wpa_printf(MSG_INFO, --- -2.23.0 - diff --git a/CVE-2019-13377-6-pre.patch b/CVE-2019-13377-6-pre.patch deleted file mode 100644 index 603fab46c372f68bd3793846f8d1617dad3baf6b..0000000000000000000000000000000000000000 --- a/CVE-2019-13377-6-pre.patch +++ /dev/null @@ -1,59 +0,0 @@ -From db54db11aec763b6fc74715c36e0f9de0d65e206 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Mon, 8 Apr 2019 18:01:07 +0300 -Subject: SAE: Reject unsuitable groups based on REVmd changes - -The rules defining which DH groups are suitable for SAE use were -accepted into IEEE 802.11 REVmd based on this document: -https://mentor.ieee.org/802.11/dcn/19/11-19-0387-02-000m-addressing-some-sae-comments.docx - -Enforce those rules in production builds of wpa_supplicant and hostapd. -CONFIG_TESTING_OPTIONS=y builds can still be used to select any o the -implemented groups to maintain testing coverage. - -Signed-off-by: Jouni Malinen - ---- - src/common/sae.c | 21 +++++++++++++++++++++ - 1 file changed, 21 insertions(+) - -diff --git a/src/common/sae.c b/src/common/sae.c -index e155a71..91b6b41 100644 ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -17,11 +17,32 @@ - #include "ieee802_11_defs.h" - #include "sae.h" - -+static int sae_suitable_group(int group) -+{ -+#ifdef CONFIG_TESTING_OPTIONS -+ /* Allow all groups for testing purposes in non-production builds. */ -+ return 1; -+#else /* CONFIG_TESTING_OPTIONS */ -+ /* Enforce REVmd rules on which SAE groups are suitable for production -+ * purposes: FFC groups whose prime is >= 3072 bits and ECC groups -+ * defined over a prime field whose prime is >= 256 bits. Furthermore, -+ * ECC groups defined over a characteristic 2 finite field and ECC -+ * groups with a co-factor greater than 1 are not suitable. */ -+ return group == 19 || group == 20 || group == 21 || -+ group == 28 || group == 29 || group == 30 || -+ group == 15 || group == 16 || group == 17 || group == 18; -+#endif /* CONFIG_TESTING_OPTIONS */ -+} - - int sae_set_group(struct sae_data *sae, int group) - { - struct sae_temporary_data *tmp; - -+ if (!sae_suitable_group(group)) { -+ wpa_printf(MSG_DEBUG, "SAE: Reject unsuitable group %d", group); -+ return -1; -+ } -+ - sae_clear_data(sae); - tmp = sae->tmp = os_zalloc(sizeof(*tmp)); - if (tmp == NULL) --- -2.23.0 - diff --git a/CVE-2019-13377-6.patch b/CVE-2019-13377-6.patch deleted file mode 100644 index 7015b0f2140b20505441f8220f4ca6cb6ac07508..0000000000000000000000000000000000000000 --- a/CVE-2019-13377-6.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 558518ed63202e5358116ab7e0afd5e85490f2ef Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Sat, 27 Jul 2019 23:19:17 +0300 -Subject: [PATCH 6/6] dragonfly: Disable use of groups using Brainpool curves - -Disable groups that use Brainpool curves for now since they leak more -timing information due to the prime not being close to a power of two. -This removes use of groups 28, 29, and 30 from SAE and EAP-pwd. - -Signed-off-by: Jouni Malinen -(cherry picked from commit 876c5eaa6dae1a87a17603fc489a44c29eedc2e3) - ---- - src/common/sae.c | 7 +++++-- - src/eap_common/eap_pwd_common.c | 3 +-- - 2 files changed, 6 insertions(+), 4 deletions(-) - -diff --git a/src/common/sae.c b/src/common/sae.c -index 91b6b41..5ef6c4c 100644 ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -27,9 +27,12 @@ static int sae_suitable_group(int group) - * purposes: FFC groups whose prime is >= 3072 bits and ECC groups - * defined over a prime field whose prime is >= 256 bits. Furthermore, - * ECC groups defined over a characteristic 2 finite field and ECC -- * groups with a co-factor greater than 1 are not suitable. */ -+ * groups with a co-factor greater than 1 are not suitable. Disable -+ * groups that use Brainpool curves as well for now since they leak more -+ * timing information due to the prime not being close to a power of -+ * two. */ -+ - return group == 19 || group == 20 || group == 21 || -- group == 28 || group == 29 || group == 30 || - group == 15 || group == 16 || group == 17 || group == 18; - #endif /* CONFIG_TESTING_OPTIONS */ - } -diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c -index 8e7966e..bac2796 100644 ---- a/src/eap_common/eap_pwd_common.c -+++ b/src/eap_common/eap_pwd_common.c -@@ -88,8 +88,7 @@ static int eap_pwd_suitable_group(u16 num) - { - /* Do not allow ECC groups with prime under 256 bits based on guidance - * for the similar design in SAE. */ -- return num == 19 || num == 20 || num == 21 || -- num == 28 || num == 29 || num == 30; -+ return num == 19 || num == 20 || num == 21; - } - EAP_PWD_group * get_eap_pwd_group(u16 num) - { --- -2.23.0 - diff --git a/CVE-2019-16275.patch b/CVE-2019-16275.patch deleted file mode 100644 index d764a9db016c5d2a50bdfb5a8de27ca8ef5aae23..0000000000000000000000000000000000000000 --- a/CVE-2019-16275.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 8c07fa9eda13e835f3f968b2e1c9a8be3a851ff9 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Thu, 29 Aug 2019 11:52:04 +0300 -Subject: [PATCH] AP: Silently ignore management frame from unexpected source - address - -Do not process any received Management frames with unexpected/invalid SA -so that we do not add any state for unexpected STA addresses or end up -sending out frames to unexpected destination. This prevents unexpected -sequences where an unprotected frame might end up causing the AP to send -out a response to another device and that other device processing the -unexpected response. - -In particular, this prevents some potential denial of service cases -where the unexpected response frame from the AP might result in a -connected station dropping its association. - -Signed-off-by: Jouni Malinen ---- - src/ap/drv_callbacks.c | 13 +++++++++++++ - src/ap/ieee802_11.c | 12 ++++++++++++ - 2 files changed, 25 insertions(+) - -diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c -index 31587685fe3b..34ca379edc3d 100644 ---- a/src/ap/drv_callbacks.c -+++ b/src/ap/drv_callbacks.c -@@ -131,6 +131,19 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, - "hostapd_notif_assoc: Skip event with no address"); - return -1; - } -+ -+ if (is_multicast_ether_addr(addr) || -+ is_zero_ether_addr(addr) || -+ os_memcmp(addr, hapd->own_addr, ETH_ALEN) == 0) { -+ /* Do not process any frames with unexpected/invalid SA so that -+ * we do not add any state for unexpected STA addresses or end -+ * up sending out frames to unexpected destination. */ -+ wpa_printf(MSG_DEBUG, "%s: Invalid SA=" MACSTR -+ " in received indication - ignore this indication silently", -+ __func__, MAC2STR(addr)); -+ return 0; -+ } -+ - random_add_randomness(addr, ETH_ALEN); - - hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, -diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c -index c85a28db44b7..e7065372e158 100644 ---- a/src/ap/ieee802_11.c -+++ b/src/ap/ieee802_11.c -@@ -4626,6 +4626,18 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, - fc = le_to_host16(mgmt->frame_control); - stype = WLAN_FC_GET_STYPE(fc); - -+ if (is_multicast_ether_addr(mgmt->sa) || -+ is_zero_ether_addr(mgmt->sa) || -+ os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) { -+ /* Do not process any frames with unexpected/invalid SA so that -+ * we do not add any state for unexpected STA addresses or end -+ * up sending out frames to unexpected destination. */ -+ wpa_printf(MSG_DEBUG, "MGMT: Invalid SA=" MACSTR -+ " in received frame - ignore this frame silently", -+ MAC2STR(mgmt->sa)); -+ return 0; -+ } -+ - if (stype == WLAN_FC_STYPE_BEACON) { - handle_beacon(hapd, mgmt, len, fi); - return 1; --- -2.20.1 - diff --git a/CVE-2019-9494-1.patch b/CVE-2019-9494-1.patch deleted file mode 100644 index d4c3ccb23e7176dff441dcaca95bed02d7c04f98..0000000000000000000000000000000000000000 --- a/CVE-2019-9494-1.patch +++ /dev/null @@ -1,218 +0,0 @@ -From 6e34f618d37ddbb5854c42e2ad4fca83492fa7b7 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Wed, 27 Feb 2019 18:38:30 +0200 -Subject: [PATCH 02/14] Add helper functions for constant time operations - -These functions can be used to help implement constant time operations -for various cryptographic operations that must minimize externally -observable differences in processing (both in timing and also in -internal cache use, etc.). - -This is related to CVE-2019-9494 and CVE-2019-9495. - -Signed-off-by: Jouni Malinen ---- - src/utils/const_time.h | 191 +++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 191 insertions(+) - create mode 100644 src/utils/const_time.h - -diff --git a/src/utils/const_time.h b/src/utils/const_time.h -new file mode 100644 -index 0000000..ab8f611 ---- /dev/null -+++ b/src/utils/const_time.h -@@ -0,0 +1,191 @@ -+/* -+ * Helper functions for constant time operations -+ * Copyright (c) 2019, The Linux Foundation -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ * -+ * These helper functions can be used to implement logic that needs to minimize -+ * externally visible differences in execution path by avoiding use of branches, -+ * avoiding early termination or other time differences, and forcing same memory -+ * access pattern regardless of values. -+ */ -+ -+#ifndef CONST_TIME_H -+#define CONST_TIME_H -+ -+ -+#if defined(__clang__) -+#define NO_UBSAN_UINT_OVERFLOW \ -+ __attribute__((no_sanitize("unsigned-integer-overflow"))) -+#else -+#define NO_UBSAN_UINT_OVERFLOW -+#endif -+ -+ -+/** -+ * const_time_fill_msb - Fill all bits with MSB value -+ * @val: Input value -+ * Returns: Value with all the bits set to the MSB of the input val -+ */ -+static inline unsigned int const_time_fill_msb(unsigned int val) -+{ -+ /* Move the MSB to LSB and multiple by -1 to fill in all bits. */ -+ return (val >> (sizeof(val) * 8 - 1)) * ~0U; -+} -+ -+ -+/* Returns: -1 if val is zero; 0 if val is not zero */ -+static inline unsigned int const_time_is_zero(unsigned int val) -+ NO_UBSAN_UINT_OVERFLOW -+{ -+ /* Set MSB to 1 for 0 and fill rest of bits with the MSB value */ -+ return const_time_fill_msb(~val & (val - 1)); -+} -+ -+ -+/* Returns: -1 if a == b; 0 if a != b */ -+static inline unsigned int const_time_eq(unsigned int a, unsigned int b) -+{ -+ return const_time_is_zero(a ^ b); -+} -+ -+ -+/* Returns: -1 if a == b; 0 if a != b */ -+static inline u8 const_time_eq_u8(unsigned int a, unsigned int b) -+{ -+ return (u8) const_time_eq(a, b); -+} -+ -+ -+/** -+ * const_time_eq_bin - Constant time memory comparison -+ * @a: First buffer to compare -+ * @b: Second buffer to compare -+ * @len: Number of octets to compare -+ * Returns: -1 if buffers are equal, 0 if not -+ * -+ * This function is meant for comparing passwords or hash values where -+ * difference in execution time or memory access pattern could provide external -+ * observer information about the location of the difference in the memory -+ * buffers. The return value does not behave like memcmp(), i.e., -+ * const_time_eq_bin() cannot be used to sort items into a defined order. Unlike -+ * memcmp(), the execution time of const_time_eq_bin() does not depend on the -+ * contents of the compared memory buffers, but only on the total compared -+ * length. -+ */ -+static inline unsigned int const_time_eq_bin(const void *a, const void *b, -+ size_t len) -+{ -+ const u8 *aa = a; -+ const u8 *bb = b; -+ size_t i; -+ u8 res = 0; -+ -+ for (i = 0; i < len; i++) -+ res |= aa[i] ^ bb[i]; -+ -+ return const_time_is_zero(res); -+} -+ -+ -+/** -+ * const_time_select - Constant time unsigned int selection -+ * @mask: 0 (false) or -1 (true) to identify which value to select -+ * @true_val: Value to select for the true case -+ * @false_val: Value to select for the false case -+ * Returns: true_val if mask == -1, false_val if mask == 0 -+ */ -+static inline unsigned int const_time_select(unsigned int mask, -+ unsigned int true_val, -+ unsigned int false_val) -+{ -+ return (mask & true_val) | (~mask & false_val); -+} -+ -+ -+/** -+ * const_time_select_int - Constant time int selection -+ * @mask: 0 (false) or -1 (true) to identify which value to select -+ * @true_val: Value to select for the true case -+ * @false_val: Value to select for the false case -+ * Returns: true_val if mask == -1, false_val if mask == 0 -+ */ -+static inline int const_time_select_int(unsigned int mask, int true_val, -+ int false_val) -+{ -+ return (int) const_time_select(mask, (unsigned int) true_val, -+ (unsigned int) false_val); -+} -+ -+ -+/** -+ * const_time_select_u8 - Constant time u8 selection -+ * @mask: 0 (false) or -1 (true) to identify which value to select -+ * @true_val: Value to select for the true case -+ * @false_val: Value to select for the false case -+ * Returns: true_val if mask == -1, false_val if mask == 0 -+ */ -+static inline u8 const_time_select_u8(u8 mask, u8 true_val, u8 false_val) -+{ -+ return (u8) const_time_select(mask, true_val, false_val); -+} -+ -+ -+/** -+ * const_time_select_s8 - Constant time s8 selection -+ * @mask: 0 (false) or -1 (true) to identify which value to select -+ * @true_val: Value to select for the true case -+ * @false_val: Value to select for the false case -+ * Returns: true_val if mask == -1, false_val if mask == 0 -+ */ -+static inline s8 const_time_select_s8(u8 mask, s8 true_val, s8 false_val) -+{ -+ return (s8) const_time_select(mask, (unsigned int) true_val, -+ (unsigned int) false_val); -+} -+ -+ -+/** -+ * const_time_select_bin - Constant time binary buffer selection copy -+ * @mask: 0 (false) or -1 (true) to identify which value to copy -+ * @true_val: Buffer to copy for the true case -+ * @false_val: Buffer to copy for the false case -+ * @len: Number of octets to copy -+ * @dst: Destination buffer for the copy -+ * -+ * This function copies the specified buffer into the destination buffer using -+ * operations with identical memory access pattern regardless of which buffer -+ * is being copied. -+ */ -+static inline void const_time_select_bin(u8 mask, const u8 *true_val, -+ const u8 *false_val, size_t len, -+ u8 *dst) -+{ -+ size_t i; -+ -+ for (i = 0; i < len; i++) -+ dst[i] = const_time_select_u8(mask, true_val[i], false_val[i]); -+} -+ -+ -+static inline int const_time_memcmp(const void *a, const void *b, size_t len) -+{ -+ const u8 *aa = a; -+ const u8 *bb = b; -+ int diff, res = 0; -+ unsigned int mask; -+ -+ if (len == 0) -+ return 0; -+ do { -+ len--; -+ diff = (int) aa[len] - (int) bb[len]; -+ mask = const_time_is_zero((unsigned int) diff); -+ res = const_time_select_int(mask, res, diff); -+ } while (len); -+ -+ return res; -+} -+ -+#endif /* CONST_TIME_H */ --- -2.7.4 - diff --git a/CVE-2019-9494-2.patch b/CVE-2019-9494-2.patch deleted file mode 100644 index b81994ff822342b57f65a25e6071bd3a497c7248..0000000000000000000000000000000000000000 --- a/CVE-2019-9494-2.patch +++ /dev/null @@ -1,38 +0,0 @@ ---- wpa_supplicant-2.6-bak/src/crypto/crypto_openssl.c 2019-06-30 21:39:30.605000000 -0400 -+++ wpa_supplicant-2.6/src/crypto/crypto_openssl.c 2019-07-01 02:49:34.765000000 -0400 -@@ -24,6 +24,7 @@ - #endif /* CONFIG_ECC */ - - #include "common.h" -+#include "utils/const_time.h" - #include "wpabuf.h" - #include "dh_group5.h" - #include "sha1.h" -@@ -1306,6 +1307,7 @@ int crypto_bignum_legendre(const struct - BN_CTX *bnctx; - BIGNUM *exp = NULL, *tmp = NULL; - int res = -2; -+ unsigned int mask; - - if (TEST_FAIL()) - return -2; -@@ -1324,12 +1326,13 @@ int crypto_bignum_legendre(const struct - bnctx)) - goto fail; - -- if (BN_is_word(tmp, 1)) -- res = 1; -- else if (BN_is_zero(tmp)) -- res = 0; -- else -- res = -1; -+ /* Return 1 if tmp == 1, 0 if tmp == 0, or -1 otherwise. Need to use -+ * constant time selection to avoid branches here. */ -+ res = -1; -+ mask = const_time_eq(BN_is_word(tmp, 1), 1); -+ res = const_time_select_int(mask, 1, res); -+ mask = const_time_eq(BN_is_zero(tmp), 1); -+ res = const_time_select_int(mask, 0, res); - - fail: - BN_clear_free(tmp); diff --git a/CVE-2019-9494-3.patch b/CVE-2019-9494-3.patch deleted file mode 100644 index 7a8eda05d92a06b5929231326418ef014cd471bc..0000000000000000000000000000000000000000 --- a/CVE-2019-9494-3.patch +++ /dev/null @@ -1,218 +0,0 @@ ---- wpa_supplicant-2.6-bak/src/common/sae.c 2019-06-30 21:39:30.592000000 -0400 -+++ wpa_supplicant-2.6/src/common/sae.c 2019-07-01 04:08:21.023000000 -0400 -@@ -9,6 +9,7 @@ - #include "includes.h" - - #include "common.h" -+#include "utils/const_time.h" - #include "crypto/crypto.h" - #include "crypto/sha256.h" - #include "crypto/random.h" -@@ -262,15 +263,12 @@ static int sae_test_pwd_seed_ecc(struct - const u8 *prime, - const struct crypto_bignum *qr, - const struct crypto_bignum *qnr, -- struct crypto_bignum **ret_x_cand) -+ u8 *pwd_value) - { -- u8 pwd_value[SAE_MAX_ECC_PRIME_LEN]; - struct crypto_bignum *y_sqr, *x_cand; - int res; - size_t bits; - -- *ret_x_cand = NULL; -- - wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-seed", pwd_seed, SHA256_MAC_LEN); - - /* pwd-value = KDF-z(pwd-seed, "SAE Hunting and Pecking", p) */ -@@ -279,7 +277,7 @@ static int sae_test_pwd_seed_ecc(struct - prime, sae->tmp->prime_len, pwd_value, bits) < 0) - return -1; - if (bits % 8) -- buf_shift_right(pwd_value, sizeof(pwd_value), 8 - bits % 8); -+ buf_shift_right(pwd_value, sae->tmp->prime_len, 8 - bits % 8); - wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value", - pwd_value, sae->tmp->prime_len); - -@@ -290,20 +288,13 @@ static int sae_test_pwd_seed_ecc(struct - if (!x_cand) - return -1; - y_sqr = crypto_ec_point_compute_y_sqr(sae->tmp->ec, x_cand); -- if (!y_sqr) { -- crypto_bignum_deinit(x_cand, 1); -+ crypto_bignum_deinit(x_cand, 1); -+ if (!y_sqr) - return -1; -- } - - res = is_quadratic_residue_blind(sae, prime, bits, qr, qnr, y_sqr); - crypto_bignum_deinit(y_sqr, 1); -- if (res <= 0) { -- crypto_bignum_deinit(x_cand, 1); -- return res; -- } -- -- *ret_x_cand = x_cand; -- return 1; -+ return res; - } - - -@@ -423,25 +414,30 @@ static int sae_derive_pwe_ecc(struct sae - u8 addrs[2 * ETH_ALEN]; - const u8 *addr[2]; - size_t len[2]; -- u8 dummy_password[32]; -- size_t dummy_password_len; -+ u8 *dummy_password, *tmp_password; - int pwd_seed_odd = 0; - u8 prime[SAE_MAX_ECC_PRIME_LEN]; - size_t prime_len; -- struct crypto_bignum *x = NULL, *qr, *qnr; -+ struct crypto_bignum *x = NULL, *qr = NULL, *qnr = NULL; -+ u8 x_bin[SAE_MAX_ECC_PRIME_LEN]; -+ u8 x_cand_bin[SAE_MAX_ECC_PRIME_LEN]; - size_t bits; -- int res; -- -- dummy_password_len = password_len; -- if (dummy_password_len > sizeof(dummy_password)) -- dummy_password_len = sizeof(dummy_password); -- if (random_get_bytes(dummy_password, dummy_password_len) < 0) -- return -1; -+ int res = -1; -+ u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* -+ * mask */ -+ -+ os_memset(x_bin, 0, sizeof(x_bin)); -+ -+ dummy_password = os_malloc(password_len); -+ tmp_password = os_malloc(password_len); -+ if (!dummy_password || !tmp_password || -+ random_get_bytes(dummy_password, password_len) < 0) -+ goto fail; - - prime_len = sae->tmp->prime_len; - if (crypto_bignum_to_bin(sae->tmp->prime, prime, sizeof(prime), - prime_len) < 0) -- return -1; -+ goto fail; - bits = crypto_ec_prime_len_bits(sae->tmp->ec); - - /* -@@ -450,7 +446,7 @@ static int sae_derive_pwe_ecc(struct sae - */ - if (get_random_qr_qnr(prime, prime_len, sae->tmp->prime, bits, - &qr, &qnr) < 0) -- return -1; -+ goto fail; - - wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password", - password, password_len); -@@ -463,7 +459,7 @@ static int sae_derive_pwe_ecc(struct sae - */ - sae_pwd_seed_key(addr1, addr2, addrs); - -- addr[0] = password; -+ addr[0] = tmp_password; - len[0] = password_len; - addr[1] = &counter; - len[1] = sizeof(counter); -@@ -473,9 +469,8 @@ static int sae_derive_pwe_ecc(struct sae - * attacks that attempt to determine the number of iterations required - * in the loop. - */ -- for (counter = 1; counter <= k || !x; counter++) { -+ for (counter = 1; counter <= k || !found; counter++) { - u8 pwd_seed[SHA256_MAC_LEN]; -- struct crypto_bignum *x_cand; - - if (counter > 200) { - /* This should not happen in practice */ -@@ -483,36 +478,46 @@ static int sae_derive_pwe_ecc(struct sae - break; - } - -- wpa_printf(MSG_DEBUG, "SAE: counter = %u", counter); -+ wpa_printf(MSG_DEBUG, "SAE: counter = %03u", counter); -+ const_time_select_bin(found, dummy_password, password, -+ password_len, tmp_password); -+ - if (hmac_sha256_vector(addrs, sizeof(addrs), 2, addr, len, - pwd_seed) < 0) - break; - - res = sae_test_pwd_seed_ecc(sae, pwd_seed, -- prime, qr, qnr, &x_cand); -+ prime, qr, qnr, x_cand_bin); -+ const_time_select_bin(found, x_bin, x_cand_bin, prime_len, -+ x_bin); -+ pwd_seed_odd = const_time_select_u8( -+ found, pwd_seed_odd, -+ pwd_seed[SHA256_MAC_LEN - 1] & 0x01); -+ os_memset(pwd_seed, 0, sizeof(pwd_seed)); - if (res < 0) - goto fail; -- if (res > 0 && !x) { -- wpa_printf(MSG_DEBUG, -- "SAE: Selected pwd-seed with counter %u", -- counter); -- x = x_cand; -- pwd_seed_odd = pwd_seed[SHA256_MAC_LEN - 1] & 0x01; -- os_memset(pwd_seed, 0, sizeof(pwd_seed)); -- -- /* -- * Use a dummy password for the following rounds, if -- * any. -- */ -- addr[0] = dummy_password; -- len[0] = dummy_password_len; -- } else if (res > 0) { -- crypto_bignum_deinit(x_cand, 1); -- } -+ /* Need to minimize differences in handling res == 0 and 1 here -+ * to avoid differences in timing and instruction cache access, -+ * so use const_time_select_*() to make local copies of the -+ * values based on whether this loop iteration was the one that -+ * found the pwd-seed/x. */ -+ -+ /* found is 0 or 0xff here and res is 0 or 1. Bitwise OR of them -+ * (with res converted to 0/0xff) handles this in constant time. -+ */ -+ found |= res * 0xff; -+ wpa_printf(MSG_DEBUG, "SAE: pwd-seed result %d found=0x%02x", -+ res, found); -+ } -+ -+ if (!found) { -+ wpa_printf(MSG_DEBUG, "SAE: Could not generate PWE"); -+ res = -1; -+ goto fail; - } - -+ x = crypto_bignum_init_set(x_bin, prime_len); - if (!x) { -- wpa_printf(MSG_DEBUG, "SAE: Could not generate PWE"); - res = -1; - goto fail; - } -@@ -525,7 +530,6 @@ static int sae_derive_pwe_ecc(struct sae - res = crypto_ec_point_solve_y_coord(sae->tmp->ec, - sae->tmp->pwe_ecc, x, - pwd_seed_odd); -- crypto_bignum_deinit(x, 1); - if (res < 0) { - /* - * This should not happen since we already checked that there -@@ -537,6 +541,11 @@ static int sae_derive_pwe_ecc(struct sae - fail: - crypto_bignum_deinit(qr, 0); - crypto_bignum_deinit(qnr, 0); -+ os_free(dummy_password); -+ bin_clear_free(tmp_password, password_len); -+ crypto_bignum_deinit(x, 1); -+ os_memset(x_bin, 0, sizeof(x_bin)); -+ os_memset(x_cand_bin, 0, sizeof(x_cand_bin)); - - return res; - } diff --git a/CVE-2019-9494-4.patch b/CVE-2019-9494-4.patch deleted file mode 100644 index e62f6a42478550ee6c6d0fe73406398e773af629..0000000000000000000000000000000000000000 --- a/CVE-2019-9494-4.patch +++ /dev/null @@ -1,125 +0,0 @@ ---- wpa_supplicant-2.6-bak2/src/common/sae.c 2019-07-01 04:54:10.185000000 -0400 -+++ wpa_supplicant-2.6/src/common/sae.c 2019-07-01 04:58:09.913000000 -0400 -@@ -202,12 +202,14 @@ get_rand_1_to_p_1(const u8 *prime, size_ - - static int is_quadratic_residue_blind(struct sae_data *sae, - const u8 *prime, size_t bits, -- const struct crypto_bignum *qr, -- const struct crypto_bignum *qnr, -+ const u8 *qr, const u8 *qnr, - const struct crypto_bignum *y_sqr) - { -- struct crypto_bignum *r, *num; -+ struct crypto_bignum *r, *num, *qr_or_qnr = NULL; - int r_odd, check, res = -1; -+ u8 qr_or_qnr_bin[SAE_MAX_ECC_PRIME_LEN]; -+ size_t prime_len = sae->tmp->prime_len; -+ unsigned int mask; - - /* - * Use the blinding technique to mask y_sqr while determining -@@ -218,7 +220,7 @@ static int is_quadratic_residue_blind(st - * r = a random number between 1 and p-1, inclusive - * num = (v * r * r) modulo p - */ -- r = get_rand_1_to_p_1(prime, sae->tmp->prime_len, bits, &r_odd); -+ r = get_rand_1_to_p_1(prime, prime_len, bits, &r_odd); - if (!r) - return -1; - -@@ -228,41 +230,45 @@ static int is_quadratic_residue_blind(st - crypto_bignum_mulmod(num, r, sae->tmp->prime, num) < 0) - goto fail; - -- if (r_odd) { -- /* -- * num = (num * qr) module p -- * LGR(num, p) = 1 ==> quadratic residue -- */ -- if (crypto_bignum_mulmod(num, qr, sae->tmp->prime, num) < 0) -- goto fail; -- check = 1; -- } else { -- /* -- * num = (num * qnr) module p -- * LGR(num, p) = -1 ==> quadratic residue -- */ -- if (crypto_bignum_mulmod(num, qnr, sae->tmp->prime, num) < 0) -- goto fail; -- check = -1; -- } -+ /* -+ * Need to minimize differences in handling different cases, so try to -+ * avoid branches and timing differences. -+ * -+ * If r_odd: -+ * num = (num * qr) module p -+ * LGR(num, p) = 1 ==> quadratic residue -+ * else: -+ * num = (num * qnr) module p -+ * LGR(num, p) = -1 ==> quadratic residue -+ */ -+ mask = const_time_is_zero(r_odd); -+ const_time_select_bin(mask, qnr, qr, prime_len, qr_or_qnr_bin); -+ qr_or_qnr = crypto_bignum_init_set(qr_or_qnr_bin, prime_len); -+ if (!qr_or_qnr || -+ crypto_bignum_mulmod(num, qr_or_qnr, sae->tmp->prime, num) < 0) -+ goto fail; -+ /* r_odd is 0 or 1; branchless version of check = r_odd ? 1 : -1, */ -+ check = const_time_select_int(mask, -1, 1); - - res = crypto_bignum_legendre(num, sae->tmp->prime); - if (res == -2) { - res = -1; - goto fail; - } -- res = res == check; -+ /* branchless version of res = res == check -+ * (res is -1, 0, or 1; check is -1 or 1) */ -+ mask = const_time_eq(res, check); -+ res = const_time_select_int(mask, 1, 0); - fail: - crypto_bignum_deinit(num, 1); - crypto_bignum_deinit(r, 1); -+ crypto_bignum_deinit(qr_or_qnr, 1); - return res; - } - - - static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed, -- const u8 *prime, -- const struct crypto_bignum *qr, -- const struct crypto_bignum *qnr, -+ const u8 *prime, const u8 *qr, const u8 *qnr, - u8 *pwd_value) - { - struct crypto_bignum *y_sqr, *x_cand; -@@ -421,6 +427,8 @@ static int sae_derive_pwe_ecc(struct sae - struct crypto_bignum *x = NULL, *qr = NULL, *qnr = NULL; - u8 x_bin[SAE_MAX_ECC_PRIME_LEN]; - u8 x_cand_bin[SAE_MAX_ECC_PRIME_LEN]; -+ u8 qr_bin[SAE_MAX_ECC_PRIME_LEN]; -+ u8 qnr_bin[SAE_MAX_ECC_PRIME_LEN]; - size_t bits; - int res = -1; - u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* -@@ -445,7 +453,9 @@ static int sae_derive_pwe_ecc(struct sae - * (qnr) modulo p for blinding purposes during the loop. - */ - if (get_random_qr_qnr(prime, prime_len, sae->tmp->prime, bits, -- &qr, &qnr) < 0) -+ &qr, &qnr) < 0 || -+ crypto_bignum_to_bin(qr, qr_bin, sizeof(qr_bin), prime_len) < 0 || -+ crypto_bignum_to_bin(qnr, qnr_bin, sizeof(qnr_bin), prime_len) < 0) - goto fail; - - wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password", -@@ -487,7 +497,7 @@ static int sae_derive_pwe_ecc(struct sae - break; - - res = sae_test_pwd_seed_ecc(sae, pwd_seed, -- prime, qr, qnr, x_cand_bin); -+ prime, qr_bin, qnr_bin, x_cand_bin); - const_time_select_bin(found, x_bin, x_cand_bin, prime_len, - x_bin); - pwd_seed_odd = const_time_select_u8( diff --git a/CVE-2019-9494-5.patch b/CVE-2019-9494-5.patch deleted file mode 100644 index 976799d1802f25e47d954d88017bfe014cf3f0e1..0000000000000000000000000000000000000000 --- a/CVE-2019-9494-5.patch +++ /dev/null @@ -1,80 +0,0 @@ ---- wpa_supplicant-2.6-bak2/src/common/sae.c 2019-07-01 05:05:26.086000000 -0400 -+++ wpa_supplicant-2.6/src/common/sae.c 2019-07-01 05:22:08.799000000 -0400 -@@ -561,21 +561,26 @@ fail: - } - - -+static int sae_modp_group_require_masking(int group) -+{ -+ /* Groups for which pwd-value is likely to be >= p frequently */ -+ return group == 22 || group == 23 || group == 24; -+} -+ -+ - static int sae_derive_pwe_ffc(struct sae_data *sae, const u8 *addr1, - const u8 *addr2, const u8 *password, - size_t password_len) - { -- u8 counter; -+ u8 counter, k; - u8 addrs[2 * ETH_ALEN]; - const u8 *addr[2]; - size_t len[2]; - int found = 0; -+ struct crypto_bignum *pwe = NULL; - -- if (sae->tmp->pwe_ffc == NULL) { -- sae->tmp->pwe_ffc = crypto_bignum_init(); -- if (sae->tmp->pwe_ffc == NULL) -- return -1; -- } -+ crypto_bignum_deinit(sae->tmp->pwe_ffc, 1); -+ sae->tmp->pwe_ffc = NULL; - - wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password", - password, password_len); -@@ -592,7 +597,9 @@ static int sae_derive_pwe_ffc(struct sae - addr[1] = &counter; - len[1] = sizeof(counter); - -- for (counter = 1; !found; counter++) { -+ k = sae_modp_group_require_masking(sae->group) ? 40 : 1; -+ -+ for (counter = 1; counter <= k || !found; counter++) { - u8 pwd_seed[SHA256_MAC_LEN]; - int res; - -@@ -602,19 +609,30 @@ static int sae_derive_pwe_ffc(struct sae - break; - } - -- wpa_printf(MSG_DEBUG, "SAE: counter = %u", counter); -+ wpa_printf(MSG_DEBUG, "SAE: counter = %02u", counter); - if (hmac_sha256_vector(addrs, sizeof(addrs), 2, addr, len, - pwd_seed) < 0) - break; -- res = sae_test_pwd_seed_ffc(sae, pwd_seed, sae->tmp->pwe_ffc); -+ if (!pwe) { -+ pwe = crypto_bignum_init(); -+ if (!pwe) -+ break; -+ } -+ res = sae_test_pwd_seed_ffc(sae, pwd_seed, pwe); - if (res < 0) - break; - if (res > 0) { -- wpa_printf(MSG_DEBUG, "SAE: Use this PWE"); - found = 1; -+ if (!sae->tmp->pwe_ffc) { -+ wpa_printf(MSG_DEBUG, "SAE: Use this PWE"); -+ sae->tmp->pwe_ffc = pwe; -+ pwe = NULL; -+ } - } - } - -+ crypto_bignum_deinit(pwe, 1); -+ - return found ? 0 : -1; - } - diff --git a/CVE-2019-9494-6.patch b/CVE-2019-9494-6.patch deleted file mode 100644 index e8d5a6a777748e78e8248c2db2a941ec4a01fbb8..0000000000000000000000000000000000000000 --- a/CVE-2019-9494-6.patch +++ /dev/null @@ -1,82 +0,0 @@ ---- wpa_supplicant-2.6-bak/src/common/sae.c 2019-07-01 05:44:06.962000000 -0400 -+++ wpa_supplicant-2.6/src/common/sae.c 2019-07-01 06:04:52.798000000 -0400 -@@ -572,16 +572,27 @@ static int sae_derive_pwe_ffc(struct sae - const u8 *addr2, const u8 *password, - size_t password_len) - { -- u8 counter, k; -+ u8 counter, k, sel_counter = 0; - u8 addrs[2 * ETH_ALEN]; - const u8 *addr[2]; - size_t len[2]; -- int found = 0; -- struct crypto_bignum *pwe = NULL; -+ u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* -+ * mask */ -+ u8 mask; -+ struct crypto_bignum *pwe; -+ size_t prime_len = sae->tmp->prime_len * 8; -+ u8 *pwe_buf; - - crypto_bignum_deinit(sae->tmp->pwe_ffc, 1); - sae->tmp->pwe_ffc = NULL; - -+ /* Allocate a buffer to maintain selected and candidate PWE for constant -+ * time selection. */ -+ pwe_buf = os_zalloc(prime_len * 2); -+ pwe = crypto_bignum_init(); -+ if (!pwe_buf || !pwe) -+ goto fail; -+ - wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password", - password, password_len); - -@@ -613,27 +624,33 @@ static int sae_derive_pwe_ffc(struct sae - if (hmac_sha256_vector(addrs, sizeof(addrs), 2, addr, len, - pwd_seed) < 0) - break; -- if (!pwe) { -- pwe = crypto_bignum_init(); -- if (!pwe) -- break; -- } - res = sae_test_pwd_seed_ffc(sae, pwd_seed, pwe); -+ /* res is -1 for fatal failure, 0 if a valid PWE was not found, -+ * or 1 if a valid PWE was found. */ - if (res < 0) - break; -- if (res > 0) { -- found = 1; -- if (!sae->tmp->pwe_ffc) { -- wpa_printf(MSG_DEBUG, "SAE: Use this PWE"); -- sae->tmp->pwe_ffc = pwe; -- pwe = NULL; -- } -- } -+ /* Store the candidate PWE into the second half of pwe_buf and -+ * the selected PWE in the beginning of pwe_buf using constant -+ * time selection. */ -+ if (crypto_bignum_to_bin(pwe, pwe_buf + prime_len, prime_len, -+ prime_len) < 0) -+ break; -+ const_time_select_bin(found, pwe_buf, pwe_buf + prime_len, -+ prime_len, pwe_buf); -+ sel_counter = const_time_select_u8(found, sel_counter, counter); -+ mask = const_time_eq_u8(res, 1); -+ found = const_time_select_u8(found, found, mask); - } - -- crypto_bignum_deinit(pwe, 1); -+ if (!found) -+ goto fail; - -- return found ? 0 : -1; -+ wpa_printf(MSG_DEBUG, "SAE: Use PWE from counter = %02u", sel_counter); -+ sae->tmp->pwe_ffc = crypto_bignum_init_set(pwe_buf, prime_len); -+fail: -+ crypto_bignum_deinit(pwe, 1); -+ bin_clear_free(pwe_buf, prime_len * 2); -+ return sae->tmp->pwe_ffc ? 0 : -1; - } - - diff --git a/CVE-2019-9494-7.patch b/CVE-2019-9494-7.patch deleted file mode 100644 index 5c80ee0200ecf2c81d3df936301901c262fc657f..0000000000000000000000000000000000000000 --- a/CVE-2019-9494-7.patch +++ /dev/null @@ -1,137 +0,0 @@ - -m cff138b0747fa39765cbc641b66cfa5d7f1735d1 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Sat, 2 Mar 2019 16:05:56 +0200 -Subject: [PATCH 09/14] SAE: Use constant time operations in - sae_test_pwd_seed_ffc() - -Try to avoid showing externally visible timing or memory access -differences regardless of whether the derived pwd-value is smaller than -the group prime. - -This is related to CVE-2019-9494. - -Signed-off-by: Jouni Malinen ---- - src/common/sae.c | 75 ++++++++++++++++++++++++++++++++++---------------------- - 1 file changed, 46 insertions(+), 29 deletions(-) - -diff --git a/src/common/sae.c b/src/common/sae.c -index fa9a145..eaf825d 100644 ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -334,14 +334,17 @@ static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed, - } - - -+/* Returns -1 on fatal failure, 0 if PWE cannot be derived from the provided -+ * pwd-seed, or 1 if a valid PWE was derived from pwd-seed. */ - static int sae_test_pwd_seed_ffc(struct sae_data *sae, const u8 *pwd_seed, - struct crypto_bignum *pwe) - { - u8 pwd_value[SAE_MAX_PRIME_LEN]; - size_t bits = sae->tmp->prime_len * 8; - u8 exp[1]; -- struct crypto_bignum *a, *b; -- int res; -+ struct crypto_bignum *a, *b = NULL; -+ int res, is_val; -+ u8 pwd_value_valid; - - wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-seed", pwd_seed, SHA256_MAC_LEN); - -@@ -353,16 +356,29 @@ static int sae_test_pwd_seed_ffc(struct sae_data *sae, const u8 *pwd_seed, - wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value", pwd_value, - sae->tmp->prime_len); - -- if (os_memcmp(pwd_value, sae->tmp->dh->prime, sae->tmp->prime_len) >= 0) -- { -- wpa_printf(MSG_DEBUG, "SAE: pwd-value >= p"); -- return 0; -- } -+ /* Check whether pwd-value < p */ -+ res = const_time_memcmp(pwd_value, sae->tmp->dh->prime, -+ sae->tmp->prime_len); -+ /* pwd-value >= p is invalid, so res is < 0 for the valid cases and -+ * the negative sign can be used to fill the mask for constant time -+ * selection */ -+ pwd_value_valid = const_time_fill_msb(res); -+ -+ /* If pwd-value >= p, force pwd-value to be < p and perform the -+ * calculations anyway to hide timing difference. The derived PWE will -+ * be ignored in that case. */ -+ pwd_value[0] = const_time_select_u8(pwd_value_valid, pwd_value[0], 0); - - /* PWE = pwd-value^((p-1)/r) modulo p */ - -+ res = -1; - a = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len); -+ if (!a) -+ goto fail; - -+ /* This is an optimization based on the used group that does not depend -+ * on the password in any way, so it is fine to use separate branches -+ * for this step without constant time operations. */ - if (sae->tmp->dh->safe_prime) { - /* - * r = (p-1)/2 for the group used here, so this becomes: -@@ -376,33 +392,34 @@ static int sae_test_pwd_seed_ffc(struct sae_data *sae, const u8 *pwd_seed, - b = crypto_bignum_init_set(exp, sizeof(exp)); - if (b == NULL || - crypto_bignum_sub(sae->tmp->prime, b, b) < 0 || -- crypto_bignum_div(b, sae->tmp->order, b) < 0) { -- crypto_bignum_deinit(b, 0); -- b = NULL; -- } -+ crypto_bignum_div(b, sae->tmp->order, b) < 0) -+ goto fail; - } - -- if (a == NULL || b == NULL) -- res = -1; -- else -- res = crypto_bignum_exptmod(a, b, sae->tmp->prime, pwe); -- -- crypto_bignum_deinit(a, 0); -- crypto_bignum_deinit(b, 0); -+ if (!b) -+ goto fail; - -- if (res < 0) { -- wpa_printf(MSG_DEBUG, "SAE: Failed to calculate PWE"); -- return -1; -- } -+ res = crypto_bignum_exptmod(a, b, sae->tmp->prime, pwe); -+ if (res < 0) -+ goto fail; - -- /* if (PWE > 1) --> found */ -- if (crypto_bignum_is_zero(pwe) || crypto_bignum_is_one(pwe)) { -- wpa_printf(MSG_DEBUG, "SAE: PWE <= 1"); -- return 0; -- } -+ /* There were no fatal errors in calculations, so determine the return -+ * value using constant time operations. We get here for number of -+ * invalid cases which are cleared here after having performed all the -+ * computation. PWE is valid if pwd-value was less than prime and -+ * PWE > 1. Start with pwd-value check first and then use constant time -+ * operations to clear res to 0 if PWE is 0 or 1. -+ */ -+ res = const_time_select_u8(pwd_value_valid, 1, 0); -+ is_val = crypto_bignum_is_zero(pwe); -+ res = const_time_select_u8(const_time_is_zero(is_val), res, 0); -+ is_val = crypto_bignum_is_one(pwe); -+ res = const_time_select_u8(const_time_is_zero(is_val), res, 0); - -- wpa_printf(MSG_DEBUG, "SAE: PWE found"); -- return 1; -+fail: -+ crypto_bignum_deinit(a, 1); -+ crypto_bignum_deinit(b, 1); -+ return res; - } - - --- -2.7.4 - diff --git a/CVE-2019-9494-8.patch b/CVE-2019-9494-8.patch deleted file mode 100644 index 7f2490dfd0dcf6a745cf88fa093640eca148f67f..0000000000000000000000000000000000000000 --- a/CVE-2019-9494-8.patch +++ /dev/null @@ -1,57 +0,0 @@ ---- wpa_supplicant-2.6-bak/src/crypto/crypto_openssl.c 2019-07-01 06:22:50.648000000 -0400 -+++ wpa_supplicant-2.6/src/crypto/crypto_openssl.c 2019-07-01 07:23:31.462000000 -0400 -@@ -475,7 +475,8 @@ int crypto_mod_exp(const u8 *base, size_ - bn_result == NULL) - goto error; - -- if (BN_mod_exp(bn_result, bn_base, bn_exp, bn_modulus, ctx) != 1) -+ if (BN_mod_exp_mont_consttime(bn_result, bn_base, bn_exp, bn_modulus, -+ ctx, NULL) != 1) - goto error; - - *result_len = BN_bn2bin(bn_result, result); -@@ -1192,8 +1193,9 @@ int crypto_bignum_exptmod(const struct c - bnctx = BN_CTX_new(); - if (bnctx == NULL) - return -1; -- res = BN_mod_exp((BIGNUM *) d, (const BIGNUM *) a, (const BIGNUM *) b, -- (const BIGNUM *) c, bnctx); -+ res = BN_mod_exp_mont_consttime((BIGNUM *) d, (const BIGNUM *) a, -+ (const BIGNUM *) b, (const BIGNUM *) c, -+ bnctx, NULL); - BN_CTX_free(bnctx); - - return res ? 0 : -1; -@@ -1212,6 +1214,11 @@ int crypto_bignum_inverse(const struct c - bnctx = BN_CTX_new(); - if (bnctx == NULL) - return -1; -+#ifdef OPENSSL_IS_BORINGSSL -+ /* TODO: use BN_mod_inverse_blinded() ? */ -+#else /* OPENSSL_IS_BORINGSSL */ -+ BN_set_flags((BIGNUM *) a, BN_FLG_CONSTTIME); -+#endif /* OPENSSL_IS_BORINGSSL */ - res = BN_mod_inverse((BIGNUM *) c, (const BIGNUM *) a, - (const BIGNUM *) b, bnctx); - BN_CTX_free(bnctx); -@@ -1245,6 +1252,9 @@ int crypto_bignum_div(const struct crypt - bnctx = BN_CTX_new(); - if (bnctx == NULL) - return -1; -+#ifndef OPENSSL_IS_BORINGSSL -+ BN_set_flags((BIGNUM *) a, BN_FLG_CONSTTIME); -+#endif /* OPENSSL_IS_BORINGSSL */ - res = BN_div((BIGNUM *) c, NULL, (const BIGNUM *) a, - (const BIGNUM *) b, bnctx); - BN_CTX_free(bnctx); -@@ -1322,8 +1332,8 @@ int crypto_bignum_legendre(const struct - /* exp = (p-1) / 2 */ - !BN_sub(exp, (const BIGNUM *) p, BN_value_one()) || - !BN_rshift1(exp, exp) || -- !BN_mod_exp(tmp, (const BIGNUM *) a, exp, (const BIGNUM *) p, -- bnctx)) -+ !BN_mod_exp_mont_consttime(tmp, (const BIGNUM *) a, exp, -+ (const BIGNUM *) p, bnctx, NULL)) - goto fail; - - /* Return 1 if tmp == 1, 0 if tmp == 0, or -1 otherwise. Need to use diff --git a/CVE-2019-9495-pre1.patch b/CVE-2019-9495-pre1.patch deleted file mode 100644 index 6d08673259bdb38f3dab54ba7a0f2ecf583cfddb..0000000000000000000000000000000000000000 --- a/CVE-2019-9495-pre1.patch +++ /dev/null @@ -1,1501 +0,0 @@ -diff -Nur orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c ---- orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c 2020-02-03 20:08:29.435861644 +0800 -+++ wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c 2020-02-03 21:55:58.180291376 +0800 -@@ -91,91 +91,33 @@ - const u8 *id_peer, size_t id_peer_len, - const u8 *token) - { -- BIGNUM *x_candidate = NULL, *rnd = NULL, *cofactor = NULL; - struct crypto_hash *hash; - unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr; -- int nid, is_odd, ret = 0; -+ int is_odd, ret = 0; - size_t primebytelen, primebitlen; -- -- switch (num) { /* from IANA registry for IKE D-H groups */ -- case 19: -- nid = NID_X9_62_prime256v1; -- break; -- case 20: -- nid = NID_secp384r1; -- break; -- case 21: -- nid = NID_secp521r1; -- break; --#ifndef OPENSSL_IS_BORINGSSL -- case 25: -- nid = NID_X9_62_prime192v1; -- break; --#endif /* OPENSSL_IS_BORINGSSL */ -- case 26: -- nid = NID_secp224r1; -- break; --#ifdef NID_brainpoolP224r1 -- case 27: -- nid = NID_brainpoolP224r1; -- break; --#endif /* NID_brainpoolP224r1 */ --#ifdef NID_brainpoolP256r1 -- case 28: -- nid = NID_brainpoolP256r1; -- break; --#endif /* NID_brainpoolP256r1 */ --#ifdef NID_brainpoolP384r1 -- case 29: -- nid = NID_brainpoolP384r1; -- break; --#endif /* NID_brainpoolP384r1 */ --#ifdef NID_brainpoolP512r1 -- case 30: -- nid = NID_brainpoolP512r1; -- break; --#endif /* NID_brainpoolP512r1 */ -- default: -- wpa_printf(MSG_INFO, "EAP-pwd: unsupported group %d", num); -- return -1; -- } -+ struct crypto_bignum *x_candidate = NULL, *rnd = NULL, *cofactor = NULL; - - grp->pwe = NULL; -- grp->order = NULL; -- grp->prime = NULL; -- -- if ((grp->group = EC_GROUP_new_by_curve_name(nid)) == NULL) { -- wpa_printf(MSG_INFO, "EAP-pwd: unable to create EC_GROUP"); -+ grp->group = crypto_ec_init(num); -+ if (!grp->group) { -+ wpa_printf(MSG_INFO, "EAP-pwd: unable to create EC group"); - goto fail; - } - -- if (((rnd = BN_new()) == NULL) || -- ((cofactor = BN_new()) == NULL) || -- ((grp->pwe = EC_POINT_new(grp->group)) == NULL) || -- ((grp->order = BN_new()) == NULL) || -- ((grp->prime = BN_new()) == NULL) || -- ((x_candidate = BN_new()) == NULL)) { -+ cofactor = crypto_bignum_init(); -+ grp->pwe = crypto_ec_point_init(grp->group); -+ if (!cofactor || !grp->pwe) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to create bignums"); - goto fail; - } - -- if (!EC_GROUP_get_curve_GFp(grp->group, grp->prime, NULL, NULL, NULL)) -- { -- wpa_printf(MSG_INFO, "EAP-pwd: unable to get prime for GFp " -- "curve"); -- goto fail; -- } -- if (!EC_GROUP_get_order(grp->group, grp->order, NULL)) { -- wpa_printf(MSG_INFO, "EAP-pwd: unable to get order for curve"); -- goto fail; -- } -- if (!EC_GROUP_get_cofactor(grp->group, cofactor, NULL)) { -+ if (crypto_ec_cofactor(grp->group, cofactor) < 0) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to get cofactor for " - "curve"); - goto fail; - } -- primebitlen = BN_num_bits(grp->prime); -- primebytelen = BN_num_bytes(grp->prime); -+ primebitlen = crypto_ec_prime_len_bits(grp->group); -+ primebytelen = crypto_ec_prime_len(grp->group); - if ((prfbuf = os_malloc(primebytelen)) == NULL) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to malloc space for prf " - "buffer"); -@@ -207,15 +149,25 @@ - eap_pwd_h_update(hash, &ctr, sizeof(ctr)); - eap_pwd_h_final(hash, pwe_digest); - -- BN_bin2bn(pwe_digest, SHA256_MAC_LEN, rnd); -- -+ crypto_bignum_deinit(rnd, 1); -+ rnd = crypto_bignum_init_set(pwe_digest, SHA256_MAC_LEN); -+ if (!rnd) { -+ wpa_printf(MSG_INFO, "EAP-pwd: unable to create rnd"); -+ goto fail; -+ } - if (eap_pwd_kdf(pwe_digest, SHA256_MAC_LEN, - (u8 *) "EAP-pwd Hunting And Pecking", - os_strlen("EAP-pwd Hunting And Pecking"), - prfbuf, primebitlen) < 0) - goto fail; - -- BN_bin2bn(prfbuf, primebytelen, x_candidate); -+ crypto_bignum_deinit(x_candidate, 1); -+ x_candidate = crypto_bignum_init_set(prfbuf, primebytelen); -+ if (!x_candidate) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: unable to create x_candidate"); -+ goto fail; -+ } - - /* - * eap_pwd_kdf() returns a string of bits 0..primebitlen but -@@ -224,11 +176,14 @@ - * then excessive bits-- those _after_ primebitlen-- so now - * we have to shift right the amount we masked off. - */ -- if (primebitlen % 8) -- BN_rshift(x_candidate, x_candidate, -- (8 - (primebitlen % 8))); -+ if ((primebitlen % 8) && -+ crypto_bignum_rshift(x_candidate, -+ (8 - (primebitlen % 8)), -+ x_candidate) < 0) -+ goto fail; - -- if (BN_ucmp(x_candidate, grp->prime) >= 0) -+ if (crypto_bignum_cmp(x_candidate, -+ crypto_ec_get_prime(grp->group)) >= 0) - continue; - - wpa_hexdump(MSG_DEBUG, "EAP-pwd: x_candidate", -@@ -238,40 +193,38 @@ - * need to unambiguously identify the solution, if there is - * one... - */ -- if (BN_is_odd(rnd)) -- is_odd = 1; -- else -- is_odd = 0; -+ is_odd = crypto_bignum_is_odd(rnd); - - /* - * solve the quadratic equation, if it's not solvable then we - * don't have a point - */ -- if (!EC_POINT_set_compressed_coordinates_GFp(grp->group, -- grp->pwe, -- x_candidate, -- is_odd, NULL)) -+ if (crypto_ec_point_solve_y_coord(grp->group, grp->pwe, -+ x_candidate, is_odd) != 0) { -+ wpa_printf(MSG_INFO, "EAP-pwd: Could not solve for y"); - continue; -+ } - /* - * If there's a solution to the equation then the point must be - * on the curve so why check again explicitly? OpenSSL code - * says this is required by X9.62. We're not X9.62 but it can't - * hurt just to be sure. - */ -- if (!EC_POINT_is_on_curve(grp->group, grp->pwe, NULL)) { -+ if (!crypto_ec_point_is_on_curve(grp->group, grp->pwe)) { - wpa_printf(MSG_INFO, "EAP-pwd: point is not on curve"); - continue; - } - -- if (BN_cmp(cofactor, BN_value_one())) { -+ if (!crypto_bignum_is_one(cofactor)) { - /* make sure the point is not in a small sub-group */ -- if (!EC_POINT_mul(grp->group, grp->pwe, NULL, grp->pwe, -- cofactor, NULL)) { -+ if (crypto_ec_point_mul(grp->group, grp->pwe, -+ cofactor, grp->pwe) != 0) { - wpa_printf(MSG_INFO, "EAP-pwd: cannot " - "multiply generator by order"); - continue; - } -- if (EC_POINT_is_at_infinity(grp->group, grp->pwe)) { -+ if (crypto_ec_point_is_at_infinity(grp->group, -+ grp->pwe)) { - wpa_printf(MSG_INFO, "EAP-pwd: point is at " - "infinity"); - continue; -@@ -284,37 +237,38 @@ - grp->group_num = num; - if (0) { - fail: -- EC_GROUP_free(grp->group); -+ crypto_ec_deinit(grp->group); - grp->group = NULL; -- EC_POINT_clear_free(grp->pwe); -+ crypto_ec_point_deinit(grp->pwe, 1); - grp->pwe = NULL; -- BN_clear_free(grp->order); -- grp->order = NULL; -- BN_clear_free(grp->prime); -- grp->prime = NULL; - ret = 1; - } - /* cleanliness and order.... */ -- BN_clear_free(cofactor); -- BN_clear_free(x_candidate); -- BN_clear_free(rnd); -+ crypto_bignum_deinit(cofactor, 1); -+ crypto_bignum_deinit(x_candidate, 1); -+ crypto_bignum_deinit(rnd, 1); - os_free(prfbuf); - - return ret; - } - - --int compute_keys(EAP_PWD_group *grp, BN_CTX *bnctx, const BIGNUM *k, -- const BIGNUM *peer_scalar, const BIGNUM *server_scalar, -+int compute_keys(EAP_PWD_group *grp, const struct crypto_bignum *k, -+ const struct crypto_bignum *peer_scalar, -+ const struct crypto_bignum *server_scalar, - const u8 *confirm_peer, const u8 *confirm_server, - const u32 *ciphersuite, u8 *msk, u8 *emsk, u8 *session_id) - { - struct crypto_hash *hash; - u8 mk[SHA256_MAC_LEN], *cruft; - u8 msk_emsk[EAP_MSK_LEN + EAP_EMSK_LEN]; -- int offset; -+ size_t prime_len, order_len; -+ -+ prime_len = crypto_ec_prime_len(grp->group); -+ order_len = crypto_ec_order_len(grp->group); - -- if ((cruft = os_malloc(BN_num_bytes(grp->prime))) == NULL) -+ cruft = os_malloc(prime_len); -+ if (!cruft) - return -1; - - /* -@@ -328,14 +282,10 @@ - return -1; - } - eap_pwd_h_update(hash, (const u8 *) ciphersuite, sizeof(u32)); -- offset = BN_num_bytes(grp->order) - BN_num_bytes(peer_scalar); -- os_memset(cruft, 0, BN_num_bytes(grp->prime)); -- BN_bn2bin(peer_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(grp->order)); -- offset = BN_num_bytes(grp->order) - BN_num_bytes(server_scalar); -- os_memset(cruft, 0, BN_num_bytes(grp->prime)); -- BN_bn2bin(server_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(grp->order)); -+ crypto_bignum_to_bin(peer_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); -+ crypto_bignum_to_bin(server_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); - eap_pwd_h_final(hash, &session_id[1]); - - /* then compute MK = H(k | confirm-peer | confirm-server) */ -@@ -344,10 +294,8 @@ - os_free(cruft); - return -1; - } -- offset = BN_num_bytes(grp->prime) - BN_num_bytes(k); -- os_memset(cruft, 0, BN_num_bytes(grp->prime)); -- BN_bn2bin(k, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(grp->prime)); -+ crypto_bignum_to_bin(k, cruft, prime_len, prime_len); -+ eap_pwd_h_update(hash, cruft, prime_len); - os_free(cruft); - eap_pwd_h_update(hash, confirm_peer, SHA256_MAC_LEN); - eap_pwd_h_update(hash, confirm_server, SHA256_MAC_LEN); -diff -Nur orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.h wpa_supplicant-2.6/src/eap_common/eap_pwd_common.h ---- orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.h 2020-02-03 20:08:29.435861644 +0800 -+++ wpa_supplicant-2.6/src/eap_common/eap_pwd_common.h 2020-02-03 21:59:06.462756520 +0800 -@@ -9,20 +9,14 @@ - #ifndef EAP_PWD_COMMON_H - #define EAP_PWD_COMMON_H - --#include --#include --#include -- - /* - * definition of a finite cyclic group - * TODO: support one based on a prime field - */ - typedef struct group_definition_ { - u16 group_num; -- EC_GROUP *group; -- EC_POINT *pwe; -- BIGNUM *order; -- BIGNUM *prime; -+ struct crypto_ec *group; -+ struct crypto_ec_point *pwe; - } EAP_PWD_group; - - /* -@@ -61,8 +55,9 @@ - const u8 *id_server, size_t id_server_len, - const u8 *id_peer, size_t id_peer_len, - const u8 *token); --int compute_keys(EAP_PWD_group *grp, BN_CTX *bnctx, const BIGNUM *k, -- const BIGNUM *peer_scalar, const BIGNUM *server_scalar, -+int compute_keys(EAP_PWD_group *grp, const struct crypto_bignum *k, -+ const struct crypto_bignum *peer_scalar, -+ const struct crypto_bignum *server_scalar, - const u8 *confirm_peer, const u8 *confirm_server, - const u32 *ciphersuite, u8 *msk, u8 *emsk, u8 *session_id); - struct crypto_hash * eap_pwd_h_init(void); -diff -Nur orig-wpa_supplicant-2.6/src/eap_peer/eap_pwd.c wpa_supplicant-2.6/src/eap_peer/eap_pwd.c ---- orig-wpa_supplicant-2.6/src/eap_peer/eap_pwd.c 2020-02-03 20:08:29.435861644 +0800 -+++ wpa_supplicant-2.6/src/eap_peer/eap_pwd.c 2020-02-03 22:52:49.695035831 +0800 -@@ -11,6 +11,7 @@ - #include "common.h" - #include "crypto/sha256.h" - #include "crypto/ms_funcs.h" -+#include "crypto/crypto.h" - #include "eap_peer/eap_i.h" - #include "eap_common/eap_pwd_common.h" - -@@ -36,18 +37,16 @@ - size_t out_frag_pos; - size_t mtu; - -- BIGNUM *k; -- BIGNUM *private_value; -- BIGNUM *server_scalar; -- BIGNUM *my_scalar; -- EC_POINT *my_element; -- EC_POINT *server_element; -+ struct crypto_bignum *k; -+ struct crypto_bignum *private_value; -+ struct crypto_bignum *server_scalar; -+ struct crypto_bignum *my_scalar; -+ struct crypto_ec_point *my_element; -+ struct crypto_ec_point *server_element; - - u8 msk[EAP_MSK_LEN]; - u8 emsk[EAP_EMSK_LEN]; - u8 session_id[1 + SHA256_MAC_LEN]; -- -- BN_CTX *bnctx; - }; - - -@@ -107,15 +106,8 @@ - return NULL; - } - -- if ((data->bnctx = BN_CTX_new()) == NULL) { -- wpa_printf(MSG_INFO, "EAP-PWD: bn context allocation fail"); -- os_free(data); -- return NULL; -- } -- - if ((data->id_peer = os_malloc(identity_len)) == NULL) { - wpa_printf(MSG_INFO, "EAP-PWD: memory allocation id fail"); -- BN_CTX_free(data->bnctx); - os_free(data); - return NULL; - } -@@ -125,7 +117,6 @@ - - if ((data->password = os_malloc(password_len)) == NULL) { - wpa_printf(MSG_INFO, "EAP-PWD: memory allocation psk fail"); -- BN_CTX_free(data->bnctx); - bin_clear_free(data->id_peer, data->id_peer_len); - os_free(data); - return NULL; -@@ -152,21 +143,18 @@ - { - struct eap_pwd_data *data = priv; - -- BN_clear_free(data->private_value); -- BN_clear_free(data->server_scalar); -- BN_clear_free(data->my_scalar); -- BN_clear_free(data->k); -- BN_CTX_free(data->bnctx); -- EC_POINT_clear_free(data->my_element); -- EC_POINT_clear_free(data->server_element); -+ crypto_bignum_deinit(data->private_value, 1); -+ crypto_bignum_deinit(data->server_scalar, 1); -+ crypto_bignum_deinit(data->my_scalar, 1); -+ crypto_bignum_deinit(data->k, 1); -+ crypto_ec_point_deinit(data->my_element, 1); -+ crypto_ec_point_deinit(data->server_element, 1); - bin_clear_free(data->id_peer, data->id_peer_len); - bin_clear_free(data->id_server, data->id_server_len); - bin_clear_free(data->password, data->password_len); - if (data->grp) { -- EC_GROUP_free(data->grp->group); -- EC_POINT_clear_free(data->grp->pwe); -- BN_clear_free(data->grp->order); -- BN_clear_free(data->grp->prime); -+ crypto_ec_deinit(data->grp->group); -+ crypto_ec_point_deinit(data->grp->pwe, 1); - os_free(data->grp); - } - wpabuf_free(data->inbuf); -@@ -333,7 +321,7 @@ - } - - wpa_printf(MSG_DEBUG, "EAP-PWD (peer): computed %d bit PWE...", -- BN_num_bits(data->grp->prime)); -+ (int) crypto_ec_prime_len_bits(data->grp->group)); - - data->outbuf = wpabuf_alloc(sizeof(struct eap_pwd_id) + - data->id_peer_len); -@@ -358,10 +346,10 @@ - const struct wpabuf *reqData, - const u8 *payload, size_t payload_len) - { -- EC_POINT *K = NULL; -- BIGNUM *mask = NULL, *x = NULL, *y = NULL, *cofactor = NULL; -- u16 offset; -- u8 *ptr, *scalar = NULL, *element = NULL; -+ struct crypto_ec_point *K = NULL, *point = NULL; -+ struct crypto_bignum *mask = NULL, *cofactor = NULL; -+ const u8 *ptr; -+ u8 *scalar = NULL, *element = NULL; - size_t prime_len, order_len; - - if (data->state != PWD_Commit_Req) { -@@ -369,8 +357,8 @@ - goto fin; - } - -- prime_len = BN_num_bytes(data->grp->prime); -- order_len = BN_num_bytes(data->grp->order); -+ prime_len = crypto_ec_prime_len(data->grp->group); -+ order_len = crypto_ec_order_len(data->grp->group); - - if (payload_len != 2 * prime_len + order_len) { - wpa_printf(MSG_INFO, -@@ -380,76 +368,75 @@ - goto fin; - } - -- if (((data->private_value = BN_new()) == NULL) || -- ((data->my_element = EC_POINT_new(data->grp->group)) == NULL) || -- ((cofactor = BN_new()) == NULL) || -- ((data->my_scalar = BN_new()) == NULL) || -- ((mask = BN_new()) == NULL)) { -+ data->private_value = crypto_bignum_init(); -+ data->my_element = crypto_ec_point_init(data->grp->group); -+ cofactor = crypto_bignum_init(); -+ data->my_scalar = crypto_bignum_init(); -+ mask = crypto_bignum_init(); -+ if (!data->private_value || !data->my_element || !cofactor || -+ !data->my_scalar || !mask) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): scalar allocation fail"); - goto fin; - } - -- if (!EC_GROUP_get_cofactor(data->grp->group, cofactor, NULL)) { -+ if (crypto_ec_cofactor(data->grp->group, cofactor) < 0) { - wpa_printf(MSG_INFO, "EAP-pwd (peer): unable to get cofactor " - "for curve"); - goto fin; - } - -- if (BN_rand_range(data->private_value, data->grp->order) != 1 || -- BN_rand_range(mask, data->grp->order) != 1 || -- BN_add(data->my_scalar, data->private_value, mask) != 1 || -- BN_mod(data->my_scalar, data->my_scalar, data->grp->order, -- data->bnctx) != 1) { -+ if (crypto_bignum_rand(data->private_value, -+ crypto_ec_get_order(data->grp->group)) < 0 || -+ crypto_bignum_rand(mask, -+ crypto_ec_get_order(data->grp->group)) < 0 || -+ crypto_bignum_add(data->private_value, mask, -+ data->my_scalar) < 0 || -+ crypto_bignum_mod(data->my_scalar, -+ crypto_ec_get_order(data->grp->group), -+ data->my_scalar) < 0) { - wpa_printf(MSG_INFO, - "EAP-pwd (peer): unable to get randomness"); - goto fin; - } - -- if (!EC_POINT_mul(data->grp->group, data->my_element, NULL, -- data->grp->pwe, mask, data->bnctx)) { -+ if (crypto_ec_point_mul(data->grp->group, data->grp->pwe, mask, -+ data->my_element) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): element allocation " - "fail"); - eap_pwd_state(data, FAILURE); - goto fin; - } - -- if (!EC_POINT_invert(data->grp->group, data->my_element, data->bnctx)) -- { -+ if (crypto_ec_point_invert(data->grp->group, data->my_element) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): element inversion fail"); - goto fin; - } - -- if (((x = BN_new()) == NULL) || -- ((y = BN_new()) == NULL)) { -- wpa_printf(MSG_INFO, "EAP-PWD (peer): point allocation fail"); -- goto fin; -- } -- - /* process the request */ -- if (((data->server_scalar = BN_new()) == NULL) || -- ((data->k = BN_new()) == NULL) || -- ((K = EC_POINT_new(data->grp->group)) == NULL) || -- ((data->server_element = EC_POINT_new(data->grp->group)) == NULL)) -- { -+ data->k = crypto_bignum_init(); -+ K = crypto_ec_point_init(data->grp->group); -+ point = crypto_ec_point_init(data->grp->group); -+ if (!data->k || !K || !point) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): peer data allocation " - "fail"); - goto fin; - } - - /* element, x then y, followed by scalar */ -- ptr = (u8 *) payload; -- BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), x); -- ptr += BN_num_bytes(data->grp->prime); -- BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), y); -- ptr += BN_num_bytes(data->grp->prime); -- BN_bin2bn(ptr, BN_num_bytes(data->grp->order), data->server_scalar); -- if (!EC_POINT_set_affine_coordinates_GFp(data->grp->group, -- data->server_element, x, y, -- data->bnctx)) { -+ ptr = payload; -+ data->server_element = crypto_ec_point_from_bin(data->grp->group, ptr); -+ if (!data->server_element) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): setting peer element " - "fail"); - goto fin; - } -+ ptr += prime_len * 2; -+ data->server_scalar = crypto_bignum_init_set(ptr, order_len); -+ if (!data->server_scalar) { -+ wpa_printf(MSG_INFO, -+ "EAP-PWD (peer): setting peer scalar fail"); -+ goto fin; -+ } - - /* verify received scalar */ - if (crypto_bignum_is_zero(data->server_scalar) || -@@ -472,21 +459,20 @@ - } - - /* compute the shared key, k */ -- if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe, -- data->server_scalar, data->bnctx)) || -- (!EC_POINT_add(data->grp->group, K, K, data->server_element, -- data->bnctx)) || -- (!EC_POINT_mul(data->grp->group, K, NULL, K, data->private_value, -- data->bnctx))) { -+ if (crypto_ec_point_mul(data->grp->group, data->grp->pwe, -+ data->server_scalar, K) < 0 || -+ crypto_ec_point_add(data->grp->group, K, data->server_element, -+ K) < 0 || -+ crypto_ec_point_mul(data->grp->group, K, data->private_value, -+ K) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): computing shared key " - "fail"); - goto fin; - } - - /* ensure that the shared key isn't in a small sub-group */ -- if (BN_cmp(cofactor, BN_value_one())) { -- if (!EC_POINT_mul(data->grp->group, K, NULL, K, cofactor, -- NULL)) { -+ if (!crypto_bignum_is_one(cofactor)) { -+ if (crypto_ec_point_mul(data->grp->group, K, cofactor, K) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): cannot multiply " - "shared key point by order"); - goto fin; -@@ -499,30 +485,22 @@ - * never going to happen it is a simple and safe check "just to be - * sure" so let's be safe. - */ -- if (EC_POINT_is_at_infinity(data->grp->group, K)) { -+ if (crypto_ec_point_is_at_infinity(data->grp->group, K)) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): shared key point is at " - "infinity!\n"); - goto fin; - } - -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, K, data->k, -- NULL, data->bnctx)) { -+ if (crypto_ec_point_x(data->grp->group, K, data->k) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to extract " - "shared secret from point"); - goto fin; - } - - /* now do the response */ -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->my_element, x, y, -- data->bnctx)) { -- wpa_printf(MSG_INFO, "EAP-PWD (peer): point assignment fail"); -- goto fin; -- } -- -- if (((scalar = os_malloc(BN_num_bytes(data->grp->order))) == NULL) || -- ((element = os_malloc(BN_num_bytes(data->grp->prime) * 2)) == -- NULL)) { -+ scalar = os_zalloc(order_len); -+ element = os_zalloc(prime_len * 2); -+ if (!scalar || !element) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): data allocation fail"); - goto fin; - } -@@ -532,35 +510,28 @@ - * sufficiently smaller than the prime or order might need pre-pending - * with zeros. - */ -- os_memset(scalar, 0, BN_num_bytes(data->grp->order)); -- os_memset(element, 0, BN_num_bytes(data->grp->prime) * 2); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->my_scalar); -- BN_bn2bin(data->my_scalar, scalar + offset); -- -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, element + offset); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, element + BN_num_bytes(data->grp->prime) + offset); -+ crypto_bignum_to_bin(data->my_scalar, scalar, order_len, order_len); -+ if (crypto_ec_point_to_bin(data->grp->group, data->my_element, element, -+ element + prime_len) != 0) { -+ wpa_printf(MSG_INFO, "EAP-PWD (peer): point assignment fail"); -+ goto fin; -+ } - -- data->outbuf = wpabuf_alloc(BN_num_bytes(data->grp->order) + -- 2 * BN_num_bytes(data->grp->prime)); -+ data->outbuf = wpabuf_alloc(order_len + 2 * prime_len); - if (data->outbuf == NULL) - goto fin; - - /* we send the element as (x,y) follwed by the scalar */ -- wpabuf_put_data(data->outbuf, element, -- 2 * BN_num_bytes(data->grp->prime)); -- wpabuf_put_data(data->outbuf, scalar, BN_num_bytes(data->grp->order)); -+ wpabuf_put_data(data->outbuf, element, 2 * prime_len); -+ wpabuf_put_data(data->outbuf, scalar, order_len); - - fin: - os_free(scalar); - os_free(element); -- BN_clear_free(x); -- BN_clear_free(y); -- BN_clear_free(mask); -- BN_clear_free(cofactor); -- EC_POINT_clear_free(K); -+ crypto_bignum_deinit(mask, 1); -+ crypto_bignum_deinit(cofactor, 1); -+ crypto_ec_point_deinit(K, 1); -+ crypto_ec_point_deinit(point, 1); - if (data->outbuf == NULL) - eap_pwd_state(data, FAILURE); - else -@@ -574,12 +545,11 @@ - const struct wpabuf *reqData, - const u8 *payload, size_t payload_len) - { -- BIGNUM *x = NULL, *y = NULL; - struct crypto_hash *hash; - u32 cs; - u16 grp; - u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr; -- int offset; -+ size_t prime_len = 0, order_len = 0; - - if (data->state != PWD_Confirm_Req) { - ret->ignore = TRUE; -@@ -593,6 +563,9 @@ - goto fin; - } - -+ prime_len = crypto_ec_prime_len(data->grp->group); -+ order_len = crypto_ec_order_len(data->grp->group); -+ - /* - * first build up the ciphersuite which is group | random_function | - * prf -@@ -605,9 +578,9 @@ - ptr += sizeof(u8); - *ptr = EAP_PWD_DEFAULT_PRF; - -- /* each component of the cruft will be at most as big as the prime */ -- if (((cruft = os_malloc(BN_num_bytes(data->grp->prime))) == NULL) || -- ((x = BN_new()) == NULL) || ((y = BN_new()) == NULL)) { -+ /* each component of the point will be at most as big as the prime */ -+ cruft = os_malloc(prime_len * 2); -+ if (!cruft) { - wpa_printf(MSG_INFO, "EAP-PWD (server): confirm allocation " - "fail"); - goto fin; -@@ -625,59 +598,35 @@ - * zero the memory each time because this is mod prime math and some - * value may start with a few zeros and the previous one did not. - */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(data->k); -- BN_bn2bin(data->k, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len); -+ eap_pwd_h_update(hash, cruft, prime_len); - - /* server element: x, y */ -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->server_element, x, y, -- data->bnctx)) { -+ if (crypto_ec_point_to_bin(data->grp->group, data->server_element, -+ cruft, cruft + prime_len) != 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " - "assignment fail"); - goto fin; - } -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ eap_pwd_h_update(hash, cruft, prime_len * 2); - - /* server scalar */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->server_scalar); -- BN_bn2bin(data->server_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); -+ crypto_bignum_to_bin(data->server_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); - - /* my element: x, y */ -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->my_element, x, y, -- data->bnctx)) { -+ if (crypto_ec_point_to_bin(data->grp->group, data->my_element, cruft, -+ cruft + prime_len) != 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " - "assignment fail"); - goto fin; - } - -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ eap_pwd_h_update(hash, cruft, prime_len * 2); - - /* my scalar */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->my_scalar); -- BN_bn2bin(data->my_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); -+ crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); - - /* the ciphersuite */ - eap_pwd_h_update(hash, (u8 *) &cs, sizeof(u32)); -@@ -703,58 +652,34 @@ - goto fin; - - /* k */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(data->k); -- BN_bn2bin(data->k, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len); -+ eap_pwd_h_update(hash, cruft, prime_len); - - /* my element */ -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->my_element, x, y, -- data->bnctx)) { -+ if (crypto_ec_point_to_bin(data->grp->group, data->my_element, cruft, -+ cruft + prime_len) != 0) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): confirm point " - "assignment fail"); - goto fin; - } -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ eap_pwd_h_update(hash, cruft, prime_len * 2); - - /* my scalar */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->my_scalar); -- BN_bn2bin(data->my_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); -+ crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); - - /* server element: x, y */ -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->server_element, x, y, -- data->bnctx)) { -+ if (crypto_ec_point_to_bin(data->grp->group, data->server_element, -+ cruft, cruft + prime_len) != 0) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): confirm point " - "assignment fail"); - goto fin; - } -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ eap_pwd_h_update(hash, cruft, prime_len * 2); - - /* server scalar */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->server_scalar); -- BN_bn2bin(data->server_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); -+ crypto_bignum_to_bin(data->server_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); - - /* the ciphersuite */ - eap_pwd_h_update(hash, (u8 *) &cs, sizeof(u32)); -@@ -762,7 +687,7 @@ - /* all done */ - eap_pwd_h_final(hash, conf); - -- if (compute_keys(data->grp, data->bnctx, data->k, -+ if (compute_keys(data->grp, data->k, - data->my_scalar, data->server_scalar, conf, ptr, - &cs, data->msk, data->emsk, data->session_id) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to compute MSK | " -@@ -777,10 +702,7 @@ - wpabuf_put_data(data->outbuf, conf, SHA256_MAC_LEN); - - fin: -- if (data->grp) -- bin_clear_free(cruft, BN_num_bytes(data->grp->prime)); -- BN_clear_free(x); -- BN_clear_free(y); -+ bin_clear_free(cruft, prime_len * 2); - if (data->outbuf == NULL) { - ret->methodState = METHOD_DONE; - ret->decision = DECISION_FAIL; -diff -Nur orig-wpa_supplicant-2.6/src/eap_server/eap_server_pwd.c wpa_supplicant-2.6/src/eap_server/eap_server_pwd.c ---- orig-wpa_supplicant-2.6/src/eap_server/eap_server_pwd.c 2020-02-03 20:08:29.425861513 +0800 -+++ wpa_supplicant-2.6/src/eap_server/eap_server_pwd.c 2020-02-03 23:57:15.626097442 +0800 -@@ -11,6 +11,7 @@ - #include "common.h" - #include "crypto/sha256.h" - #include "crypto/ms_funcs.h" -+#include "crypto/crypto.h" - #include "eap_server/eap_i.h" - #include "eap_common/eap_pwd_common.h" - -@@ -36,20 +37,18 @@ - size_t out_frag_pos; - size_t mtu; - -- BIGNUM *k; -- BIGNUM *private_value; -- BIGNUM *peer_scalar; -- BIGNUM *my_scalar; -- EC_POINT *my_element; -- EC_POINT *peer_element; -+ struct crypto_bignum *k; -+ struct crypto_bignum *private_value; -+ struct crypto_bignum *peer_scalar; -+ struct crypto_bignum *my_scalar; -+ struct crypto_ec_point *my_element; -+ struct crypto_ec_point *peer_element; - - u8 my_confirm[SHA256_MAC_LEN]; - - u8 msk[EAP_MSK_LEN]; - u8 emsk[EAP_EMSK_LEN]; - u8 session_id[1 + SHA256_MAC_LEN]; -- -- BN_CTX *bnctx; - }; - - -@@ -116,15 +115,6 @@ - os_memcpy(data->password, sm->user->password, data->password_len); - data->password_hash = sm->user->password_hash; - -- data->bnctx = BN_CTX_new(); -- if (data->bnctx == NULL) { -- wpa_printf(MSG_INFO, "EAP-PWD: bn context allocation fail"); -- bin_clear_free(data->password, data->password_len); -- bin_clear_free(data->id_server, data->id_server_len); -- os_free(data); -- return NULL; -- } -- - data->in_frag_pos = data->out_frag_pos = 0; - data->inbuf = data->outbuf = NULL; - /* use default MTU from RFC 5931 if not configured otherwise */ -@@ -138,21 +128,18 @@ - { - struct eap_pwd_data *data = priv; - -- BN_clear_free(data->private_value); -- BN_clear_free(data->peer_scalar); -- BN_clear_free(data->my_scalar); -- BN_clear_free(data->k); -- BN_CTX_free(data->bnctx); -- EC_POINT_clear_free(data->my_element); -- EC_POINT_clear_free(data->peer_element); -+ crypto_bignum_deinit(data->private_value, 1); -+ crypto_bignum_deinit(data->peer_scalar, 1); -+ crypto_bignum_deinit(data->my_scalar, 1); -+ crypto_bignum_deinit(data->k, 1); -+ crypto_ec_point_deinit(data->my_element, 1); -+ crypto_ec_point_deinit(data->peer_element, 1); - bin_clear_free(data->id_peer, data->id_peer_len); - bin_clear_free(data->id_server, data->id_server_len); - bin_clear_free(data->password, data->password_len); - if (data->grp) { -- EC_GROUP_free(data->grp->group); -- EC_POINT_clear_free(data->grp->pwe); -- BN_clear_free(data->grp->order); -- BN_clear_free(data->grp->prime); -+ crypto_ec_deinit(data->grp->group); -+ crypto_ec_point_deinit(data->grp->pwe, 1); - os_free(data->grp); - } - wpabuf_free(data->inbuf); -@@ -198,9 +185,9 @@ - static void eap_pwd_build_commit_req(struct eap_sm *sm, - struct eap_pwd_data *data, u8 id) - { -- BIGNUM *mask = NULL, *x = NULL, *y = NULL; -+ struct crypto_bignum *mask = NULL; - u8 *scalar = NULL, *element = NULL; -- u16 offset; -+ size_t prime_len, order_len; - - wpa_printf(MSG_DEBUG, "EAP-pwd: Commit/Request"); - /* -@@ -210,93 +197,75 @@ - if (data->out_frag_pos) - return; - -- if (((data->private_value = BN_new()) == NULL) || -- ((data->my_element = EC_POINT_new(data->grp->group)) == NULL) || -- ((data->my_scalar = BN_new()) == NULL) || -- ((mask = BN_new()) == NULL)) { -+ prime_len = crypto_ec_prime_len(data->grp->group); -+ order_len = crypto_ec_order_len(data->grp->group); -+ -+ data->private_value = crypto_bignum_init(); -+ data->my_element = crypto_ec_point_init(data->grp->group); -+ data->my_scalar = crypto_bignum_init(); -+ mask = crypto_bignum_init(); -+ if (!data->private_value || !data->my_element || !data->my_scalar || -+ !mask) { - wpa_printf(MSG_INFO, "EAP-PWD (server): scalar allocation " - "fail"); - goto fin; - } - -- if (BN_rand_range(data->private_value, data->grp->order) != 1 || -- BN_rand_range(mask, data->grp->order) != 1 || -- BN_add(data->my_scalar, data->private_value, mask) != 1 || -- BN_mod(data->my_scalar, data->my_scalar, data->grp->order, -- data->bnctx) != 1) { -+ if (crypto_bignum_rand(data->private_value, -+ crypto_ec_get_order(data->grp->group)) < 0 || -+ crypto_bignum_rand(mask, -+ crypto_ec_get_order(data->grp->group)) < 0 || -+ crypto_bignum_add(data->private_value, mask, data->my_scalar) < 0 || -+ crypto_bignum_mod(data->my_scalar, -+ crypto_ec_get_order(data->grp->group), -+ data->my_scalar) < 0) { -+ - wpa_printf(MSG_INFO, - "EAP-pwd (server): unable to get randomness"); - goto fin; - } - -- if (!EC_POINT_mul(data->grp->group, data->my_element, NULL, -- data->grp->pwe, mask, data->bnctx)) { -+ if (crypto_ec_point_mul(data->grp->group, data->grp->pwe, mask, -+ data->my_element) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): element allocation " - "fail"); - eap_pwd_state(data, FAILURE); - goto fin; - } - -- if (!EC_POINT_invert(data->grp->group, data->my_element, data->bnctx)) -- { -+ if (crypto_ec_point_invert(data->grp->group, data->my_element) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): element inversion " - "fail"); - goto fin; - } -- BN_clear_free(mask); -- -- if (((x = BN_new()) == NULL) || -- ((y = BN_new()) == NULL)) { -- wpa_printf(MSG_INFO, "EAP-PWD (server): point allocation " -- "fail"); -+ scalar = os_malloc(order_len); -+ element = os_malloc(prime_len * 2); -+ if (!scalar || !element) { -+ wpa_printf(MSG_INFO, "EAP-PWD (server): data allocation fail"); - goto fin; - } -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->my_element, x, y, -- data->bnctx)) { -+ -+ if (crypto_ec_point_to_bin(data->grp->group, data->my_element, element, -+ element + prime_len) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): point assignment " - "fail"); - goto fin; - } - -- if (((scalar = os_malloc(BN_num_bytes(data->grp->order))) == NULL) || -- ((element = os_malloc(BN_num_bytes(data->grp->prime) * 2)) == -- NULL)) { -- wpa_printf(MSG_INFO, "EAP-PWD (server): data allocation fail"); -- goto fin; -- } -- -- /* -- * bignums occupy as little memory as possible so one that is -- * sufficiently smaller than the prime or order might need pre-pending -- * with zeros. -- */ -- os_memset(scalar, 0, BN_num_bytes(data->grp->order)); -- os_memset(element, 0, BN_num_bytes(data->grp->prime) * 2); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->my_scalar); -- BN_bn2bin(data->my_scalar, scalar + offset); -- -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, element + offset); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, element + BN_num_bytes(data->grp->prime) + offset); -+ crypto_bignum_to_bin(data->my_scalar, scalar, order_len, order_len); - -- data->outbuf = wpabuf_alloc(2 * BN_num_bytes(data->grp->prime) + -- BN_num_bytes(data->grp->order)); -+ data->outbuf = wpabuf_alloc(2 * prime_len + order_len); - if (data->outbuf == NULL) - goto fin; - - /* We send the element as (x,y) followed by the scalar */ -- wpabuf_put_data(data->outbuf, element, -- 2 * BN_num_bytes(data->grp->prime)); -- wpabuf_put_data(data->outbuf, scalar, BN_num_bytes(data->grp->order)); -+ wpabuf_put_data(data->outbuf, element, 2 * prime_len); -+ wpabuf_put_data(data->outbuf, scalar, order_len); - - fin: -+ crypto_bignum_deinit(mask, 1); - os_free(scalar); - os_free(element); -- BN_clear_free(x); -- BN_clear_free(y); - if (data->outbuf == NULL) - eap_pwd_state(data, FAILURE); - } -@@ -305,11 +274,10 @@ - static void eap_pwd_build_confirm_req(struct eap_sm *sm, - struct eap_pwd_data *data, u8 id) - { -- BIGNUM *x = NULL, *y = NULL; - struct crypto_hash *hash; - u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr; - u16 grp; -- int offset; -+ size_t prime_len, order_len; - - wpa_printf(MSG_DEBUG, "EAP-pwd: Confirm/Request"); - /* -@@ -319,9 +287,12 @@ - if (data->out_frag_pos) - return; - -+ prime_len = crypto_ec_prime_len(data->grp->group); -+ order_len = crypto_ec_order_len(data->grp->group); -+ - /* Each component of the cruft will be at most as big as the prime */ -- if (((cruft = os_malloc(BN_num_bytes(data->grp->prime))) == NULL) || -- ((x = BN_new()) == NULL) || ((y = BN_new()) == NULL)) { -+ cruft = os_malloc(prime_len * 2); -+ if (!cruft) { - wpa_printf(MSG_INFO, "EAP-PWD (server): debug allocation " - "fail"); - goto fin; -@@ -341,64 +312,39 @@ - * - * First is k - */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(data->k); -- BN_bn2bin(data->k, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len); -+ eap_pwd_h_update(hash, cruft, prime_len); - - /* server element: x, y */ -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->my_element, x, y, -- data->bnctx)) { -+ if (crypto_ec_point_to_bin(data->grp->group, data->my_element, cruft, -+ cruft + prime_len) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " - "assignment fail"); - goto fin; - } - -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ eap_pwd_h_update(hash, cruft, prime_len * 2); - - /* server scalar */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->my_scalar); -- BN_bn2bin(data->my_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); -+ crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); - - /* peer element: x, y */ -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->peer_element, x, y, -- data->bnctx)) { -+ if (crypto_ec_point_to_bin(data->grp->group, data->peer_element, cruft, -+ cruft + prime_len) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " - "assignment fail"); - goto fin; - } -- -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ eap_pwd_h_update(hash, cruft, prime_len * 2); - - /* peer scalar */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->peer_scalar); -- BN_bn2bin(data->peer_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); -+ crypto_bignum_to_bin(data->peer_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); - - /* ciphersuite */ - grp = htons(data->group_num); -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -+ os_memset(cruft, 0, prime_len); - ptr = cruft; - os_memcpy(ptr, &grp, sizeof(u16)); - ptr += sizeof(u16); -@@ -419,9 +365,7 @@ - wpabuf_put_data(data->outbuf, conf, SHA256_MAC_LEN); - - fin: -- bin_clear_free(cruft, BN_num_bytes(data->grp->prime)); -- BN_clear_free(x); -- BN_clear_free(y); -+ bin_clear_free(cruft, prime_len * 2); - if (data->outbuf == NULL) - eap_pwd_state(data, FAILURE); - } -@@ -647,7 +591,7 @@ - return; - } - wpa_printf(MSG_DEBUG, "EAP-PWD (server): computed %d bit PWE...", -- BN_num_bits(data->grp->prime)); -+ (int) crypto_ec_prime_len_bits(data->grp->group)); - - eap_pwd_state(data, PWD_Commit_Req); - } -@@ -657,16 +601,16 @@ - eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - const u8 *payload, size_t payload_len) - { -- u8 *ptr; -- BIGNUM *x = NULL, *y = NULL, *cofactor = NULL; -- EC_POINT *K = NULL; -+ const u8 *ptr; -+ struct crypto_bignum *cofactor = NULL; -+ struct crypto_ec_point *K = NULL, *point = NULL; - int res = 0; - size_t prime_len, order_len; - - wpa_printf(MSG_DEBUG, "EAP-pwd: Received commit response"); - -- prime_len = BN_num_bytes(data->grp->prime); -- order_len = BN_num_bytes(data->grp->order); -+ prime_len = crypto_ec_prime_len(data->grp->group); -+ order_len = crypto_ec_order_len(data->grp->group); - - if (payload_len != 2 * prime_len + order_len) { - wpa_printf(MSG_INFO, -@@ -676,34 +620,26 @@ - goto fin; - } - -- if (((data->peer_scalar = BN_new()) == NULL) || -- ((data->k = BN_new()) == NULL) || -- ((cofactor = BN_new()) == NULL) || -- ((x = BN_new()) == NULL) || -- ((y = BN_new()) == NULL) || -- ((K = EC_POINT_new(data->grp->group)) == NULL) || -- ((data->peer_element = EC_POINT_new(data->grp->group)) == NULL)) { -+ data->k = crypto_bignum_init(); -+ cofactor = crypto_bignum_init(); -+ point = crypto_ec_point_init(data->grp->group); -+ K = crypto_ec_point_init(data->grp->group); -+ if (!data->k || !cofactor || !point || !K) { - wpa_printf(MSG_INFO, "EAP-PWD (server): peer data allocation " - "fail"); - goto fin; - } - -- if (!EC_GROUP_get_cofactor(data->grp->group, cofactor, NULL)) { -+ if (crypto_ec_cofactor(data->grp->group, cofactor) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): unable to get " - "cofactor for curve"); - goto fin; - } - - /* element, x then y, followed by scalar */ -- ptr = (u8 *) payload; -- BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), x); -- ptr += BN_num_bytes(data->grp->prime); -- BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), y); -- ptr += BN_num_bytes(data->grp->prime); -- BN_bin2bn(ptr, BN_num_bytes(data->grp->order), data->peer_scalar); -- if (!EC_POINT_set_affine_coordinates_GFp(data->grp->group, -- data->peer_element, x, y, -- data->bnctx)) { -+ ptr = payload; -+ data->peer_element = crypto_ec_point_from_bin(data->grp->group, ptr); -+ if (!data->peer_element) { - wpa_printf(MSG_INFO, "EAP-PWD (server): setting peer element " - "fail"); - goto fin; -@@ -719,21 +655,21 @@ - } - - /* compute the shared key, k */ -- if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe, -- data->peer_scalar, data->bnctx)) || -- (!EC_POINT_add(data->grp->group, K, K, data->peer_element, -- data->bnctx)) || -- (!EC_POINT_mul(data->grp->group, K, NULL, K, data->private_value, -- data->bnctx))) { -+ if ((crypto_ec_point_mul(data->grp->group, data->grp->pwe, -+ data->peer_scalar, K) < 0) || -+ (crypto_ec_point_add(data->grp->group, K, data->peer_element, -+ K) < 0) || -+ (crypto_ec_point_mul(data->grp->group, K, data->private_value, -+ K) < 0)) { - wpa_printf(MSG_INFO, "EAP-PWD (server): computing shared key " - "fail"); - goto fin; - } - - /* ensure that the shared key isn't in a small sub-group */ -- if (BN_cmp(cofactor, BN_value_one())) { -- if (!EC_POINT_mul(data->grp->group, K, NULL, K, cofactor, -- NULL)) { -+ if (!crypto_bignum_is_one(cofactor)) { -+ if (crypto_ec_point_mul(data->grp->group, K, cofactor, -+ K) != 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): cannot " - "multiply shared key point by order!\n"); - goto fin; -@@ -746,13 +682,12 @@ - * never going to happen it is a simple and safe check "just to be - * sure" so let's be safe. - */ -- if (EC_POINT_is_at_infinity(data->grp->group, K)) { -+ if (crypto_ec_point_is_at_infinity(data->grp->group, K)) { - wpa_printf(MSG_INFO, "EAP-PWD (server): shared key point is " - "at infinity"); - goto fin; - } -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, K, data->k, -- NULL, data->bnctx)) { -+ if (crypto_ec_point_x(data->grp->group, K, data->k)) { - wpa_printf(MSG_INFO, "EAP-PWD (server): unable to extract " - "shared secret from secret point"); - goto fin; -@@ -760,10 +695,9 @@ - res = 1; - - fin: -- EC_POINT_clear_free(K); -- BN_clear_free(cofactor); -- BN_clear_free(x); -- BN_clear_free(y); -+ crypto_ec_point_deinit(K, 1); -+ crypto_ec_point_deinit(point, 1); -+ crypto_bignum_deinit(cofactor, 1); - - if (res) - eap_pwd_state(data, PWD_Confirm_Req); -@@ -776,12 +710,14 @@ - eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, - const u8 *payload, size_t payload_len) - { -- BIGNUM *x = NULL, *y = NULL; - struct crypto_hash *hash; - u32 cs; - u16 grp; - u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr; -- int offset; -+ size_t prime_len, order_len; -+ -+ prime_len = crypto_ec_prime_len(data->grp->group); -+ order_len = crypto_ec_order_len(data->grp->group); - - if (payload_len != SHA256_MAC_LEN) { - wpa_printf(MSG_INFO, -@@ -800,8 +736,8 @@ - *ptr = EAP_PWD_DEFAULT_PRF; - - /* each component of the cruft will be at most as big as the prime */ -- if (((cruft = os_malloc(BN_num_bytes(data->grp->prime))) == NULL) || -- ((x = BN_new()) == NULL) || ((y = BN_new()) == NULL)) { -+ cruft = os_malloc(prime_len * 2); -+ if (!cruft) { - wpa_printf(MSG_INFO, "EAP-PWD (peer): allocation fail"); - goto fin; - } -@@ -815,62 +751,36 @@ - goto fin; - - /* k */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(data->k); -- BN_bn2bin(data->k, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len); -+ eap_pwd_h_update(hash, cruft, prime_len); - - /* peer element: x, y */ -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->peer_element, x, y, -- data->bnctx)) { -+ if (crypto_ec_point_to_bin(data->grp->group, data->peer_element, cruft, -+ cruft + prime_len) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " - "assignment fail"); - goto fin; - } -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ eap_pwd_h_update(hash, cruft, prime_len * 2); - - /* peer scalar */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->peer_scalar); -- BN_bn2bin(data->peer_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); -+ crypto_bignum_to_bin(data->peer_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); - - /* server element: x, y */ -- if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, -- data->my_element, x, y, -- data->bnctx)) { -+ if (crypto_ec_point_to_bin(data->grp->group, data->my_element, cruft, -+ cruft + prime_len) < 0) { - wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " - "assignment fail"); - goto fin; - } -- -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x); -- BN_bn2bin(x, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y); -- BN_bn2bin(y, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime)); -+ eap_pwd_h_update(hash, cruft, prime_len * 2); - - /* server scalar */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); -- offset = BN_num_bytes(data->grp->order) - -- BN_num_bytes(data->my_scalar); -- BN_bn2bin(data->my_scalar, cruft + offset); -- eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order)); -+ crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len); -+ eap_pwd_h_update(hash, cruft, order_len); - - /* ciphersuite */ -- os_memset(cruft, 0, BN_num_bytes(data->grp->prime)); - eap_pwd_h_update(hash, (u8 *) &cs, sizeof(u32)); - - /* all done */ -@@ -884,7 +794,7 @@ - } - - wpa_printf(MSG_DEBUG, "EAP-pwd (server): confirm verified"); -- if (compute_keys(data->grp, data->bnctx, data->k, -+ if (compute_keys(data->grp, data->k, - data->peer_scalar, data->my_scalar, conf, - data->my_confirm, &cs, data->msk, data->emsk, - data->session_id) < 0) -@@ -893,9 +803,7 @@ - eap_pwd_state(data, SUCCESS); - - fin: -- bin_clear_free(cruft, BN_num_bytes(data->grp->prime)); -- BN_clear_free(x); -- BN_clear_free(y); -+ bin_clear_free(cruft, prime_len * 2); - } - - -diff -Nur orig-wpa_supplicant-2.6/wpa_supplicant/Android.mk wpa_supplicant-2.6/wpa_supplicant/Android.mk ---- orig-wpa_supplicant-2.6/wpa_supplicant/Android.mk 2020-02-03 20:08:29.445861775 +0800 -+++ wpa_supplicant-2.6/wpa_supplicant/Android.mk 2020-02-04 00:02:05.699930804 +0800 -@@ -640,6 +640,7 @@ - OBJS += src/eap_peer/eap_pwd.c src/eap_common/eap_pwd_common.c - CONFIG_IEEE8021X_EAPOL=y - NEED_SHA256=y -+NEED_ECC=y - endif - - ifdef CONFIG_EAP_EKE -diff -Nur orig-wpa_supplicant-2.6/wpa_supplicant/Makefile wpa_supplicant-2.6/wpa_supplicant/Makefile ---- orig-wpa_supplicant-2.6/wpa_supplicant/Makefile 2020-02-03 20:08:29.445861775 +0800 -+++ wpa_supplicant-2.6/wpa_supplicant/Makefile 2020-02-04 00:03:21.960938436 +0800 -@@ -669,6 +669,7 @@ - OBJS += ../src/eap_peer/eap_pwd.o ../src/eap_common/eap_pwd_common.o - CONFIG_IEEE8021X_EAPOL=y - NEED_SHA256=y -+NEED_ECC=y - endif - - ifdef CONFIG_EAP_EKE diff --git a/CVE-2019-9495-pre2.patch b/CVE-2019-9495-pre2.patch deleted file mode 100644 index 19176e23a598cfbbabc5a0843e9d9f48300bd80c..0000000000000000000000000000000000000000 --- a/CVE-2019-9495-pre2.patch +++ /dev/null @@ -1,92 +0,0 @@ -diff -Nur orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c ---- orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c 2020-02-04 00:21:51.805643103 +0800 -+++ wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c 2020-02-04 00:30:16.612332185 +0800 -@@ -80,6 +80,26 @@ - return 0; - } - -+EAP_PWD_group * get_eap_pwd_group(u16 num) -+{ -+ EAP_PWD_group *grp; -+ -+ grp = os_zalloc(sizeof(EAP_PWD_group)); -+ if (!grp) -+ return NULL; -+ grp->group = crypto_ec_init(num); -+ if (!grp->group) { -+ wpa_printf(MSG_INFO, "EAP-pwd: unable to create EC group"); -+ os_free(grp); -+ return NULL; -+ } -+ -+ grp->group_num = num; -+ wpa_printf(MSG_INFO, "EAP-pwd: provisioned group %d", num); -+ -+ return grp; -+} -++ - - /* - * compute a "random" secret point on an elliptic curve based -@@ -97,12 +117,8 @@ - size_t primebytelen, primebitlen; - struct crypto_bignum *x_candidate = NULL, *rnd = NULL, *cofactor = NULL; - -- grp->pwe = NULL; -- grp->group = crypto_ec_init(num); -- if (!grp->group) { -- wpa_printf(MSG_INFO, "EAP-pwd: unable to create EC group"); -- goto fail; -- } -+ if (grp->pwe) -+ return -1; - - cofactor = crypto_bignum_init(); - grp->pwe = crypto_ec_point_init(grp->group); -@@ -234,11 +250,8 @@ - break; - } - wpa_printf(MSG_DEBUG, "EAP-pwd: found a PWE in %d tries", ctr); -- grp->group_num = num; - if (0) { - fail: -- crypto_ec_deinit(grp->group); -- grp->group = NULL; - crypto_ec_point_deinit(grp->pwe, 1); - grp->pwe = NULL; - ret = 1; -diff -Nur orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.h wpa_supplicant-2.6/src/eap_common/eap_pwd_common.h ---- orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.h 2020-02-04 00:21:51.805643103 +0800 -+++ wpa_supplicant-2.6/src/eap_common/eap_pwd_common.h 2020-02-04 00:31:51.873594123 +0800 -@@ -50,6 +50,7 @@ - } STRUCT_PACKED; - - /* common routines */ -+EAP_PWD_group * get_eap_pwd_group(u16 num); - int compute_password_element(EAP_PWD_group *grp, u16 num, - const u8 *password, size_t password_len, - const u8 *id_server, size_t id_server_len, -diff -Nur orig-wpa_supplicant-2.6/src/eap_peer/eap_pwd.c wpa_supplicant-2.6/src/eap_peer/eap_pwd.c ---- orig-wpa_supplicant-2.6/src/eap_peer/eap_pwd.c 2020-02-04 00:21:51.805643103 +0800 -+++ wpa_supplicant-2.6/src/eap_peer/eap_pwd.c 2020-02-04 00:33:35.694969340 +0800 -@@ -267,7 +267,7 @@ - wpa_hexdump_ascii(MSG_INFO, "EAP-PWD (peer): server sent id of", - data->id_server, data->id_server_len); - -- data->grp = os_zalloc(sizeof(EAP_PWD_group)); -+ data->grp = get_eap_pwd_group(data->group_num); - if (data->grp == NULL) { - wpa_printf(MSG_INFO, "EAP-PWD: failed to allocate memory for " - "group"); -diff -Nur orig-wpa_supplicant-2.6/src/eap_server/eap_server_pwd.c wpa_supplicant-2.6/src/eap_server/eap_server_pwd.c ---- orig-wpa_supplicant-2.6/src/eap_server/eap_server_pwd.c 2020-02-04 00:21:51.805643103 +0800 -+++ wpa_supplicant-2.6/src/eap_server/eap_server_pwd.c 2020-02-04 00:34:34.975754518 +0800 -@@ -561,7 +561,7 @@ - wpa_hexdump_ascii(MSG_DEBUG, "EAP-PWD (server): peer sent id of", - data->id_peer, data->id_peer_len); - -- data->grp = os_zalloc(sizeof(EAP_PWD_group)); -+ data->grp = get_eap_pwd_group(data->group_num); - if (data->grp == NULL) { - wpa_printf(MSG_INFO, "EAP-PWD: failed to allocate memory for " - "group"); diff --git a/CVE-2019-9495-pre3.patch b/CVE-2019-9495-pre3.patch deleted file mode 100644 index a1f928ef536c76cdbc2ae50c66843cf52af31ec2..0000000000000000000000000000000000000000 --- a/CVE-2019-9495-pre3.patch +++ /dev/null @@ -1,236 +0,0 @@ -diff -Nur orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c ---- orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c 2020-02-04 00:39:56.190008362 +0800 -+++ wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c 2020-02-04 01:06:55.651509904 +0800 -@@ -111,18 +111,25 @@ - const u8 *id_peer, size_t id_peer_len, - const u8 *token) - { -+ struct crypto_bignum *qr = NULL, *qnr = NULL, *one = NULL; -+ struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL, *pm1 = NULL; - struct crypto_hash *hash; - unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr; -- int is_odd, ret = 0; -+ int is_odd, ret = 0, check, found = 0; - size_t primebytelen, primebitlen; - struct crypto_bignum *x_candidate = NULL, *rnd = NULL, *cofactor = NULL; -+ const struct crypto_bignum *prime; - - if (grp->pwe) - return -1; - -+ prime = crypto_ec_get_prime(grp->group); - cofactor = crypto_bignum_init(); - grp->pwe = crypto_ec_point_init(grp->group); -- if (!cofactor || !grp->pwe) { -+ tmp1 = crypto_bignum_init(); -+ pm1 = crypto_bignum_init(); -+ one = crypto_bignum_init_set((const u8 *) "\x01", 1); -+ if (!cofactor || !grp->pwe || !tmp1 || !pm1 || !one) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to create bignums"); - goto fail; - } -@@ -139,15 +146,36 @@ - "buffer"); - goto fail; - } -- os_memset(prfbuf, 0, primebytelen); -- ctr = 0; -- while (1) { -- if (ctr > 30) { -- wpa_printf(MSG_INFO, "EAP-pwd: unable to find random " -- "point on curve for group %d, something's " -- "fishy", num); -+ if (crypto_bignum_sub(prime, one, pm1) < 0) -+ goto fail; -+ -+ /* get a random quadratic residue and nonresidue */ -+ while (!qr || !qnr) { -+ int res; -+ -+ if (crypto_bignum_rand(tmp1, prime) < 0) - goto fail; -+ res = crypto_bignum_legendre(tmp1, prime); -+ if (!qr && res == 1) { -+ qr = tmp1; -+ tmp1 = crypto_bignum_init(); -+ } else if (!qnr && res == -1) { -+ qnr = tmp1; -+ tmp1 = crypto_bignum_init(); - } -+ if (!tmp1) -+ goto fail; -+ } -+ -+ os_memset(prfbuf, 0, primebytelen); -+ ctr = 0; -+ -+ /* -+ * Run through the hunting-and-pecking loop 40 times to mask the time -+ * necessary to find PWE. The odds of PWE not being found in 40 loops is -+ * roughly 1 in 1 trillion. -+ */ -+ while (ctr < 40) { - ctr++; - - /* -@@ -198,58 +226,118 @@ - x_candidate) < 0) - goto fail; - -- if (crypto_bignum_cmp(x_candidate, -- crypto_ec_get_prime(grp->group)) >= 0) -+ if (crypto_bignum_cmp(x_candidate, prime) >= 0) - continue; - - wpa_hexdump(MSG_DEBUG, "EAP-pwd: x_candidate", - prfbuf, primebytelen); - - /* -- * need to unambiguously identify the solution, if there is -- * one... -+ * compute y^2 using the equation of the curve -+ * -+ * y^2 = x^3 + ax + b -+ */ -+ tmp2 = crypto_ec_point_compute_y_sqr(grp->group, x_candidate); -+ if (!tmp2) -+ goto fail; -+ -+ /* -+ * mask tmp2 so doing legendre won't leak timing info -+ * -+ * tmp1 is a random number between 1 and p-1 - */ -- is_odd = crypto_bignum_is_odd(rnd); -+ if (crypto_bignum_rand(tmp1, pm1) < 0 || -+ crypto_bignum_mulmod(tmp2, tmp1, prime, tmp2) < 0 || -+ crypto_bignum_mulmod(tmp2, tmp1, prime, tmp2) < 0) -+ goto fail; - - /* -- * solve the quadratic equation, if it's not solvable then we -- * don't have a point -+ * Now tmp2 (y^2) is masked, all values between 1 and p-1 -+ * are equally probable. Multiplying by r^2 does not change -+ * whether or not tmp2 is a quadratic residue, just masks it. -+ * -+ * Flip a coin, multiply by the random quadratic residue or the -+ * random quadratic nonresidue and record heads or tails. - */ - if (crypto_ec_point_solve_y_coord(grp->group, grp->pwe, - x_candidate, is_odd) != 0) { - wpa_printf(MSG_INFO, "EAP-pwd: Could not solve for y"); - continue; - } -+ if (crypto_bignum_is_odd(tmp1)) { -+ crypto_bignum_mulmod(tmp2, qr, prime, tmp2); -+ check = 1; -+ } else { -+ crypto_bignum_mulmod(tmp2, qnr, prime, tmp2); -+ check = -1; -+ } -+ - /* -- * If there's a solution to the equation then the point must be -- * on the curve so why check again explicitly? OpenSSL code -- * says this is required by X9.62. We're not X9.62 but it can't -- * hurt just to be sure. -+ * Now it's safe to do legendre, if check is 1 then it's -+ * a straightforward test (multiplying by qr does not -+ * change result), if check is -1 then it's the opposite test -+ * (multiplying a qr by qnr would make a qnr). - */ -- if (!crypto_ec_point_is_on_curve(grp->group, grp->pwe)) { -- wpa_printf(MSG_INFO, "EAP-pwd: point is not on curve"); -- continue; -- } -- -- if (!crypto_bignum_is_one(cofactor)) { -- /* make sure the point is not in a small sub-group */ -- if (crypto_ec_point_mul(grp->group, grp->pwe, -- cofactor, grp->pwe) != 0) { -- wpa_printf(MSG_INFO, "EAP-pwd: cannot " -- "multiply generator by order"); -+ if (crypto_bignum_legendre(tmp2, prime) == check) { -+ if (found == 1) -+ continue; -+ -+ /* need to unambiguously identify the solution */ -+ is_odd = crypto_bignum_is_odd(rnd); -+ -+ /* -+ * We know x_candidate is a quadratic residue so set -+ * it here. -+ */ -+ if (crypto_ec_point_solve_y_coord(grp->group, grp->pwe, -+ x_candidate, -+ is_odd) != 0) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: Could not solve for y"); - continue; - } -- if (crypto_ec_point_is_at_infinity(grp->group, -- grp->pwe)) { -- wpa_printf(MSG_INFO, "EAP-pwd: point is at " -- "infinity"); -+ -+ /* -+ * If there's a solution to the equation then the point -+ * must be on the curve so why check again explicitly? -+ * OpenSSL code says this is required by X9.62. We're -+ * not X9.62 but it can't hurt just to be sure. -+ */ -+ if (!crypto_ec_point_is_on_curve(grp->group, -+ grp->pwe)) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: point is not on curve"); - continue; - } -+ -+ if (!crypto_bignum_is_one(cofactor)) { -+ /* make sure the point is not in a small -+ * sub-group */ -+ if (crypto_ec_point_mul(grp->group, grp->pwe, -+ cofactor, -+ grp->pwe) != 0) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: cannot multiply generator by order"); -+ continue; -+ } -+ if (crypto_ec_point_is_at_infinity(grp->group, -+ grp->pwe)) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: point is at infinity"); -+ continue; -+ } -+ } -+ wpa_printf(MSG_DEBUG, -+ "EAP-pwd: found a PWE in %d tries", ctr); -+ found = 1; - } -- /* if we got here then we have a new generator. */ -- break; - } -- wpa_printf(MSG_DEBUG, "EAP-pwd: found a PWE in %d tries", ctr); -+ if (found == 0) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: unable to find random point on curve for group %d, something's fishy", -+ num); -+ goto fail; -+ } - if (0) { - fail: - crypto_ec_point_deinit(grp->pwe, 1); -@@ -260,6 +348,12 @@ - crypto_bignum_deinit(cofactor, 1); - crypto_bignum_deinit(x_candidate, 1); - crypto_bignum_deinit(rnd, 1); -+ crypto_bignum_deinit(pm1, 0); -+ crypto_bignum_deinit(tmp1, 1); -+ crypto_bignum_deinit(tmp2, 1); -+ crypto_bignum_deinit(qr, 1); -+ crypto_bignum_deinit(qnr, 1); -+ crypto_bignum_deinit(one, 0); - os_free(prfbuf); - - return ret; diff --git a/CVE-2019-9495.patch b/CVE-2019-9495.patch deleted file mode 100644 index 17cd8fb5804e55dc88b9fe18561bfa332ddf0006..0000000000000000000000000000000000000000 --- a/CVE-2019-9495.patch +++ /dev/null @@ -1,296 +0,0 @@ -diff -Nur orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c ---- orig-wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c 2020-02-04 01:25:30.586304407 +0800 -+++ wpa_supplicant-2.6/src/eap_common/eap_pwd_common.c 2020-02-04 01:58:33.502654599 +0800 -@@ -8,11 +8,15 @@ - - #include "includes.h" - #include "common.h" -+#include "utils/const_time.h" - #include "crypto/sha256.h" - #include "crypto/crypto.h" - #include "eap_defs.h" - #include "eap_pwd_common.h" - -+#define MAX_ECC_PRIME_LEN 66 -+ -+ - /* The random function H(x) = HMAC-SHA256(0^32, x) */ - struct crypto_hash * eap_pwd_h_init(void) - { -@@ -99,7 +103,16 @@ - - return grp; - } --+ -+ -+ -+static void buf_shift_right(u8 *buf, size_t len, size_t bits) -+{ -+ size_t i; -+ for (i = len - 1; i > 0; i--) -+ buf[i] = (buf[i - 1] << (8 - bits)) | (buf[i] >> bits); -+ buf[0] >>= bits; -+} -+ - - /* - * compute a "random" secret point on an elliptic curve based -@@ -112,17 +125,27 @@ - const u8 *token) - { - struct crypto_bignum *qr = NULL, *qnr = NULL, *one = NULL; -+ struct crypto_bignum *qr_or_qnr = NULL; -+ u8 qr_bin[MAX_ECC_PRIME_LEN]; -+ u8 qnr_bin[MAX_ECC_PRIME_LEN]; -+ u8 qr_or_qnr_bin[MAX_ECC_PRIME_LEN]; -+ u8 x_bin[MAX_ECC_PRIME_LEN]; - struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL, *pm1 = NULL; - struct crypto_hash *hash; - unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr; -- int is_odd, ret = 0, check, found = 0; -- size_t primebytelen, primebitlen; -- struct crypto_bignum *x_candidate = NULL, *rnd = NULL, *cofactor = NULL; -+ int ret = 0, check, res; -+ u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* -+ * mask */ -+ size_t primebytelen = 0, primebitlen; -+ struct crypto_bignum *x_candidate = NULL, *cofactor = NULL; - const struct crypto_bignum *prime; -+ u8 mask, found_ctr = 0, is_odd = 0; - - if (grp->pwe) - return -1; - -+ os_memset(x_bin, 0, sizeof(x_bin)); -+ - prime = crypto_ec_get_prime(grp->group); - cofactor = crypto_bignum_init(); - grp->pwe = crypto_ec_point_init(grp->group); -@@ -151,8 +174,6 @@ - - /* get a random quadratic residue and nonresidue */ - while (!qr || !qnr) { -- int res; -- - if (crypto_bignum_rand(tmp1, prime) < 0) - goto fail; - res = crypto_bignum_legendre(tmp1, prime); -@@ -166,6 +187,11 @@ - if (!tmp1) - goto fail; - } -+ if (crypto_bignum_to_bin(qr, qr_bin, sizeof(qr_bin), -+ primebytelen) < 0 || -+ crypto_bignum_to_bin(qnr, qnr_bin, sizeof(qnr_bin), -+ primebytelen) < 0) -+ goto fail; - - os_memset(prfbuf, 0, primebytelen); - ctr = 0; -@@ -193,17 +219,16 @@ - eap_pwd_h_update(hash, &ctr, sizeof(ctr)); - eap_pwd_h_final(hash, pwe_digest); - -- crypto_bignum_deinit(rnd, 1); -- rnd = crypto_bignum_init_set(pwe_digest, SHA256_MAC_LEN); -- if (!rnd) { -- wpa_printf(MSG_INFO, "EAP-pwd: unable to create rnd"); -- goto fail; -- } -+ is_odd = const_time_select_u8( -+ found, is_odd, pwe_digest[SHA256_MAC_LEN - 1] & 0x01); - if (eap_pwd_kdf(pwe_digest, SHA256_MAC_LEN, - (u8 *) "EAP-pwd Hunting And Pecking", - os_strlen("EAP-pwd Hunting And Pecking"), - prfbuf, primebitlen) < 0) - goto fail; -+ if (primebitlen % 8) -+ buf_shift_right(prfbuf, primebytelen, -+ 8 - primebitlen % 8); - - crypto_bignum_deinit(x_candidate, 1); - x_candidate = crypto_bignum_init_set(prfbuf, primebytelen); -@@ -213,24 +238,13 @@ - goto fail; - } - -- /* -- * eap_pwd_kdf() returns a string of bits 0..primebitlen but -- * BN_bin2bn will treat that string of bits as a big endian -- * number. If the primebitlen is not an even multiple of 8 -- * then excessive bits-- those _after_ primebitlen-- so now -- * we have to shift right the amount we masked off. -- */ -- if ((primebitlen % 8) && -- crypto_bignum_rshift(x_candidate, -- (8 - (primebitlen % 8)), -- x_candidate) < 0) -- goto fail; -- - if (crypto_bignum_cmp(x_candidate, prime) >= 0) - continue; - -- wpa_hexdump(MSG_DEBUG, "EAP-pwd: x_candidate", -- prfbuf, primebytelen); -+ wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: x_candidate", -+ prfbuf, primebytelen); -+ const_time_select_bin(found, x_bin, prfbuf, primebytelen, -+ x_bin); - - /* - * compute y^2 using the equation of the curve -@@ -264,13 +278,15 @@ - wpa_printf(MSG_INFO, "EAP-pwd: Could not solve for y"); - continue; - } -- if (crypto_bignum_is_odd(tmp1)) { -- crypto_bignum_mulmod(tmp2, qr, prime, tmp2); -- check = 1; -- } else { -- crypto_bignum_mulmod(tmp2, qnr, prime, tmp2); -- check = -1; -- } -+ mask = const_time_eq_u8(crypto_bignum_is_odd(tmp1), 1); -+ check = const_time_select_s8(mask, 1, -1); -+ const_time_select_bin(mask, qr_bin, qnr_bin, primebytelen, -+ qr_or_qnr_bin); -+ crypto_bignum_deinit(qr_or_qnr, 1); -+ qr_or_qnr = crypto_bignum_init_set(qr_or_qnr_bin, primebytelen); -+ if (!qr_or_qnr || -+ crypto_bignum_mulmod(tmp2, qr_or_qnr, prime, tmp2) < 0) -+ goto fail; - - /* - * Now it's safe to do legendre, if check is 1 then it's -@@ -278,59 +294,12 @@ - * change result), if check is -1 then it's the opposite test - * (multiplying a qr by qnr would make a qnr). - */ -- if (crypto_bignum_legendre(tmp2, prime) == check) { -- if (found == 1) -- continue; -- -- /* need to unambiguously identify the solution */ -- is_odd = crypto_bignum_is_odd(rnd); -- -- /* -- * We know x_candidate is a quadratic residue so set -- * it here. -- */ -- if (crypto_ec_point_solve_y_coord(grp->group, grp->pwe, -- x_candidate, -- is_odd) != 0) { -- wpa_printf(MSG_INFO, -- "EAP-pwd: Could not solve for y"); -- continue; -- } -- -- /* -- * If there's a solution to the equation then the point -- * must be on the curve so why check again explicitly? -- * OpenSSL code says this is required by X9.62. We're -- * not X9.62 but it can't hurt just to be sure. -- */ -- if (!crypto_ec_point_is_on_curve(grp->group, -- grp->pwe)) { -- wpa_printf(MSG_INFO, -- "EAP-pwd: point is not on curve"); -- continue; -- } -- -- if (!crypto_bignum_is_one(cofactor)) { -- /* make sure the point is not in a small -- * sub-group */ -- if (crypto_ec_point_mul(grp->group, grp->pwe, -- cofactor, -- grp->pwe) != 0) { -- wpa_printf(MSG_INFO, -- "EAP-pwd: cannot multiply generator by order"); -- continue; -- } -- if (crypto_ec_point_is_at_infinity(grp->group, -- grp->pwe)) { -- wpa_printf(MSG_INFO, -- "EAP-pwd: point is at infinity"); -- continue; -- } -- } -- wpa_printf(MSG_DEBUG, -- "EAP-pwd: found a PWE in %d tries", ctr); -- found = 1; -- } -+ res = crypto_bignum_legendre(tmp2, prime); -+ if (res == -2) -+ goto fail; -+ mask = const_time_eq(res, check); -+ found_ctr = const_time_select_u8(found, found_ctr, ctr); -+ found |= mask; - } - if (found == 0) { - wpa_printf(MSG_INFO, -@@ -338,6 +307,44 @@ - num); - goto fail; - } -+ -+ /* -+ * We know x_candidate is a quadratic residue so set it here. -+ */ -+ crypto_bignum_deinit(x_candidate, 1); -+ x_candidate = crypto_bignum_init_set(x_bin, primebytelen); -+ if (!x_candidate || -+ crypto_ec_point_solve_y_coord(grp->group, grp->pwe, x_candidate, -+ is_odd) != 0) { -+ wpa_printf(MSG_INFO, "EAP-pwd: Could not solve for y"); -+ goto fail; -+ } -+ -+ /* -+ * If there's a solution to the equation then the point must be on the -+ * curve so why check again explicitly? OpenSSL code says this is -+ * required by X9.62. We're not X9.62 but it can't hurt just to be sure. -+ */ -+ if (!crypto_ec_point_is_on_curve(grp->group, grp->pwe)) { -+ wpa_printf(MSG_INFO, "EAP-pwd: point is not on curve"); -+ goto fail; -+ } -+ -+ if (!crypto_bignum_is_one(cofactor)) { -+ /* make sure the point is not in a small sub-group */ -+ if (crypto_ec_point_mul(grp->group, grp->pwe, cofactor, -+ grp->pwe) != 0) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: cannot multiply generator by order"); -+ goto fail; -+ } -+ if (crypto_ec_point_is_at_infinity(grp->group, grp->pwe)) { -+ wpa_printf(MSG_INFO, "EAP-pwd: point is at infinity"); -+ goto fail; -+ } -+ } -+ wpa_printf(MSG_DEBUG, "EAP-pwd: found a PWE in %02d tries", found_ctr); -+ - if (0) { - fail: - crypto_ec_point_deinit(grp->pwe, 1); -@@ -347,14 +354,18 @@ - /* cleanliness and order.... */ - crypto_bignum_deinit(cofactor, 1); - crypto_bignum_deinit(x_candidate, 1); -- crypto_bignum_deinit(rnd, 1); - crypto_bignum_deinit(pm1, 0); - crypto_bignum_deinit(tmp1, 1); - crypto_bignum_deinit(tmp2, 1); - crypto_bignum_deinit(qr, 1); - crypto_bignum_deinit(qnr, 1); -+ crypto_bignum_deinit(qr_or_qnr, 1); - crypto_bignum_deinit(one, 0); -- os_free(prfbuf); -+ bin_clear_free(prfbuf, primebytelen); -+ os_memset(qr_bin, 0, sizeof(qr_bin)); -+ os_memset(qnr_bin, 0, sizeof(qnr_bin)); -+ os_memset(qr_or_qnr_bin, 0, sizeof(qr_or_qnr_bin)); -+ os_memset(pwe_digest, 0, sizeof(pwe_digest)); - - return ret; - } diff --git a/CVE-2019-9496-SAE-Fix-confirm-message-validation-in-error-cases.patch b/CVE-2019-9496-SAE-Fix-confirm-message-validation-in-error-cases.patch deleted file mode 100644 index 6f0659c75bfc095a2ad39d6f85becf8837cd70f1..0000000000000000000000000000000000000000 --- a/CVE-2019-9496-SAE-Fix-confirm-message-validation-in-error-cases.patch +++ /dev/null @@ -1,57 +0,0 @@ -From ac8fa9ef198640086cf2ce7c94673be2b6a018a0 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Tue, 5 Mar 2019 23:43:25 +0200 -Subject: [PATCH 10/14] SAE: Fix confirm message validation in error cases - -Explicitly verify that own and peer commit scalar/element are available -when trying to check SAE confirm message. It could have been possible to -hit a NULL pointer dereference if the peer element could not have been -parsed. (CVE-2019-9496) - -Signed-off-by: Jouni Malinen ---- - src/common/sae.c | 14 +++++++++++--- - 1 file changed, 11 insertions(+), 3 deletions(-) - -diff --git a/src/common/sae.c b/src/common/sae.c -index eaf825d..5a50294 100644 ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -1487,23 +1487,31 @@ int sae_check_confirm(struct sae_data *sae, const u8 *data, size_t len) - - wpa_printf(MSG_DEBUG, "SAE: peer-send-confirm %u", WPA_GET_LE16(data)); - -- if (sae->tmp == NULL) { -+ if (!sae->tmp || !sae->peer_commit_scalar || -+ !sae->tmp->own_commit_scalar) { - wpa_printf(MSG_DEBUG, "SAE: Temporary data not yet available"); - return -1; - } - -- if (sae->tmp->ec) -+ if (sae->tmp->ec) { -+ if (!sae->tmp->peer_commit_element_ecc || -+ !sae->tmp->own_commit_element_ecc) -+ return -1; - sae_cn_confirm_ecc(sae, data, sae->peer_commit_scalar, - sae->tmp->peer_commit_element_ecc, - sae->tmp->own_commit_scalar, - sae->tmp->own_commit_element_ecc, - verifier); -- else -+ } else { -+ if (!sae->tmp->peer_commit_element_ffc || -+ !sae->tmp->own_commit_element_ffc) -+ return -1; - sae_cn_confirm_ffc(sae, data, sae->peer_commit_scalar, - sae->tmp->peer_commit_element_ffc, - sae->tmp->own_commit_scalar, - sae->tmp->own_commit_element_ffc, - verifier); -+ } - - if (os_memcmp_const(verifier, data + 2, SHA256_MAC_LEN) != 0) { - wpa_printf(MSG_DEBUG, "SAE: Confirm mismatch"); --- -2.7.4 - diff --git a/CVE-2019-9497.patch b/CVE-2019-9497.patch deleted file mode 100644 index 4e3e1c3c06feff7940f1a62c0b0e437ec2798c4e..0000000000000000000000000000000000000000 --- a/CVE-2019-9497.patch +++ /dev/null @@ -1,47 +0,0 @@ -From d63edfa90243e9a7de6ae5c275032f2cc79fef95 Mon Sep 17 00:00:00 2001 -From: Mathy Vanhoef -Date: Sun, 31 Mar 2019 17:26:01 +0200 -Subject: EAP-pwd server: Detect reflection attacks - -When processing an EAP-pwd Commit frame, verify that the peer's scalar -and elliptic curve element differ from the one sent by the server. This -prevents reflection attacks where the adversary reflects the scalar and -element sent by the server. (CVE-2019-9497) - -The vulnerability allows an adversary to complete the EAP-pwd handshake -as any user. However, the adversary does not learn the negotiated -session key, meaning the subsequent 4-way handshake would fail. As a -result, this cannot be abused to bypass authentication unless EAP-pwd is -used in non-WLAN cases without any following key exchange that would -require the attacker to learn the MSK. - -Signed-off-by: Mathy Vanhoef - -backport addr https://w1.fi/cgit/hostap/patch/?id=d63edfa90243e9a7de6ae5c275032f2cc79fef95 ---- - src/eap_server/eap_server_pwd.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c -index 64bf708..cb5f682 100644 ---- a/src/eap_server/eap_server_pwd.c -+++ b/src/eap_server/eap_server_pwd.c -@@ -725,6 +725,15 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - } - } - -+ /* detect reflection attacks */ -+ if (crypto_bignum_cmp(data->my_scalar, data->peer_scalar) == 0 || -+ crypto_ec_point_cmp(data->grp->group, data->my_element, -+ data->peer_element) == 0) { -+ wpa_printf(MSG_INFO, -+ "EAP-PWD (server): detected reflection attack!"); -+ goto fin; -+ } -+ - /* compute the shared key, k */ - if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe, - data->peer_scalar, data->bnctx)) || --- -2.19.1 - diff --git a/CVE-2019-9498-and-CVE-2019-9499.patch b/CVE-2019-9498-and-CVE-2019-9499.patch deleted file mode 100644 index 4929792ba63ab31fbffb2642aab22d172a3b6b9a..0000000000000000000000000000000000000000 --- a/CVE-2019-9498-and-CVE-2019-9499.patch +++ /dev/null @@ -1,258 +0,0 @@ -From 16d4f1069118aa19bfce013493e1ac5783f92f1d Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Fri, 5 Apr 2019 02:12:50 +0300 -Subject: EAP-pwd: Check element x,y coordinates explicitly - -This adds an explicit check for 0 < x,y < prime based on RFC 5931, -2.8.5.2.2 requirement. The earlier checks might have covered this -implicitly, but it is safer to avoid any dependency on implicit checks -and specific crypto library behavior. (CVE-2019-9498 and CVE-2019-9499) - -Furthermore, this moves the EAP-pwd element and scalar parsing and -validation steps into shared helper functions so that there is no need -to maintain two separate copies of this common functionality between the -server and peer implementations. - -Signed-off-by: Jouni Malinen -backport addr https://w1.fi/cgit/hostap/patch/?id=16d4f1069118aa19bfce013493e1ac5783f92f1d - https://w1.fi/cgit/hostap/patch/?id=70ff850e89fbc8bc7da515321b4d15b5eef70581 - https://w1.fi/cgit/hostap/patch/?id=8ad8585f91823ddcc3728155e288e0f9f872e31a ---- - src/eap_common/eap_pwd_common.c | 106 ++++++++++++++++++++++++++++++++ - src/eap_common/eap_pwd_common.h | 3 + - src/eap_peer/eap_pwd.c | 19 +----- - src/eap_server/eap_server_pwd.c | 19 +----- - 4 files changed, 111 insertions(+), 36 deletions(-) - -diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c -index 67f8f70..ef47db1 100644 ---- a/src/eap_common/eap_pwd_common.c -+++ b/src/eap_common/eap_pwd_common.c -@@ -365,3 +365,109 @@ int compute_keys(EAP_PWD_group *grp, BN_CTX *bnctx, const BIGNUM *k, - - return 1; - } -+ -+ -+static int eap_pwd_element_coord_ok(const struct crypto_bignum *prime, -+ const u8 *buf, size_t len) -+{ -+ struct crypto_bignum *val; -+ int ok = 1; -+ -+ val = crypto_bignum_init_set(buf, len); -+ if (!val || crypto_bignum_is_zero(val) || -+ crypto_bignum_cmp(val, prime) >= 0) -+ ok = 0; -+ crypto_bignum_deinit(val, 0); -+ return ok; -+} -+ -+ -+struct crypto_ec_point * eap_pwd_get_element(EAP_PWD_group *group, -+ const u8 *buf) -+{ -+ struct crypto_ec_point *element; -+ const struct crypto_bignum *prime; -+ size_t prime_len; -+ struct crypto_bignum *cofactor = NULL; -+ -+ prime = crypto_ec_get_prime(group->group); -+ prime_len = crypto_ec_prime_len(group->group); -+ -+ /* RFC 5931, 2.8.5.2.2: 0 < x,y < p */ -+ if (!eap_pwd_element_coord_ok(prime, buf, prime_len) || -+ !eap_pwd_element_coord_ok(prime, buf + prime_len, prime_len)) { -+ wpa_printf(MSG_INFO, "EAP-pwd: Invalid coordinate in element"); -+ return NULL; -+ } -+ -+ element = crypto_ec_point_from_bin(group->group, buf); -+ if (!element) { -+ wpa_printf(MSG_INFO, "EAP-pwd: EC point from element failed"); -+ return NULL; -+ } -+ -+ /* RFC 5931, 2.8.5.2.2: on curve and not the point at infinity */ -+ if (!crypto_ec_point_is_on_curve(group->group, element) || -+ crypto_ec_point_is_at_infinity(group->group, element)) { -+ wpa_printf(MSG_INFO, "EAP-pwd: Invalid element"); -+ goto fail; -+ } -+ -+ cofactor = crypto_bignum_init(); -+ if (!cofactor || crypto_ec_cofactor(group->group, cofactor) < 0) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: Unable to get cofactor for curve"); -+ goto fail; -+ } -+ -+ if (!crypto_bignum_is_one(cofactor)) { -+ struct crypto_ec_point *point; -+ int ok = 1; -+ -+ /* check to ensure peer's element is not in a small sub-group */ -+ point = crypto_ec_point_init(group->group); -+ if (!point || -+ crypto_ec_point_mul(group->group, element, -+ cofactor, point) != 0 || -+ crypto_ec_point_is_at_infinity(group->group, point)) -+ ok = 0; -+ crypto_ec_point_deinit(point, 0); -+ -+ if (!ok) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: Small sub-group check on peer element failed"); -+ goto fail; -+ } -+ } -+ -+out: -+ crypto_bignum_deinit(cofactor, 0); -+ return element; -+fail: -+ crypto_ec_point_deinit(element, 0); -+ element = NULL; -+ goto out; -+} -+ -+ -+struct crypto_bignum * eap_pwd_get_scalar(EAP_PWD_group *group, const u8 *buf) -+{ -+ struct crypto_bignum *scalar; -+ const struct crypto_bignum *order; -+ size_t order_len; -+ -+ order = crypto_ec_get_order(group->group); -+ order_len = crypto_ec_order_len(group->group); -+ -+ /* RFC 5931, 2.8.5.2: 1 < scalar < r */ -+ scalar = crypto_bignum_init_set(buf, order_len); -+ if (!scalar || crypto_bignum_is_zero(scalar) || -+ crypto_bignum_is_one(scalar) || -+ crypto_bignum_cmp(scalar, order) >= 0) { -+ wpa_printf(MSG_INFO, "EAP-pwd: received scalar is invalid"); -+ crypto_bignum_deinit(scalar, 0); -+ scalar = NULL; -+ } -+ -+ return scalar; -+} -diff --git a/src/eap_common/eap_pwd_common.h b/src/eap_common/eap_pwd_common.h -index a0d717e..01f43eb 100644 ---- a/src/eap_common/eap_pwd_common.h -+++ b/src/eap_common/eap_pwd_common.h -@@ -68,5 +68,8 @@ int compute_keys(EAP_PWD_group *grp, BN_CTX *bnctx, const BIGNUM *k, - struct crypto_hash * eap_pwd_h_init(void); - void eap_pwd_h_update(struct crypto_hash *hash, const u8 *data, size_t len); - void eap_pwd_h_final(struct crypto_hash *hash, u8 *digest); -+struct crypto_ec_point * eap_pwd_get_element(EAP_PWD_group *group, -+ const u8 *buf); -+struct crypto_bignum * eap_pwd_get_scalar(EAP_PWD_group *group, const u8 *buf); - - #endif /* EAP_PWD_COMMON_H */ -diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c -index d2bc981..bbe9b40 100644 ---- a/src/eap_peer/eap_pwd.c -+++ b/src/eap_peer/eap_pwd.c -@@ -358,7 +358,7 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, - const struct wpabuf *reqData, - const u8 *payload, size_t payload_len) - { -- EC_POINT *K = NULL, *point = NULL; -+ EC_POINT *K = NULL; - BIGNUM *mask = NULL, *x = NULL, *y = NULL, *cofactor = NULL; - u16 offset; - u8 *ptr, *scalar = NULL, *element = NULL; -@@ -429,7 +429,6 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, - if (((data->server_scalar = BN_new()) == NULL) || - ((data->k = BN_new()) == NULL) || - ((K = EC_POINT_new(data->grp->group)) == NULL) || -- ((point = EC_POINT_new(data->grp->group)) == NULL) || - ((data->server_element = EC_POINT_new(data->grp->group)) == NULL)) - { - wpa_printf(MSG_INFO, "EAP-PWD (peer): peer data allocation " -@@ -452,21 +451,6 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, - goto fin; - } - -- /* check to ensure server's element is not in a small sub-group */ -- if (BN_cmp(cofactor, BN_value_one())) { -- if (!EC_POINT_mul(data->grp->group, point, NULL, -- data->server_element, cofactor, NULL)) { -- wpa_printf(MSG_INFO, "EAP-PWD (peer): cannot multiply " -- "server element by order!\n"); -- goto fin; -- } -- if (EC_POINT_is_at_infinity(data->grp->group, point)) { -- wpa_printf(MSG_INFO, "EAP-PWD (peer): server element " -- "is at infinity!\n"); -- goto fin; -- } -- } -- - /* compute the shared key, k */ - if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe, - data->server_scalar, data->bnctx)) || -@@ -557,7 +541,6 @@ fin: - BN_clear_free(mask); - BN_clear_free(cofactor); - EC_POINT_clear_free(K); -- EC_POINT_clear_free(point); - if (data->outbuf == NULL) - eap_pwd_state(data, FAILURE); - else -diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c -index cb5f682..275bdf8 100644 ---- a/src/eap_server/eap_server_pwd.c -+++ b/src/eap_server/eap_server_pwd.c -@@ -659,7 +659,7 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - { - u8 *ptr; - BIGNUM *x = NULL, *y = NULL, *cofactor = NULL; -- EC_POINT *K = NULL, *point = NULL; -+ EC_POINT *K = NULL; - int res = 0; - size_t prime_len, order_len; - -@@ -681,7 +681,6 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - ((cofactor = BN_new()) == NULL) || - ((x = BN_new()) == NULL) || - ((y = BN_new()) == NULL) || -- ((point = EC_POINT_new(data->grp->group)) == NULL) || - ((K = EC_POINT_new(data->grp->group)) == NULL) || - ((data->peer_element = EC_POINT_new(data->grp->group)) == NULL)) { - wpa_printf(MSG_INFO, "EAP-PWD (server): peer data allocation " -@@ -710,21 +709,6 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - goto fin; - } - -- /* check to ensure peer's element is not in a small sub-group */ -- if (BN_cmp(cofactor, BN_value_one())) { -- if (!EC_POINT_mul(data->grp->group, point, NULL, -- data->peer_element, cofactor, NULL)) { -- wpa_printf(MSG_INFO, "EAP-PWD (server): cannot " -- "multiply peer element by order"); -- goto fin; -- } -- if (EC_POINT_is_at_infinity(data->grp->group, point)) { -- wpa_printf(MSG_INFO, "EAP-PWD (server): peer element " -- "is at infinity!\n"); -- goto fin; -- } -- } -- - /* detect reflection attacks */ - if (crypto_bignum_cmp(data->my_scalar, data->peer_scalar) == 0 || - crypto_ec_point_cmp(data->grp->group, data->my_element, -@@ -777,7 +761,6 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - - fin: - EC_POINT_clear_free(K); -- EC_POINT_clear_free(point); - BN_clear_free(cofactor); - BN_clear_free(x); - BN_clear_free(y); --- -2.19.1 - diff --git a/CVE-2019-9499.patch b/CVE-2019-9499.patch deleted file mode 100644 index 6d4e2d899e3bd8a4f2809b8778fe414099e11e33..0000000000000000000000000000000000000000 --- a/CVE-2019-9499.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff -Nur orig-wpa_supplicant-2.6/src/eap_peer/eap_pwd.c wpa_supplicant-2.6/src/eap_peer/eap_pwd.c ---- orig-wpa_supplicant-2.6/src/eap_peer/eap_pwd.c 2020-02-03 19:32:18.847432926 +0800 -+++ wpa_supplicant-2.6/src/eap_peer/eap_pwd.c 2020-02-03 19:33:32.688400551 +0800 -@@ -451,6 +451,26 @@ - goto fin; - } - -+ /* verify received scalar */ -+ if (crypto_bignum_is_zero(data->server_scalar) || -+ crypto_bignum_is_one(data->server_scalar) || -+ crypto_bignum_cmp(data->server_scalar, -+ crypto_ec_get_order(data->grp->group)) >= 0) { -+ wpa_printf(MSG_INFO, -+ "EAP-PWD (peer): received scalar is invalid"); -+ goto fin; -+ } -+ -+ /* verify received element */ -+ if (!crypto_ec_point_is_on_curve(data->grp->group, -+ data->server_element) || -+ crypto_ec_point_is_at_infinity(data->grp->group, -+ data->server_element)) { -+ wpa_printf(MSG_INFO, -+ "EAP-PWD (peer): received element is invalid"); -+ goto fin; -+ } -+ - /* compute the shared key, k */ - if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe, - data->server_scalar, data->bnctx)) || diff --git a/CVE-2021-0326.patch b/CVE-2021-0326.patch deleted file mode 100644 index 83f3830af0c490e9a2b84ee4b76e5805ff5cad0a..0000000000000000000000000000000000000000 --- a/CVE-2021-0326.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 947272febe24a8f0ea828b5b2f35f13c3821901e Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Mon, 9 Nov 2020 11:43:12 +0200 -Subject: [PATCH] P2P: Fix copying of secondary device types for P2P group - client - -Parsing and copying of WPS secondary device types list was verifying -that the contents is not too long for the internal maximum in the case -of WPS messages, but similar validation was missing from the case of P2P -group information which encodes this information in a different -attribute. This could result in writing beyond the memory area assigned -for these entries and corrupting memory within an instance of struct -p2p_device. This could result in invalid operations and unexpected -behavior when trying to free pointers from that corrupted memory. - -Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27269 -Fixes: e57ae6e19edf ("P2P: Keep track of secondary device types for peers") -Signed-off-by: Jouni Malinen ---- - src/p2p/p2p.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c -index 74b7b52..5cbfc21 100644 ---- a/src/p2p/p2p.c -+++ b/src/p2p/p2p.c -@@ -453,6 +453,8 @@ static void p2p_copy_client_info(struct p2p_device *dev, - dev->info.config_methods = cli->config_methods; - os_memcpy(dev->info.pri_dev_type, cli->pri_dev_type, 8); - dev->info.wps_sec_dev_type_list_len = 8 * cli->num_sec_dev_types; -+ if (dev->info.wps_sec_dev_type_list_len > WPS_SEC_DEV_TYPE_MAX_LEN) -+ dev->info.wps_sec_dev_type_list_len = WPS_SEC_DEV_TYPE_MAX_LEN; - os_memcpy(dev->info.wps_sec_dev_type_list, cli->sec_dev_types, - dev->info.wps_sec_dev_type_list_len); - } --- -1.8.3.1 - diff --git a/CVE-2021-27803.patch b/CVE-2021-27803.patch deleted file mode 100644 index 5bc319a8748839822985a32c256bf2ff9048cf4a..0000000000000000000000000000000000000000 --- a/CVE-2021-27803.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 8460e3230988ef2ec13ce6b69b687e941f6cdb32 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Tue, 8 Dec 2020 23:52:50 +0200 -Subject: P2P: Fix a corner case in peer addition based on PD Request - -p2p_add_device() may remove the oldest entry if there is no room in the -peer table for a new peer. This would result in any pointer to that -removed entry becoming stale. A corner case with an invalid PD Request -frame could result in such a case ending up using (read+write) freed -memory. This could only by triggered when the peer table has reached its -maximum size and the PD Request frame is received from the P2P Device -Address of the oldest remaining entry and the frame has incorrect P2P -Device Address in the payload. - -Fix this by fetching the dev pointer again after having called -p2p_add_device() so that the stale pointer cannot be used. - -Fixes: 17bef1e97a50 ("P2P: Add peer entry based on Provision Discovery Request") -Signed-off-by: Jouni Malinen ---- - src/p2p/p2p_pd.c | 12 +++++------- - 1 file changed, 5 insertions(+), 7 deletions(-) - -diff --git a/src/p2p/p2p_pd.c b/src/p2p/p2p_pd.c -index 3994ec0..05fd593 100644 ---- a/src/p2p/p2p_pd.c -+++ b/src/p2p/p2p_pd.c -@@ -595,14 +595,12 @@ void p2p_process_prov_disc_req(struct p2p_data *p2p, const u8 *sa, - goto out; - } - -+ dev = p2p_get_device(p2p, sa); - if (!dev) { -- dev = p2p_get_device(p2p, sa); -- if (!dev) { -- p2p_dbg(p2p, -- "Provision Discovery device not found " -- MACSTR, MAC2STR(sa)); -- goto out; -- } -+ p2p_dbg(p2p, -+ "Provision Discovery device not found " -+ MACSTR, MAC2STR(sa)); -+ goto out; - } - } else if (msg.wfd_subelems) { - wpabuf_free(dev->info.wfd_subelems); --- -cgit v0.12 - diff --git a/add-options-of-wpa_supplicant-service.patch b/add-options-of-wpa_supplicant-service.patch deleted file mode 100644 index 08b53909c88ab91cf155eaee4f091b40826678bb..0000000000000000000000000000000000000000 --- a/add-options-of-wpa_supplicant-service.patch +++ /dev/null @@ -1,42 +0,0 @@ -From edb7c242b5177f13ff4f57f61257838e80fb48ed Mon Sep 17 00:00:00 2001 -From: guoxiaoqi -Date: Tue, 31 Dec 2019 15:52:23 +0800 -Subject: [PATCH] add options of wpa_supplicant.service - -Signed-off-by: guoxiaoqi ---- - wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in | 5 ++++- - wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in | 5 ++++- - 2 files changed, 8 insertions(+), 2 deletions(-) - -diff --git a/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in b/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in -index a75918f..19b4d79 100644 ---- a/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in -+++ b/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in -@@ -1,5 +1,8 @@ - [D-BUS Service] - Name=fi.epitest.hostap.WPASupplicant --Exec=@BINDIR@/wpa_supplicant -u -+Environment=DEBUG_LOGGER=/var/log/wpa_supplicant.log -+Environment=DEBUG_CONF=/etc/wpa_supplicant/wpa_supplicant.conf -+Environment=PID_FILE=/var/run/wpa_supplicant.pid -+Exec=@BINDIR@/wpa_supplicant -u -f ${DEBUG_LOGGER} -c ${DEBUG_CONF} -P ${PID_FILE} - User=root - SystemdService=wpa_supplicant.service -diff --git a/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in b/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in -index d97ff39..fd1e10b 100644 ---- a/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in -+++ b/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in -@@ -1,5 +1,8 @@ - [D-BUS Service] - Name=fi.w1.wpa_supplicant1 --Exec=@BINDIR@/wpa_supplicant -u -+Environment=DEBUG_LOGGER=/var/log/wpa_supplicant.log -+Environment=DEBUG_CONF=/etc/wpa_supplicant/wpa_supplicant.conf -+Environment=PID_FILE=/var/run/wpa_supplicant.pid -+Exec=@BINDIR@/wpa_supplicant -u -f ${DEBUG_LOGGER} -c ${DEBUG_CONF} -P ${PID_FILE} - User=root - SystemdService=wpa_supplicant.service --- -1.8.3.1 - diff --git a/backport-0001-CVE-2022-23303-CVE-2022-23304.patch b/backport-0001-CVE-2022-23303-CVE-2022-23304.patch deleted file mode 100644 index 4dd3b0d2cff4908840566519bc0e94c2258543c9..0000000000000000000000000000000000000000 --- a/backport-0001-CVE-2022-23303-CVE-2022-23304.patch +++ /dev/null @@ -1,318 +0,0 @@ -From 208e5687ff2e48622e28d8888ce5444a54353bbd Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Tue, 27 Aug 2019 16:33:15 +0300 -Subject: [PATCH 1/4] crypto: Add more bignum/EC helper functions - -These are needed for implementing SAE hash-to-element. - -Signed-off-by: Jouni Malinen ---- - src/crypto/crypto.h | 45 ++++++++++++++++++++++ - src/crypto/crypto_openssl.c | 94 +++++++++++++++++++++++++++++++++++++++++++++ - src/crypto/crypto_wolfssl.c | 66 +++++++++++++++++++++++++++++++ - 3 files changed, 205 insertions(+) - -diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h -index bdc3ba6..0bc9df4 100644 ---- a/src/crypto/crypto.h -+++ b/src/crypto/crypto.h -@@ -508,6 +508,13 @@ struct crypto_bignum * crypto_bignum_init(void); - struct crypto_bignum * crypto_bignum_init_set(const u8 *buf, size_t len); - - /** -+ * crypto_bignum_init_set - Allocate memory for bignum and set the value (uint) -+ * @val: Value to set -+ * Returns: Pointer to allocated bignum or %NULL on failure -+ */ -+struct crypto_bignum * crypto_bignum_init_uint(unsigned int val); -+ -+/** - * crypto_bignum_deinit - Free bignum - * @n: Bignum from crypto_bignum_init() or crypto_bignum_init_set() - * @clear: Whether to clear the value from memory -@@ -594,6 +601,19 @@ int crypto_bignum_div(const struct crypto_bignum *a, - struct crypto_bignum *c); - - /** -+ * crypto_bignum_addmod - d = a + b (mod c) -+ * @a: Bignum -+ * @b: Bignum -+ * @c: Bignum -+ * @d: Bignum; used to store the result of (a + b) % c -+ * Returns: 0 on success, -1 on failure -+ */ -+int crypto_bignum_addmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ const struct crypto_bignum *c, -+ struct crypto_bignum *d); -+ -+/** - * crypto_bignum_mulmod - d = a * b (mod c) - * @a: Bignum - * @b: Bignum -@@ -607,6 +627,28 @@ int crypto_bignum_mulmod(const struct crypto_bignum *a, - struct crypto_bignum *d); - - /** -+ * crypto_bignum_sqrmod - c = a^2 (mod b) -+ * @a: Bignum -+ * @b: Bignum -+ * @c: Bignum; used to store the result of a^2 % b -+ * Returns: 0 on success, -1 on failure -+ */ -+int crypto_bignum_sqrmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ struct crypto_bignum *c); -+ -+/** -+ * crypto_bignum_sqrtmod - returns sqrt(a) (mod b) -+ * @a: Bignum -+ * @b: Bignum -+ * @c: Bignum; used to store the result -+ * Returns: 0 on success, -1 on failure -+ */ -+int crypto_bignum_sqrtmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ struct crypto_bignum *c); -+ -+/** - * crypto_bignum_cmp - Compare two bignums - * @a: Bignum - * @b: Bignum -@@ -695,6 +737,9 @@ const struct crypto_bignum * crypto_ec_get_prime(struct crypto_ec *e); - */ - const struct crypto_bignum * crypto_ec_get_order(struct crypto_ec *e); - -+const struct crypto_bignum * crypto_ec_get_a(struct crypto_ec *e); -+const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e); -+ - /** - * struct crypto_ec_point - Elliptic curve point - * -diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c -index 00b61b9..80867b6 100644 ---- a/src/crypto/crypto_openssl.c -+++ b/src/crypto/crypto_openssl.c -@@ -1117,6 +1117,24 @@ struct crypto_bignum * crypto_bignum_init_set(const u8 *buf, size_t len) - } - - -+struct crypto_bignum * crypto_bignum_init_uint(unsigned int val) -+{ -+ BIGNUM *bn; -+ -+ if (TEST_FAIL()) -+ return NULL; -+ -+ bn = BN_new(); -+ if (!bn) -+ return NULL; -+ if (BN_set_word(bn, val) != 1) { -+ BN_free(bn); -+ return NULL; -+ } -+ return (struct crypto_bignum *) bn; -+} -+ -+ - void crypto_bignum_deinit(struct crypto_bignum *n, int clear) - { - if (clear) -@@ -1278,6 +1296,28 @@ int crypto_bignum_div(const struct crypto_bignum *a, - } - - -+int crypto_bignum_addmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ const struct crypto_bignum *c, -+ struct crypto_bignum *d) -+{ -+ int res; -+ BN_CTX *bnctx; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ bnctx = BN_CTX_new(); -+ if (!bnctx) -+ return -1; -+ res = BN_mod_add((BIGNUM *) d, (const BIGNUM *) a, (const BIGNUM *) b, -+ (const BIGNUM *) c, bnctx); -+ BN_CTX_free(bnctx); -+ -+ return res ? 0 : -1; -+} -+ -+ - int crypto_bignum_mulmod(const struct crypto_bignum *a, - const struct crypto_bignum *b, - const struct crypto_bignum *c, -@@ -1301,6 +1341,48 @@ int crypto_bignum_mulmod(const struct crypto_bignum *a, - } - - -+int crypto_bignum_sqrmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ struct crypto_bignum *c) -+{ -+ int res; -+ BN_CTX *bnctx; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ bnctx = BN_CTX_new(); -+ if (!bnctx) -+ return -1; -+ res = BN_mod_sqr((BIGNUM *) c, (const BIGNUM *) a, (const BIGNUM *) b, -+ bnctx); -+ BN_CTX_free(bnctx); -+ -+ return res ? 0 : -1; -+} -+ -+ -+int crypto_bignum_sqrtmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ struct crypto_bignum *c) -+{ -+ BN_CTX *bnctx; -+ BIGNUM *res; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ bnctx = BN_CTX_new(); -+ if (!bnctx) -+ return -1; -+ res = BN_mod_sqrt((BIGNUM *) c, (const BIGNUM *) a, (const BIGNUM *) b, -+ bnctx); -+ BN_CTX_free(bnctx); -+ -+ return res ? 0 : -1; -+} -+ -+ - int crypto_bignum_cmp(const struct crypto_bignum *a, - const struct crypto_bignum *b) - { -@@ -1494,6 +1576,18 @@ const struct crypto_bignum * crypto_ec_get_order(struct crypto_ec *e) - } - - -+const struct crypto_bignum * crypto_ec_get_a(struct crypto_ec *e) -+{ -+ return (const struct crypto_bignum *) e->a; -+} -+ -+ -+const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e) -+{ -+ return (const struct crypto_bignum *) e->b; -+} -+ -+ - void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear) - { - if (clear) -diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c -index 90163c4..683c553 100644 ---- a/src/crypto/crypto_wolfssl.c -+++ b/src/crypto/crypto_wolfssl.c -@@ -1043,6 +1043,26 @@ struct crypto_bignum * crypto_bignum_init_set(const u8 *buf, size_t len) - } - - -+struct crypto_bignum * crypto_bignum_init_uint(unsigned int val) -+{ -+ mp_int *a; -+ -+ if (TEST_FAIL()) -+ return NULL; -+ -+ a = (mp_int *) crypto_bignum_init(); -+ if (!a) -+ return NULL; -+ -+ if (mp_set_int(a, val) != MP_OKAY) { -+ os_free(a); -+ a = NULL; -+ } -+ -+ return (struct crypto_bignum *) a; -+} -+ -+ - void crypto_bignum_deinit(struct crypto_bignum *n, int clear) - { - if (!n) -@@ -1167,6 +1187,19 @@ int crypto_bignum_div(const struct crypto_bignum *a, - } - - -+int crypto_bignum_addmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ const struct crypto_bignum *c, -+ struct crypto_bignum *d) -+{ -+ if (TEST_FAIL()) -+ return -1; -+ -+ return mp_addmod((mp_int *) a, (mp_int *) b, (mp_int *) c, -+ (mp_int *) d) == MP_OKAY ? 0 : -1; -+} -+ -+ - int crypto_bignum_mulmod(const struct crypto_bignum *a, - const struct crypto_bignum *b, - const struct crypto_bignum *m, -@@ -1180,6 +1213,27 @@ int crypto_bignum_mulmod(const struct crypto_bignum *a, - } - - -+int crypto_bignum_sqrmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ struct crypto_bignum *c) -+{ -+ if (TEST_FAIL()) -+ return -1; -+ -+ return mp_sqrmod((mp_int *) a, (mp_int *) b, -+ (mp_int *) c) == MP_OKAY ? 0 : -1; -+} -+ -+ -+int crypto_bignum_sqrtmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ struct crypto_bignum *c) -+{ -+ /* TODO */ -+ return -1; -+} -+ -+ - int crypto_bignum_rshift(const struct crypto_bignum *a, int n, - struct crypto_bignum *r) - { -@@ -1401,6 +1455,18 @@ const struct crypto_bignum * crypto_ec_get_order(struct crypto_ec *e) - } - - -+const struct crypto_bignum * crypto_ec_get_a(struct crypto_ec *e) -+{ -+ return (const struct crypto_bignum *) &e->a; -+} -+ -+ -+const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e) -+{ -+ return (const struct crypto_bignum *) &e->b; -+} -+ -+ - void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear) - { - ecc_point *point = (ecc_point *) p; --- -1.8.3.1 - diff --git a/backport-0002-CVE-2022-23303-CVE-2022-23304.patch b/backport-0002-CVE-2022-23303-CVE-2022-23304.patch deleted file mode 100644 index c3a1e3d14321cfd693bef76fa6f225c4ed9e31c7..0000000000000000000000000000000000000000 --- a/backport-0002-CVE-2022-23303-CVE-2022-23304.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 2232d3d5f188b65dbb6c823ac62175412739eb16 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Fri, 7 Jan 2022 13:47:16 +0200 -Subject: [PATCH 2/4] dragonfly: Add sqrt() helper function - -This is a backport of "SAE: Move sqrt() implementation into a helper -function" to introduce the helper function needed for the following -patches. - -Signed-off-by: Jouni Malinen ---- - src/common/dragonfly.c | 34 ++++++++++++++++++++++++++++++++++ - src/common/dragonfly.h | 3 +++ - 2 files changed, 37 insertions(+) - -diff --git a/src/common/dragonfly.c b/src/common/dragonfly.c -index 1e80404..7dcc6de 100644 ---- a/src/common/dragonfly.c -+++ b/src/common/dragonfly.c -@@ -25,3 +25,37 @@ int dragonfly_suitable_group(int group, int ecc_only) - (!ecc_only && - (group == 15 || group == 16 || group == 17 || group == 18)); - } -+ -+ -+/* res = sqrt(val) */ -+int dragonfly_sqrt(struct crypto_ec *ec, const struct crypto_bignum *val, -+ struct crypto_bignum *res) -+{ -+ const struct crypto_bignum *prime; -+ struct crypto_bignum *tmp, *one; -+ int ret = 0; -+ u8 prime_bin[DRAGONFLY_MAX_ECC_PRIME_LEN]; -+ size_t prime_len; -+ -+ /* For prime p such that p = 3 mod 4, sqrt(w) = w^((p+1)/4) mod p */ -+ -+ prime = crypto_ec_get_prime(ec); -+ prime_len = crypto_ec_prime_len(ec); -+ tmp = crypto_bignum_init(); -+ one = crypto_bignum_init_uint(1); -+ -+ if (crypto_bignum_to_bin(prime, prime_bin, sizeof(prime_bin), -+ prime_len) < 0 || -+ (prime_bin[prime_len - 1] & 0x03) != 3 || -+ !tmp || !one || -+ /* tmp = (p+1)/4 */ -+ crypto_bignum_add(prime, one, tmp) < 0 || -+ crypto_bignum_rshift(tmp, 2, tmp) < 0 || -+ /* res = sqrt(val) */ -+ crypto_bignum_exptmod(val, tmp, prime, res) < 0) -+ ret = -1; -+ -+ crypto_bignum_deinit(tmp, 0); -+ crypto_bignum_deinit(one, 0); -+ return ret; -+} -diff --git a/src/common/dragonfly.h b/src/common/dragonfly.h -index 9f3c428..f0f49d0 100644 ---- a/src/common/dragonfly.h -+++ b/src/common/dragonfly.h -@@ -12,4 +12,7 @@ - - int dragonfly_suitable_group(int group, int ecc_only); - -+int dragonfly_sqrt(struct crypto_ec *ec, const struct crypto_bignum *val, -+ struct crypto_bignum *res); -+ - #endif /* DRAGONFLY_H */ --- -1.8.3.1 - diff --git a/backport-0003-CVE-2022-23303-CVE-2022-23304.patch b/backport-0003-CVE-2022-23303-CVE-2022-23304.patch deleted file mode 100644 index 4f703cce794082f03b69b7e0f9a9a275e9a0c983..0000000000000000000000000000000000000000 --- a/backport-0003-CVE-2022-23303-CVE-2022-23304.patch +++ /dev/null @@ -1,100 +0,0 @@ -From fe534b0baaa8c0e6ddeb24cf529d6e50e33dc501 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Fri, 7 Jan 2022 13:47:16 +0200 -Subject: [PATCH 3/4] SAE: Derive the y coordinate for PWE with own - implementation - -The crypto_ec_point_solve_y_coord() wrapper function might not use -constant time operations in the crypto library and as such, could leak -side channel information about the password that is used to generate the -PWE in the hunting and pecking loop. As such, calculate the two possible -y coordinate values and pick the correct one to use with constant time -selection. - -Signed-off-by: Jouni Malinen ---- - src/common/sae.c | 47 +++++++++++++++++++++++++++++++++-------------- - 1 file changed, 33 insertions(+), 14 deletions(-) - -diff --git a/src/common/sae.c b/src/common/sae.c -index b35821d..c168bf1 100644 ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -459,15 +459,17 @@ static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1, - int pwd_seed_odd = 0; - u8 prime[SAE_MAX_ECC_PRIME_LEN]; - size_t prime_len; -- struct crypto_bignum *x = NULL, *qr = NULL, *qnr = NULL; -+ struct crypto_bignum *x = NULL, *y = NULL, *qr = NULL, *qnr = NULL; - u8 x_bin[SAE_MAX_ECC_PRIME_LEN]; - u8 x_cand_bin[SAE_MAX_ECC_PRIME_LEN]; - u8 qr_bin[SAE_MAX_ECC_PRIME_LEN]; - u8 qnr_bin[SAE_MAX_ECC_PRIME_LEN]; -+ u8 x_y[2 * SAE_MAX_ECC_PRIME_LEN]; - size_t bits; - int res = -1; - u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* - * mask */ -+ unsigned int is_eq; - - os_memset(x_bin, 0, sizeof(x_bin)); - -@@ -567,25 +569,42 @@ static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1, - goto fail; - } - -- if (!sae->tmp->pwe_ecc) -- sae->tmp->pwe_ecc = crypto_ec_point_init(sae->tmp->ec); -- if (!sae->tmp->pwe_ecc) -- res = -1; -- else -- res = crypto_ec_point_solve_y_coord(sae->tmp->ec, -- sae->tmp->pwe_ecc, x, -- pwd_seed_odd); -- if (res < 0) { -- /* -- * This should not happen since we already checked that there -- * is a result. -- */ -+ /* y = sqrt(x^3 + ax + b) mod p -+ * if LSB(save) == LSB(y): PWE = (x, y) -+ * else: PWE = (x, p - y) -+ * -+ * Calculate y and the two possible values for PWE and after that, -+ * use constant time selection to copy the correct alternative. -+ */ -+ y = crypto_ec_point_compute_y_sqr(sae->tmp->ec, x); -+ if (!y || -+ dragonfly_sqrt(sae->tmp->ec, y, y) < 0 || -+ crypto_bignum_to_bin(y, x_y, SAE_MAX_ECC_PRIME_LEN, -+ prime_len) < 0 || -+ crypto_bignum_sub(sae->tmp->prime, y, y) < 0 || -+ crypto_bignum_to_bin(y, x_y + SAE_MAX_ECC_PRIME_LEN, -+ SAE_MAX_ECC_PRIME_LEN, prime_len) < 0) { - wpa_printf(MSG_DEBUG, "SAE: Could not solve y"); -+ goto fail; -+ } -+ -+ is_eq = const_time_eq(pwd_seed_odd, x_y[prime_len - 1] & 0x01); -+ const_time_select_bin(is_eq, x_y, x_y + SAE_MAX_ECC_PRIME_LEN, -+ prime_len, x_y + prime_len); -+ os_memcpy(x_y, x_bin, prime_len); -+ wpa_hexdump_key(MSG_DEBUG, "SAE: PWE", x_y, 2 * prime_len); -+ crypto_ec_point_deinit(sae->tmp->pwe_ecc, 1); -+ sae->tmp->pwe_ecc = crypto_ec_point_from_bin(sae->tmp->ec, x_y); -+ if (!sae->tmp->pwe_ecc) { -+ wpa_printf(MSG_DEBUG, "SAE: Could not generate PWE"); -+ res = -1; - } - - fail: -+ forced_memzero(x_y, sizeof(x_y)); - crypto_bignum_deinit(qr, 0); - crypto_bignum_deinit(qnr, 0); -+ crypto_bignum_deinit(y, 1); - os_free(dummy_password); - bin_clear_free(tmp_password, password_len); - crypto_bignum_deinit(x, 1); --- -1.8.3.1 - diff --git a/backport-0004-CVE-2022-23303-CVE-2022-23304.patch b/backport-0004-CVE-2022-23303-CVE-2022-23304.patch deleted file mode 100644 index f5fdd29404a5b15d9da2bfd8d4556b4cda70d6af..0000000000000000000000000000000000000000 --- a/backport-0004-CVE-2022-23303-CVE-2022-23304.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 603cd880e7f90595482658a7136fa6a7be5cb485 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Fri, 7 Jan 2022 18:52:27 +0200 -Subject: [PATCH 4/4] EAP-pwd: Derive the y coordinate for PWE with own - implementation - -The crypto_ec_point_solve_y_coord() wrapper function might not use -constant time operations in the crypto library and as such, could leak -side channel information about the password that is used to generate the -PWE in the hunting and pecking loop. As such, calculate the two possible -y coordinate values and pick the correct one to use with constant time -selection. - -Signed-off-by: Jouni Malinen ---- - src/eap_common/eap_pwd_common.c | 42 +++++++++++++++++++++++++++++++++++------ - 1 file changed, 36 insertions(+), 6 deletions(-) - -diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c -index 755aafb..ab8eb92 100644 ---- a/src/eap_common/eap_pwd_common.c -+++ b/src/eap_common/eap_pwd_common.c -@@ -137,7 +137,8 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - u8 qr_or_qnr_bin[MAX_ECC_PRIME_LEN]; - u8 x_bin[MAX_ECC_PRIME_LEN]; - u8 prime_bin[MAX_ECC_PRIME_LEN]; -- struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL, *pm1 = NULL; -+ u8 x_y[2 * MAX_ECC_PRIME_LEN]; -+ struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL, *pm1 = NULL, *y = NULL; - struct crypto_hash *hash; - unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr; - int ret = 0, check, res; -@@ -149,6 +150,7 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - u8 mask, found_ctr = 0, is_odd = 0; - int cmp_prime; - unsigned int in_range; -+ unsigned int is_eq; - - if (grp->pwe) - return -1; -@@ -161,7 +163,6 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - if (crypto_bignum_to_bin(prime, prime_bin, sizeof(prime_bin), - primebytelen) < 0) - return -1; -- grp->pwe = crypto_ec_point_init(grp->group); - tmp1 = crypto_bignum_init(); - pm1 = crypto_bignum_init(); - one = crypto_bignum_init_set((const u8 *) "\x01", 1); -@@ -323,10 +324,37 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - */ - crypto_bignum_deinit(x_candidate, 1); - x_candidate = crypto_bignum_init_set(x_bin, primebytelen); -- if (!x_candidate || -- crypto_ec_point_solve_y_coord(grp->group, grp->pwe, x_candidate, -- is_odd) != 0) { -- wpa_printf(MSG_INFO, "EAP-pwd: Could not solve for y"); -+ if (!x_candidate) -+ goto fail; -+ -+ /* y = sqrt(x^3 + ax + b) mod p -+ * if LSB(y) == LSB(pwd-seed): PWE = (x, y) -+ * else: PWE = (x, p - y) -+ * -+ * Calculate y and the two possible values for PWE and after that, -+ * use constant time selection to copy the correct alternative. -+ */ -+ y = crypto_ec_point_compute_y_sqr(grp->group, x_candidate); -+ if (!y || -+ dragonfly_sqrt(grp->group, y, y) < 0 || -+ crypto_bignum_to_bin(y, x_y, MAX_ECC_PRIME_LEN, primebytelen) < 0 || -+ crypto_bignum_sub(prime, y, y) < 0 || -+ crypto_bignum_to_bin(y, x_y + MAX_ECC_PRIME_LEN, -+ MAX_ECC_PRIME_LEN, primebytelen) < 0) { -+ wpa_printf(MSG_DEBUG, "SAE: Could not solve y"); -+ goto fail; -+ } -+ -+ /* Constant time selection of the y coordinate from the two -+ * options */ -+ is_eq = const_time_eq(is_odd, x_y[primebytelen - 1] & 0x01); -+ const_time_select_bin(is_eq, x_y, x_y + MAX_ECC_PRIME_LEN, -+ primebytelen, x_y + primebytelen); -+ os_memcpy(x_y, x_bin, primebytelen); -+ wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: PWE", x_y, 2 * primebytelen); -+ grp->pwe = crypto_ec_point_from_bin(grp->group, x_y); -+ if (!grp->pwe) { -+ wpa_printf(MSG_DEBUG, "EAP-pwd: Could not generate PWE"); - goto fail; - } - -@@ -353,6 +381,7 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - crypto_bignum_deinit(pm1, 0); - crypto_bignum_deinit(tmp1, 1); - crypto_bignum_deinit(tmp2, 1); -+ crypto_bignum_deinit(y, 1); - crypto_bignum_deinit(qr, 1); - crypto_bignum_deinit(qnr, 1); - crypto_bignum_deinit(qr_or_qnr, 1); -@@ -362,6 +391,7 @@ int compute_password_element(EAP_PWD_group *grp, u16 num, - os_memset(qnr_bin, 0, sizeof(qnr_bin)); - os_memset(qr_or_qnr_bin, 0, sizeof(qr_or_qnr_bin)); - os_memset(pwe_digest, 0, sizeof(pwe_digest)); -+ forced_memzero(x_y, sizeof(x_y)); - - return ret; - } --- -1.8.3.1 - diff --git a/backport-Add-support-for-wolfSSL-cryptographic-library.patch b/backport-Add-support-for-wolfSSL-cryptographic-library.patch deleted file mode 100644 index f1a5b34af8c134271d195b331a073b2f2f24cd2c..0000000000000000000000000000000000000000 --- a/backport-Add-support-for-wolfSSL-cryptographic-library.patch +++ /dev/null @@ -1,4084 +0,0 @@ -From fec03f98383ede92646fca4da63ed416f8dab4de Mon Sep 17 00:00:00 2001 -From: Sean Parkinson -Date: Thu, 18 Jan 2018 12:26:39 +1000 -Subject: Add support for wolfSSL cryptographic library - -Allow hostapd/wpa_supplicant to be compiled with the wolfSSL -cryptography and TLS library. - -Signed-off-by: Sean Parkinson ---- - src/crypto/crypto_wolfssl.c | 1670 ++++++++++++++++++++++++++++++++ - src/crypto/fips_prf_wolfssl.c | 86 ++ - src/crypto/tls_wolfssl.c | 2150 +++++++++++++++++++++++++++++++++++++++++ - wpa_supplicant/Makefile | 36 + - 4 files changed, 3942 insertions(+) - create mode 100644 src/crypto/crypto_wolfssl.c - create mode 100644 src/crypto/fips_prf_wolfssl.c - create mode 100644 src/crypto/tls_wolfssl.c - -diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c -new file mode 100644 -index 0000000..90163c4 ---- /dev/null -+++ b/src/crypto/crypto_wolfssl.c -@@ -0,0 +1,1670 @@ -+/* -+ * Wrapper functions for libwolfssl -+ * Copyright (c) 2004-2017, Jouni Malinen -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ */ -+ -+#include "includes.h" -+ -+#include "common.h" -+#include "crypto.h" -+ -+#define WOLFSSL_AES_DIRECT -+#define HAVE_AESGCM -+#define HAVE_AES_KEYWRAP -+#define WOLFSSL_SHA384 -+#define WOLFSSL_SHA512 -+#define WOLFSSL_CMAC -+#define HAVE_ECC -+#define USE_FAST_MATH -+#define WOLFSSL_KEY_GEN -+ -+#include -+/* wolfSSL headers */ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+ -+#ifndef CONFIG_FIPS -+ -+int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ Md4 md4; -+ size_t i; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ wc_InitMd4(&md4); -+ -+ for (i = 0; i < num_elem; i++) -+ wc_Md4Update(&md4, addr[i], len[i]); -+ -+ wc_Md4Final(&md4, mac); -+ -+ return 0; -+} -+ -+ -+int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ Md5 md5; -+ size_t i; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ wc_InitMd5(&md5); -+ -+ for (i = 0; i < num_elem; i++) -+ wc_Md5Update(&md5, addr[i], len[i]); -+ -+ wc_Md5Final(&md5, mac); -+ -+ return 0; -+} -+ -+#endif /* CONFIG_FIPS */ -+ -+ -+int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ Sha sha; -+ size_t i; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ wc_InitSha(&sha); -+ -+ for (i = 0; i < num_elem; i++) -+ wc_ShaUpdate(&sha, addr[i], len[i]); -+ -+ wc_ShaFinal(&sha, mac); -+ -+ return 0; -+} -+ -+ -+#ifndef NO_SHA256_WRAPPER -+int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, -+ u8 *mac) -+{ -+ Sha256 sha256; -+ size_t i; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ wc_InitSha256(&sha256); -+ -+ for (i = 0; i < num_elem; i++) -+ wc_Sha256Update(&sha256, addr[i], len[i]); -+ -+ wc_Sha256Final(&sha256, mac); -+ -+ return 0; -+} -+#endif /* NO_SHA256_WRAPPER */ -+ -+ -+#ifdef CONFIG_SHA384 -+int sha384_vector(size_t num_elem, const u8 *addr[], const size_t *len, -+ u8 *mac) -+{ -+ Sha384 sha384; -+ size_t i; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ wc_InitSha384(&sha384); -+ -+ for (i = 0; i < num_elem; i++) -+ wc_Sha384Update(&sha384, addr[i], len[i]); -+ -+ wc_Sha384Final(&sha384, mac); -+ -+ return 0; -+} -+#endif /* CONFIG_SHA384 */ -+ -+ -+#ifdef CONFIG_SHA512 -+int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len, -+ u8 *mac) -+{ -+ Sha512 sha512; -+ size_t i; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ wc_InitSha512(&sha512); -+ -+ for (i = 0; i < num_elem; i++) -+ wc_Sha512Update(&sha512, addr[i], len[i]); -+ -+ wc_Sha512Final(&sha512, mac); -+ -+ return 0; -+} -+#endif /* CONFIG_SHA512 */ -+ -+ -+static int wolfssl_hmac_vector(int type, const u8 *key, -+ size_t key_len, size_t num_elem, -+ const u8 *addr[], const size_t *len, u8 *mac, -+ unsigned int mdlen) -+{ -+ Hmac hmac; -+ size_t i; -+ -+ (void) mdlen; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ if (wc_HmacSetKey(&hmac, type, key, (word32) key_len) != 0) -+ return -1; -+ for (i = 0; i < num_elem; i++) -+ if (wc_HmacUpdate(&hmac, addr[i], len[i]) != 0) -+ return -1; -+ if (wc_HmacFinal(&hmac, mac) != 0) -+ return -1; -+ return 0; -+} -+ -+ -+#ifndef CONFIG_FIPS -+ -+int hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem, -+ const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ return wolfssl_hmac_vector(MD5, key, key_len, num_elem, addr, len, mac, -+ 16); -+} -+ -+ -+int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len, -+ u8 *mac) -+{ -+ return hmac_md5_vector(key, key_len, 1, &data, &data_len, mac); -+} -+ -+#endif /* CONFIG_FIPS */ -+ -+ -+int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem, -+ const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ return wolfssl_hmac_vector(SHA, key, key_len, num_elem, addr, len, mac, -+ 20); -+} -+ -+ -+int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len, -+ u8 *mac) -+{ -+ return hmac_sha1_vector(key, key_len, 1, &data, &data_len, mac); -+} -+ -+ -+#ifdef CONFIG_SHA256 -+ -+int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem, -+ const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ return wolfssl_hmac_vector(SHA256, key, key_len, num_elem, addr, len, -+ mac, 32); -+} -+ -+ -+int hmac_sha256(const u8 *key, size_t key_len, const u8 *data, -+ size_t data_len, u8 *mac) -+{ -+ return hmac_sha256_vector(key, key_len, 1, &data, &data_len, mac); -+} -+ -+#endif /* CONFIG_SHA256 */ -+ -+ -+#ifdef CONFIG_SHA384 -+ -+int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, -+ const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ return wolfssl_hmac_vector(SHA384, key, key_len, num_elem, addr, len, -+ mac, 48); -+} -+ -+ -+int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, -+ size_t data_len, u8 *mac) -+{ -+ return hmac_sha384_vector(key, key_len, 1, &data, &data_len, mac); -+} -+ -+#endif /* CONFIG_SHA384 */ -+ -+ -+#ifdef CONFIG_SHA512 -+ -+int hmac_sha512_vector(const u8 *key, size_t key_len, size_t num_elem, -+ const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ return wolfssl_hmac_vector(SHA512, key, key_len, num_elem, addr, len, -+ mac, 64); -+} -+ -+ -+int hmac_sha512(const u8 *key, size_t key_len, const u8 *data, -+ size_t data_len, u8 *mac) -+{ -+ return hmac_sha512_vector(key, key_len, 1, &data, &data_len, mac); -+} -+ -+#endif /* CONFIG_SHA512 */ -+ -+ -+int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len, -+ int iterations, u8 *buf, size_t buflen) -+{ -+ if (wc_PBKDF2(buf, (const byte*)passphrase, os_strlen(passphrase), ssid, -+ ssid_len, iterations, buflen, SHA) != 0) -+ return -1; -+ return 0; -+} -+ -+ -+#ifdef CONFIG_DES -+int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) -+{ -+ Des des; -+ u8 pkey[8], next, tmp; -+ int i; -+ -+ /* Add parity bits to the key */ -+ next = 0; -+ for (i = 0; i < 7; i++) { -+ tmp = key[i]; -+ pkey[i] = (tmp >> i) | next | 1; -+ next = tmp << (7 - i); -+ } -+ pkey[i] = next | 1; -+ -+ wc_Des_SetKey(&des, pkey, NULL, DES_ENCRYPTION); -+ wc_Des_EcbEncrypt(&des, cypher, clear, DES_BLOCK_SIZE); -+ -+ return 0; -+} -+#endif /* CONFIG_DES */ -+ -+ -+void * aes_encrypt_init(const u8 *key, size_t len) -+{ -+ Aes *aes; -+ -+ if (TEST_FAIL()) -+ return NULL; -+ -+ aes = os_malloc(sizeof(Aes)); -+ if (!aes) -+ return NULL; -+ -+ if (wc_AesSetKey(aes, key, len, NULL, AES_ENCRYPTION) < 0) { -+ os_free(aes); -+ return NULL; -+ } -+ -+ return aes; -+} -+ -+ -+int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) -+{ -+ wc_AesEncryptDirect(ctx, crypt, plain); -+ return 0; -+} -+ -+ -+void aes_encrypt_deinit(void *ctx) -+{ -+ os_free(ctx); -+} -+ -+ -+void * aes_decrypt_init(const u8 *key, size_t len) -+{ -+ Aes *aes; -+ -+ if (TEST_FAIL()) -+ return NULL; -+ -+ aes = os_malloc(sizeof(Aes)); -+ if (!aes) -+ return NULL; -+ -+ if (wc_AesSetKey(aes, key, len, NULL, AES_DECRYPTION) < 0) { -+ os_free(aes); -+ return NULL; -+ } -+ -+ return aes; -+} -+ -+ -+int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) -+{ -+ wc_AesDecryptDirect(ctx, plain, crypt); -+ return 0; -+} -+ -+ -+void aes_decrypt_deinit(void *ctx) -+{ -+ os_free(ctx); -+} -+ -+ -+int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) -+{ -+ Aes aes; -+ int ret; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ ret = wc_AesSetKey(&aes, key, 16, iv, AES_ENCRYPTION); -+ if (ret != 0) -+ return -1; -+ -+ ret = wc_AesCbcEncrypt(&aes, data, data, data_len); -+ if (ret != 0) -+ return -1; -+ return 0; -+} -+ -+ -+int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) -+{ -+ Aes aes; -+ int ret; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ ret = wc_AesSetKey(&aes, key, 16, iv, AES_DECRYPTION); -+ if (ret != 0) -+ return -1; -+ -+ ret = wc_AesCbcDecrypt(&aes, data, data, data_len); -+ if (ret != 0) -+ return -1; -+ return 0; -+} -+ -+ -+int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher) -+{ -+ int ret; -+ -+ ret = wc_AesKeyWrap(kek, kek_len, plain, n * 8, cipher, (n + 1) * 8, -+ NULL); -+ return ret != (n + 1) * 8 ? -1 : 0; -+} -+ -+ -+int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher, -+ u8 *plain) -+{ -+ int ret; -+ -+ ret = wc_AesKeyUnWrap(kek, kek_len, cipher, (n + 1) * 8, plain, n * 8, -+ NULL); -+ return ret != n * 8 ? -1 : 0; -+} -+ -+ -+#ifndef CONFIG_NO_RC4 -+int rc4_skip(const u8 *key, size_t keylen, size_t skip, u8 *data, -+ size_t data_len) -+{ -+#ifndef NO_RC4 -+ Arc4 arc4; -+ unsigned char skip_buf[16]; -+ -+ wc_Arc4SetKey(&arc4, key, keylen); -+ -+ while (skip >= sizeof(skip_buf)) { -+ size_t len = skip; -+ -+ if (len > sizeof(skip_buf)) -+ len = sizeof(skip_buf); -+ wc_Arc4Process(&arc4, skip_buf, skip_buf, len); -+ skip -= len; -+ } -+ -+ wc_Arc4Process(&arc4, data, data, data_len); -+ -+ return 0; -+#else /* NO_RC4 */ -+ return -1; -+#endif /* NO_RC4 */ -+} -+#endif /* CONFIG_NO_RC4 */ -+ -+ -+#if defined(EAP_IKEV2) || defined(EAP_IKEV2_DYNAMIC) \ -+ || defined(EAP_SERVER_IKEV2) -+union wolfssl_cipher { -+ Aes aes; -+ Des3 des3; -+ Arc4 arc4; -+}; -+ -+struct crypto_cipher { -+ enum crypto_cipher_alg alg; -+ union wolfssl_cipher enc; -+ union wolfssl_cipher dec; -+}; -+ -+struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, -+ const u8 *iv, const u8 *key, -+ size_t key_len) -+{ -+ struct crypto_cipher *ctx; -+ -+ ctx = os_zalloc(sizeof(*ctx)); -+ if (!ctx) -+ return NULL; -+ -+ switch (alg) { -+#ifndef CONFIG_NO_RC4 -+#ifndef NO_RC4 -+ case CRYPTO_CIPHER_ALG_RC4: -+ wc_Arc4SetKey(&ctx->enc.arc4, key, key_len); -+ wc_Arc4SetKey(&ctx->dec.arc4, key, key_len); -+ break; -+#endif /* NO_RC4 */ -+#endif /* CONFIG_NO_RC4 */ -+#ifndef NO_AES -+ case CRYPTO_CIPHER_ALG_AES: -+ switch (key_len) { -+ case 16: -+ case 24: -+ case 32: -+ break; -+ default: -+ os_free(ctx); -+ return NULL; -+ } -+ if (wc_AesSetKey(&ctx->enc.aes, key, key_len, iv, -+ AES_ENCRYPTION) || -+ wc_AesSetKey(&ctx->dec.aes, key, key_len, iv, -+ AES_DECRYPTION)) { -+ os_free(ctx); -+ return NULL; -+ } -+ break; -+#endif /* NO_AES */ -+#ifndef NO_DES3 -+ case CRYPTO_CIPHER_ALG_3DES: -+ if (key_len != DES3_KEYLEN || -+ wc_Des3_SetKey(&ctx->enc.des3, key, iv, DES_ENCRYPTION) || -+ wc_Des3_SetKey(&ctx->dec.des3, key, iv, DES_DECRYPTION)) { -+ os_free(ctx); -+ return NULL; -+ } -+ break; -+#endif /* NO_DES3 */ -+ case CRYPTO_CIPHER_ALG_RC2: -+ case CRYPTO_CIPHER_ALG_DES: -+ default: -+ os_free(ctx); -+ return NULL; -+ } -+ -+ ctx->alg = alg; -+ -+ return ctx; -+} -+ -+ -+int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain, -+ u8 *crypt, size_t len) -+{ -+ switch (ctx->alg) { -+#ifndef CONFIG_NO_RC4 -+#ifndef NO_RC4 -+ case CRYPTO_CIPHER_ALG_RC4: -+ wc_Arc4Process(&ctx->enc.arc4, crypt, plain, len); -+ return 0; -+#endif /* NO_RC4 */ -+#endif /* CONFIG_NO_RC4 */ -+#ifndef NO_AES -+ case CRYPTO_CIPHER_ALG_AES: -+ if (wc_AesCbcEncrypt(&ctx->enc.aes, crypt, plain, len) != 0) -+ return -1; -+ return 0; -+#endif /* NO_AES */ -+#ifndef NO_DES3 -+ case CRYPTO_CIPHER_ALG_3DES: -+ if (wc_Des3_CbcEncrypt(&ctx->enc.des3, crypt, plain, len) != 0) -+ return -1; -+ return 0; -+#endif /* NO_DES3 */ -+ default: -+ return -1; -+ } -+ return -1; -+} -+ -+ -+int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt, -+ u8 *plain, size_t len) -+{ -+ switch (ctx->alg) { -+#ifndef CONFIG_NO_RC4 -+#ifndef NO_RC4 -+ case CRYPTO_CIPHER_ALG_RC4: -+ wc_Arc4Process(&ctx->dec.arc4, plain, crypt, len); -+ return 0; -+#endif /* NO_RC4 */ -+#endif /* CONFIG_NO_RC4 */ -+#ifndef NO_AES -+ case CRYPTO_CIPHER_ALG_AES: -+ if (wc_AesCbcDecrypt(&ctx->dec.aes, plain, crypt, len) != 0) -+ return -1; -+ return 0; -+#endif /* NO_AES */ -+#ifndef NO_DES3 -+ case CRYPTO_CIPHER_ALG_3DES: -+ if (wc_Des3_CbcDecrypt(&ctx->dec.des3, plain, crypt, len) != 0) -+ return -1; -+ return 0; -+#endif /* NO_DES3 */ -+ default: -+ return -1; -+ } -+ return -1; -+} -+ -+ -+void crypto_cipher_deinit(struct crypto_cipher *ctx) -+{ -+ os_free(ctx); -+} -+ -+#endif -+ -+ -+#ifdef CONFIG_WPS_NFC -+ -+static const unsigned char RFC3526_PRIME_1536[] = { -+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, -+ 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, -+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, -+ 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, -+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, -+ 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, -+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, -+ 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, -+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, -+ 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, -+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, -+ 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, -+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, -+ 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, -+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, -+ 0xCA, 0x23, 0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -+}; -+ -+static const unsigned char RFC3526_GENERATOR_1536[] = { -+ 0x02 -+}; -+ -+#define RFC3526_LEN sizeof(RFC3526_PRIME_1536) -+ -+ -+void * dh5_init(struct wpabuf **priv, struct wpabuf **publ) -+{ -+ WC_RNG rng; -+ DhKey *ret = NULL; -+ DhKey *dh = NULL; -+ struct wpabuf *privkey = NULL; -+ struct wpabuf *pubkey = NULL; -+ word32 priv_sz, pub_sz; -+ -+ *priv = NULL; -+ wpabuf_free(*publ); -+ *publ = NULL; -+ -+ dh = os_malloc(sizeof(DhKey)); -+ if (!dh) -+ return NULL; -+ wc_InitDhKey(dh); -+ -+ if (wc_InitRng(&rng) != 0) { -+ os_free(dh); -+ return NULL; -+ } -+ -+ privkey = wpabuf_alloc(RFC3526_LEN); -+ pubkey = wpabuf_alloc(RFC3526_LEN); -+ if (!privkey || !pubkey) -+ goto done; -+ -+ if (wc_DhSetKey(dh, RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), -+ RFC3526_GENERATOR_1536, sizeof(RFC3526_GENERATOR_1536)) -+ != 0) -+ goto done; -+ -+ if (wc_DhGenerateKeyPair(dh, &rng, wpabuf_mhead(privkey), &priv_sz, -+ wpabuf_mhead(pubkey), &pub_sz) != 0) -+ goto done; -+ -+ wpabuf_put(privkey, priv_sz); -+ wpabuf_put(pubkey, pub_sz); -+ -+ ret = dh; -+ *priv = privkey; -+ *publ = pubkey; -+ dh = NULL; -+ privkey = NULL; -+ pubkey = NULL; -+done: -+ wpabuf_clear_free(pubkey); -+ wpabuf_clear_free(privkey); -+ if (dh) { -+ wc_FreeDhKey(dh); -+ os_free(dh); -+ } -+ wc_FreeRng(&rng); -+ return ret; -+} -+ -+ -+void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ) -+{ -+ DhKey *ret = NULL; -+ DhKey *dh; -+ byte *secret; -+ word32 secret_sz; -+ -+ dh = os_malloc(sizeof(DhKey)); -+ if (!dh) -+ return NULL; -+ wc_InitDhKey(dh); -+ -+ secret = os_malloc(RFC3526_LEN); -+ if (!secret) -+ goto done; -+ -+ if (wc_DhSetKey(dh, RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), -+ RFC3526_GENERATOR_1536, sizeof(RFC3526_GENERATOR_1536)) -+ != 0) -+ goto done; -+ -+ if (wc_DhAgree(dh, secret, &secret_sz, wpabuf_head(priv), -+ wpabuf_len(priv), RFC3526_GENERATOR_1536, -+ sizeof(RFC3526_GENERATOR_1536)) != 0) -+ goto done; -+ -+ if (secret_sz != wpabuf_len(publ) || -+ os_memcmp(secret, wpabuf_head(publ), secret_sz) != 0) -+ goto done; -+ -+ ret = dh; -+ dh = NULL; -+done: -+ if (dh) { -+ wc_FreeDhKey(dh); -+ os_free(dh); -+ } -+ os_free(secret); -+ return ret; -+} -+ -+ -+struct wpabuf * dh5_derive_shared(void *ctx, const struct wpabuf *peer_public, -+ const struct wpabuf *own_private) -+{ -+ struct wpabuf *ret = NULL; -+ struct wpabuf *secret; -+ word32 secret_sz; -+ -+ secret = wpabuf_alloc(RFC3526_LEN); -+ if (!secret) -+ goto done; -+ -+ if (wc_DhAgree(ctx, wpabuf_mhead(secret), &secret_sz, -+ wpabuf_head(own_private), wpabuf_len(own_private), -+ wpabuf_head(peer_public), wpabuf_len(peer_public)) != 0) -+ goto done; -+ -+ wpabuf_put(secret, secret_sz); -+ -+ ret = secret; -+ secret = NULL; -+done: -+ wpabuf_clear_free(secret); -+ return ret; -+} -+ -+ -+void dh5_free(void *ctx) -+{ -+ if (!ctx) -+ return; -+ -+ wc_FreeDhKey(ctx); -+ os_free(ctx); -+} -+ -+#endif /* CONFIG_WPS_NFC */ -+ -+ -+int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, -+ u8 *pubkey) -+{ -+ int ret = -1; -+ WC_RNG rng; -+ DhKey *dh = NULL; -+ word32 priv_sz, pub_sz; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ dh = os_malloc(sizeof(DhKey)); -+ if (!dh) -+ return -1; -+ wc_InitDhKey(dh); -+ -+ if (wc_InitRng(&rng) != 0) { -+ os_free(dh); -+ return -1; -+ } -+ -+ if (wc_DhSetKey(dh, prime, prime_len, &generator, 1) != 0) -+ goto done; -+ -+ if (wc_DhGenerateKeyPair(dh, &rng, privkey, &priv_sz, pubkey, &pub_sz) -+ != 0) -+ goto done; -+ -+ if (priv_sz < prime_len) { -+ size_t pad_sz = prime_len - priv_sz; -+ -+ os_memmove(privkey + pad_sz, privkey, priv_sz); -+ os_memset(privkey, 0, pad_sz); -+ } -+ -+ if (pub_sz < prime_len) { -+ size_t pad_sz = prime_len - pub_sz; -+ -+ os_memmove(pubkey + pad_sz, pubkey, pub_sz); -+ os_memset(pubkey, 0, pad_sz); -+ } -+ ret = 0; -+done: -+ wc_FreeDhKey(dh); -+ os_free(dh); -+ wc_FreeRng(&rng); -+ return ret; -+} -+ -+ -+int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len, -+ const u8 *privkey, size_t privkey_len, -+ const u8 *pubkey, size_t pubkey_len, -+ u8 *secret, size_t *len) -+{ -+ int ret = -1; -+ DhKey *dh; -+ word32 secret_sz; -+ -+ dh = os_malloc(sizeof(DhKey)); -+ if (!dh) -+ return -1; -+ wc_InitDhKey(dh); -+ -+ if (wc_DhSetKey(dh, prime, prime_len, &generator, 1) != 0) -+ goto done; -+ -+ if (wc_DhAgree(dh, secret, &secret_sz, privkey, privkey_len, pubkey, -+ pubkey_len) != 0) -+ goto done; -+ -+ *len = secret_sz; -+ ret = 0; -+done: -+ wc_FreeDhKey(dh); -+ os_free(dh); -+ return ret; -+} -+ -+ -+#ifdef CONFIG_FIPS -+int crypto_get_random(void *buf, size_t len) -+{ -+ int ret = 0; -+ WC_RNG rng; -+ -+ if (wc_InitRng(&rng) != 0) -+ return -1; -+ if (wc_RNG_GenerateBlock(&rng, buf, len) != 0) -+ ret = -1; -+ wc_FreeRng(&rng); -+ return ret; -+} -+#endif /* CONFIG_FIPS */ -+ -+ -+#if defined(EAP_PWD) || defined(EAP_SERVER_PWD) -+struct crypto_hash { -+ Hmac hmac; -+ int size; -+}; -+ -+ -+struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key, -+ size_t key_len) -+{ -+ struct crypto_hash *ret = NULL; -+ struct crypto_hash *hash; -+ int type; -+ -+ hash = os_malloc(sizeof(*hash)); -+ if (!hash) -+ goto done; -+ -+ switch (alg) { -+#ifndef NO_MD5 -+ case CRYPTO_HASH_ALG_HMAC_MD5: -+ hash->size = 16; -+ type = MD5; -+ break; -+#endif /* NO_MD5 */ -+#ifndef NO_SHA -+ case CRYPTO_HASH_ALG_HMAC_SHA1: -+ type = SHA; -+ hash->size = 20; -+ break; -+#endif /* NO_SHA */ -+#ifdef CONFIG_SHA256 -+#ifndef NO_SHA256 -+ case CRYPTO_HASH_ALG_HMAC_SHA256: -+ type = SHA256; -+ hash->size = 32; -+ break; -+#endif /* NO_SHA256 */ -+#endif /* CONFIG_SHA256 */ -+ default: -+ goto done; -+ } -+ -+ if (wc_HmacSetKey(&hash->hmac, type, key, key_len) != 0) -+ goto done; -+ -+ ret = hash; -+ hash = NULL; -+done: -+ os_free(hash); -+ return ret; -+} -+ -+ -+void crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len) -+{ -+ if (!ctx) -+ return; -+ wc_HmacUpdate(&ctx->hmac, data, len); -+} -+ -+ -+int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len) -+{ -+ int ret = 0; -+ -+ if (!ctx) -+ return -2; -+ -+ if (!mac || !len) -+ goto done; -+ -+ if (wc_HmacFinal(&ctx->hmac, mac) != 0) { -+ ret = -1; -+ goto done; -+ } -+ -+ *len = ctx->size; -+ ret = 0; -+done: -+ bin_clear_free(ctx, sizeof(*ctx)); -+ return ret; -+} -+ -+#endif -+ -+ -+int omac1_aes_vector(const u8 *key, size_t key_len, size_t num_elem, -+ const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ Cmac cmac; -+ size_t i; -+ word32 sz; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ if (wc_InitCmac(&cmac, key, key_len, WC_CMAC_AES, NULL) != 0) -+ return -1; -+ -+ for (i = 0; i < num_elem; i++) -+ if (wc_CmacUpdate(&cmac, addr[i], len[i]) != 0) -+ return -1; -+ -+ sz = AES_BLOCK_SIZE; -+ if (wc_CmacFinal(&cmac, mac, &sz) != 0 || sz != AES_BLOCK_SIZE) -+ return -1; -+ -+ return 0; -+} -+ -+ -+int omac1_aes_128_vector(const u8 *key, size_t num_elem, -+ const u8 *addr[], const size_t *len, u8 *mac) -+{ -+ return omac1_aes_vector(key, 16, num_elem, addr, len, mac); -+} -+ -+ -+int omac1_aes_128(const u8 *key, const u8 *data, size_t data_len, u8 *mac) -+{ -+ return omac1_aes_128_vector(key, 1, &data, &data_len, mac); -+} -+ -+ -+int omac1_aes_256(const u8 *key, const u8 *data, size_t data_len, u8 *mac) -+{ -+ return omac1_aes_vector(key, 32, 1, &data, &data_len, mac); -+} -+ -+ -+struct crypto_bignum * crypto_bignum_init(void) -+{ -+ mp_int *a; -+ -+ if (TEST_FAIL()) -+ return NULL; -+ -+ a = os_malloc(sizeof(*a)); -+ if (!a || mp_init(a) != MP_OKAY) { -+ os_free(a); -+ a = NULL; -+ } -+ -+ return (struct crypto_bignum *) a; -+} -+ -+ -+struct crypto_bignum * crypto_bignum_init_set(const u8 *buf, size_t len) -+{ -+ mp_int *a; -+ -+ if (TEST_FAIL()) -+ return NULL; -+ -+ a = (mp_int *) crypto_bignum_init(); -+ if (!a) -+ return NULL; -+ -+ if (mp_read_unsigned_bin(a, buf, len) != MP_OKAY) { -+ os_free(a); -+ a = NULL; -+ } -+ -+ return (struct crypto_bignum *) a; -+} -+ -+ -+void crypto_bignum_deinit(struct crypto_bignum *n, int clear) -+{ -+ if (!n) -+ return; -+ -+ if (clear) -+ mp_forcezero((mp_int *) n); -+ mp_clear((mp_int *) n); -+ os_free((mp_int *) n); -+} -+ -+ -+int crypto_bignum_to_bin(const struct crypto_bignum *a, -+ u8 *buf, size_t buflen, size_t padlen) -+{ -+ int num_bytes, offset; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ if (padlen > buflen) -+ return -1; -+ -+ num_bytes = (mp_count_bits((mp_int *) a) + 7) / 8; -+ if ((size_t) num_bytes > buflen) -+ return -1; -+ if (padlen > (size_t) num_bytes) -+ offset = padlen - num_bytes; -+ else -+ offset = 0; -+ -+ os_memset(buf, 0, offset); -+ mp_to_unsigned_bin((mp_int *) a, buf + offset); -+ -+ return num_bytes + offset; -+} -+ -+ -+int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m) -+{ -+ int ret = 0; -+ WC_RNG rng; -+ -+ if (wc_InitRng(&rng) != 0) -+ return -1; -+ if (mp_rand_prime((mp_int *) r, -+ (mp_count_bits((mp_int *) m) + 7) / 8 * 2, -+ &rng, NULL) != 0) -+ ret = -1; -+ if (ret == 0 && -+ mp_mod((mp_int *) r, (mp_int *) m, (mp_int *) r) != 0) -+ ret = -1; -+ wc_FreeRng(&rng); -+ return ret; -+} -+ -+ -+int crypto_bignum_add(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ struct crypto_bignum *r) -+{ -+ return mp_add((mp_int *) a, (mp_int *) b, -+ (mp_int *) r) == MP_OKAY ? 0 : -1; -+} -+ -+ -+int crypto_bignum_mod(const struct crypto_bignum *a, -+ const struct crypto_bignum *m, -+ struct crypto_bignum *r) -+{ -+ return mp_mod((mp_int *) a, (mp_int *) m, -+ (mp_int *) r) == MP_OKAY ? 0 : -1; -+} -+ -+ -+int crypto_bignum_exptmod(const struct crypto_bignum *b, -+ const struct crypto_bignum *e, -+ const struct crypto_bignum *m, -+ struct crypto_bignum *r) -+{ -+ if (TEST_FAIL()) -+ return -1; -+ -+ return mp_exptmod((mp_int *) b, (mp_int *) e, (mp_int *) m, -+ (mp_int *) r) == MP_OKAY ? 0 : -1; -+} -+ -+ -+int crypto_bignum_inverse(const struct crypto_bignum *a, -+ const struct crypto_bignum *m, -+ struct crypto_bignum *r) -+{ -+ if (TEST_FAIL()) -+ return -1; -+ -+ return mp_invmod((mp_int *) a, (mp_int *) m, -+ (mp_int *) r) == MP_OKAY ? 0 : -1; -+} -+ -+ -+int crypto_bignum_sub(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ struct crypto_bignum *r) -+{ -+ if (TEST_FAIL()) -+ return -1; -+ -+ return mp_add((mp_int *) a, (mp_int *) b, -+ (mp_int *) r) == MP_OKAY ? 0 : -1; -+} -+ -+ -+int crypto_bignum_div(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ struct crypto_bignum *d) -+{ -+ if (TEST_FAIL()) -+ return -1; -+ -+ return mp_div((mp_int *) a, (mp_int *) b, (mp_int *) d, -+ NULL) == MP_OKAY ? 0 : -1; -+} -+ -+ -+int crypto_bignum_mulmod(const struct crypto_bignum *a, -+ const struct crypto_bignum *b, -+ const struct crypto_bignum *m, -+ struct crypto_bignum *d) -+{ -+ if (TEST_FAIL()) -+ return -1; -+ -+ return mp_mulmod((mp_int *) a, (mp_int *) b, (mp_int *) m, -+ (mp_int *) d) == MP_OKAY ? 0 : -1; -+} -+ -+ -+int crypto_bignum_rshift(const struct crypto_bignum *a, int n, -+ struct crypto_bignum *r) -+{ -+ if (mp_copy((mp_int *) a, (mp_int *) r) != MP_OKAY) -+ return -1; -+ mp_rshd((mp_int *) r, n); -+ return 0; -+} -+ -+ -+int crypto_bignum_cmp(const struct crypto_bignum *a, -+ const struct crypto_bignum *b) -+{ -+ return mp_cmp((mp_int *) a, (mp_int *) b); -+} -+ -+ -+int crypto_bignum_bits(const struct crypto_bignum *a) -+{ -+ return mp_count_bits((mp_int *) a); -+} -+ -+ -+int crypto_bignum_is_zero(const struct crypto_bignum *a) -+{ -+ return mp_iszero((mp_int *) a); -+} -+ -+ -+int crypto_bignum_is_one(const struct crypto_bignum *a) -+{ -+ return mp_isone((const mp_int *) a); -+} -+ -+int crypto_bignum_is_odd(const struct crypto_bignum *a) -+{ -+ return mp_isodd((mp_int *) a); -+} -+ -+ -+int crypto_bignum_legendre(const struct crypto_bignum *a, -+ const struct crypto_bignum *p) -+{ -+ mp_int t; -+ int ret; -+ int res = -2; -+ -+ if (TEST_FAIL()) -+ return -2; -+ -+ if (mp_init(&t) != MP_OKAY) -+ return -2; -+ -+ /* t = (p-1) / 2 */ -+ ret = mp_sub_d((mp_int *) p, 1, &t); -+ if (ret == MP_OKAY) -+ mp_rshb(&t, 1); -+ if (ret == MP_OKAY) -+ ret = mp_exptmod((mp_int *) a, &t, (mp_int *) p, &t); -+ if (ret == MP_OKAY) { -+ if (mp_isone(&t)) -+ res = 1; -+ else if (mp_iszero(&t)) -+ res = 0; -+ else -+ res = -1; -+ } -+ -+ mp_clear(&t); -+ return res; -+} -+ -+ -+#ifdef CONFIG_ECC -+ -+int ecc_map(ecc_point *, mp_int *, mp_digit); -+int ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, -+ mp_int *a, mp_int *modulus, mp_digit mp); -+ -+struct crypto_ec { -+ ecc_key key; -+ mp_int a; -+ mp_int prime; -+ mp_int order; -+ mp_digit mont_b; -+ mp_int b; -+}; -+ -+ -+struct crypto_ec * crypto_ec_init(int group) -+{ -+ int built = 0; -+ struct crypto_ec *e; -+ int curve_id; -+ -+ /* Map from IANA registry for IKE D-H groups to OpenSSL NID */ -+ switch (group) { -+ case 19: -+ curve_id = ECC_SECP256R1; -+ break; -+ case 20: -+ curve_id = ECC_SECP384R1; -+ break; -+ case 21: -+ curve_id = ECC_SECP521R1; -+ break; -+ case 25: -+ curve_id = ECC_SECP192R1; -+ break; -+ case 26: -+ curve_id = ECC_SECP224R1; -+ break; -+#ifdef HAVE_ECC_BRAINPOOL -+ case 27: -+ curve_id = ECC_BRAINPOOLP224R1; -+ break; -+ case 28: -+ curve_id = ECC_BRAINPOOLP256R1; -+ break; -+ case 29: -+ curve_id = ECC_BRAINPOOLP384R1; -+ break; -+ case 30: -+ curve_id = ECC_BRAINPOOLP512R1; -+ break; -+#endif /* HAVE_ECC_BRAINPOOL */ -+ default: -+ return NULL; -+ } -+ -+ e = os_zalloc(sizeof(*e)); -+ if (!e) -+ return NULL; -+ -+ if (wc_ecc_init(&e->key) != 0 || -+ wc_ecc_set_curve(&e->key, 0, curve_id) != 0 || -+ mp_init(&e->a) != MP_OKAY || -+ mp_init(&e->prime) != MP_OKAY || -+ mp_init(&e->order) != MP_OKAY || -+ mp_init(&e->b) != MP_OKAY || -+ mp_read_radix(&e->a, e->key.dp->Af, 16) != MP_OKAY || -+ mp_read_radix(&e->b, e->key.dp->Bf, 16) != MP_OKAY || -+ mp_read_radix(&e->prime, e->key.dp->prime, 16) != MP_OKAY || -+ mp_read_radix(&e->order, e->key.dp->order, 16) != MP_OKAY || -+ mp_montgomery_setup(&e->prime, &e->mont_b) != MP_OKAY) -+ goto done; -+ -+ built = 1; -+done: -+ if (!built) { -+ crypto_ec_deinit(e); -+ e = NULL; -+ } -+ return e; -+} -+ -+ -+void crypto_ec_deinit(struct crypto_ec* e) -+{ -+ if (!e) -+ return; -+ -+ mp_clear(&e->b); -+ mp_clear(&e->order); -+ mp_clear(&e->prime); -+ mp_clear(&e->a); -+ wc_ecc_free(&e->key); -+ os_free(e); -+} -+ -+ -+int crypto_ec_cofactor(struct crypto_ec *e, struct crypto_bignum *cofactor) -+{ -+ if (!e || !cofactor) -+ return -1; -+ -+ mp_set((mp_int *) cofactor, e->key.dp->cofactor); -+ return 0; -+} -+ -+ -+struct crypto_ec_point * crypto_ec_point_init(struct crypto_ec *e) -+{ -+ if (TEST_FAIL()) -+ return NULL; -+ if (!e) -+ return NULL; -+ return (struct crypto_ec_point *) wc_ecc_new_point(); -+} -+ -+ -+size_t crypto_ec_prime_len(struct crypto_ec *e) -+{ -+ return (mp_count_bits(&e->prime) + 7) / 8; -+} -+ -+ -+size_t crypto_ec_prime_len_bits(struct crypto_ec *e) -+{ -+ return mp_count_bits(&e->prime); -+} -+ -+ -+size_t crypto_ec_order_len(struct crypto_ec *e) -+{ -+ return (mp_count_bits(&e->order) + 7) / 8; -+} -+ -+ -+const struct crypto_bignum * crypto_ec_get_prime(struct crypto_ec *e) -+{ -+ return (const struct crypto_bignum *) &e->prime; -+} -+ -+ -+const struct crypto_bignum * crypto_ec_get_order(struct crypto_ec *e) -+{ -+ return (const struct crypto_bignum *) &e->order; -+} -+ -+ -+void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear) -+{ -+ ecc_point *point = (ecc_point *) p; -+ -+ if (!p) -+ return; -+ -+ if (clear) { -+ mp_forcezero(point->x); -+ mp_forcezero(point->y); -+ mp_forcezero(point->z); -+ } -+ wc_ecc_del_point(point); -+} -+ -+ -+int crypto_ec_point_x(struct crypto_ec *e, const struct crypto_ec_point *p, -+ struct crypto_bignum *x) -+{ -+ return mp_copy(((ecc_point *) p)->x, (mp_int *) x) == MP_OKAY ? 0 : -1; -+} -+ -+ -+int crypto_ec_point_to_bin(struct crypto_ec *e, -+ const struct crypto_ec_point *point, u8 *x, u8 *y) -+{ -+ ecc_point *p = (ecc_point *) point; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ if (!mp_isone(p->z)) { -+ if (ecc_map(p, &e->prime, e->mont_b) != MP_OKAY) -+ return -1; -+ } -+ -+ if (x) { -+ if (crypto_bignum_to_bin((struct crypto_bignum *)p->x, x, -+ e->key.dp->size, -+ e->key.dp->size) <= 0) -+ return -1; -+ } -+ -+ if (y) { -+ if (crypto_bignum_to_bin((struct crypto_bignum *) p->y, y, -+ e->key.dp->size, -+ e->key.dp->size) <= 0) -+ return -1; -+ } -+ -+ return 0; -+} -+ -+ -+struct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e, -+ const u8 *val) -+{ -+ ecc_point *point = NULL; -+ int loaded = 0; -+ -+ if (TEST_FAIL()) -+ return NULL; -+ -+ point = wc_ecc_new_point(); -+ if (!point) -+ goto done; -+ -+ if (mp_read_unsigned_bin(point->x, val, e->key.dp->size) != MP_OKAY) -+ goto done; -+ val += e->key.dp->size; -+ if (mp_read_unsigned_bin(point->y, val, e->key.dp->size) != MP_OKAY) -+ goto done; -+ mp_set(point->z, 1); -+ -+ loaded = 1; -+done: -+ if (!loaded) { -+ wc_ecc_del_point(point); -+ point = NULL; -+ } -+ return (struct crypto_ec_point *) point; -+} -+ -+ -+int crypto_ec_point_add(struct crypto_ec *e, const struct crypto_ec_point *a, -+ const struct crypto_ec_point *b, -+ struct crypto_ec_point *c) -+{ -+ mp_int mu; -+ ecc_point *ta = NULL, *tb = NULL; -+ ecc_point *pa = (ecc_point *) a, *pb = (ecc_point *) b; -+ mp_int *modulus = &e->prime; -+ int ret; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ ret = mp_init(&mu); -+ if (ret != MP_OKAY) -+ return -1; -+ -+ ret = mp_montgomery_calc_normalization(&mu, modulus); -+ if (ret != MP_OKAY) { -+ mp_clear(&mu); -+ return -1; -+ } -+ -+ if (!mp_isone(&mu)) { -+ ta = wc_ecc_new_point(); -+ if (!ta) { -+ mp_clear(&mu); -+ return -1; -+ } -+ tb = wc_ecc_new_point(); -+ if (!tb) { -+ wc_ecc_del_point(ta); -+ mp_clear(&mu); -+ return -1; -+ } -+ -+ if (mp_mulmod(pa->x, &mu, modulus, ta->x) != MP_OKAY || -+ mp_mulmod(pa->y, &mu, modulus, ta->y) != MP_OKAY || -+ mp_mulmod(pa->z, &mu, modulus, ta->z) != MP_OKAY || -+ mp_mulmod(pb->x, &mu, modulus, tb->x) != MP_OKAY || -+ mp_mulmod(pb->y, &mu, modulus, tb->y) != MP_OKAY || -+ mp_mulmod(pb->z, &mu, modulus, tb->z) != MP_OKAY) { -+ ret = -1; -+ goto end; -+ } -+ pa = ta; -+ pb = tb; -+ } -+ -+ ret = ecc_projective_add_point(pa, pb, (ecc_point *) c, &e->a, -+ &e->prime, e->mont_b); -+ if (ret != 0) { -+ ret = -1; -+ goto end; -+ } -+ -+ if (ecc_map((ecc_point *) c, &e->prime, e->mont_b) != MP_OKAY) -+ ret = -1; -+ else -+ ret = 0; -+end: -+ wc_ecc_del_point(tb); -+ wc_ecc_del_point(ta); -+ mp_clear(&mu); -+ return ret; -+} -+ -+ -+int crypto_ec_point_mul(struct crypto_ec *e, const struct crypto_ec_point *p, -+ const struct crypto_bignum *b, -+ struct crypto_ec_point *res) -+{ -+ int ret; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ ret = wc_ecc_mulmod((mp_int *) b, (ecc_point *) p, (ecc_point *) res, -+ &e->a, &e->prime, 1); -+ return ret == 0 ? 0 : -1; -+} -+ -+ -+int crypto_ec_point_invert(struct crypto_ec *e, struct crypto_ec_point *p) -+{ -+ ecc_point *point = (ecc_point *) p; -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ if (mp_sub(&e->prime, point->y, point->y) != MP_OKAY) -+ return -1; -+ -+ return 0; -+} -+ -+ -+int crypto_ec_point_solve_y_coord(struct crypto_ec *e, -+ struct crypto_ec_point *p, -+ const struct crypto_bignum *x, int y_bit) -+{ -+ byte buf[MAX_ECC_BYTES + 1]; -+ int ret; -+ int prime_len = crypto_ec_prime_len(e); -+ -+ if (TEST_FAIL()) -+ return -1; -+ -+ buf[0] = 0x2 + (byte) y_bit; -+ ret = crypto_bignum_to_bin(x, buf + 1, prime_len, prime_len); -+ if (ret <= 0) -+ return -1; -+ ret = wc_ecc_import_point_der(buf, ret + 1, e->key.idx, -+ (ecc_point *) p); -+ if (ret != 0) -+ return -1; -+ -+ return 0; -+} -+ -+ -+struct crypto_bignum * -+crypto_ec_point_compute_y_sqr(struct crypto_ec *e, -+ const struct crypto_bignum *x) -+{ -+ mp_int *y2 = NULL; -+ mp_int t; -+ int calced = 0; -+ -+ if (TEST_FAIL()) -+ return NULL; -+ -+ if (mp_init(&t) != MP_OKAY) -+ return NULL; -+ -+ y2 = (mp_int *) crypto_bignum_init(); -+ if (!y2) -+ goto done; -+ -+ if (mp_sqrmod((mp_int *) x, &e->prime, y2) != 0 || -+ mp_mulmod((mp_int *) x, &t, &e->prime, y2) != 0 || -+ mp_mulmod((mp_int *) x, &e->a, &e->prime, &t) != 0 || -+ mp_addmod(y2, &t, &e->prime, y2) != 0 || -+ mp_addmod(y2, &e->b, &e->prime, y2) != 0) -+ goto done; -+ -+ calced = 1; -+done: -+ if (!calced) { -+ if (y2) { -+ mp_clear(y2); -+ os_free(y2); -+ } -+ mp_clear(&t); -+ } -+ -+ return (struct crypto_bignum *) y2; -+} -+ -+ -+int crypto_ec_point_is_at_infinity(struct crypto_ec *e, -+ const struct crypto_ec_point *p) -+{ -+ return wc_ecc_point_is_at_infinity((ecc_point *) p); -+} -+ -+ -+int crypto_ec_point_is_on_curve(struct crypto_ec *e, -+ const struct crypto_ec_point *p) -+{ -+ return wc_ecc_is_point((ecc_point *) p, &e->a, &e->b, &e->prime) == -+ MP_OKAY; -+} -+ -+ -+int crypto_ec_point_cmp(const struct crypto_ec *e, -+ const struct crypto_ec_point *a, -+ const struct crypto_ec_point *b) -+{ -+ return wc_ecc_cmp_point((ecc_point *) a, (ecc_point *) b); -+} -+ -+#endif /* CONFIG_ECC */ -diff --git a/src/crypto/fips_prf_wolfssl.c b/src/crypto/fips_prf_wolfssl.c -new file mode 100644 -index 0000000..1709932 ---- /dev/null -+++ b/src/crypto/fips_prf_wolfssl.c -@@ -0,0 +1,86 @@ -+/* -+ * FIPS 186-2 PRF for libcrypto -+ * Copyright (c) 2004-2017, Jouni Malinen -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ */ -+ -+#include "includes.h" -+#include -+ -+#include "common.h" -+#include "crypto.h" -+ -+ -+static void sha1_transform(u32 *state, const u8 data[64]) -+{ -+ Sha sha; -+ -+ os_memset(&sha, 0, sizeof(sha)); -+ sha.digest[0] = state[0]; -+ sha.digest[1] = state[1]; -+ sha.digest[2] = state[2]; -+ sha.digest[3] = state[3]; -+ sha.digest[4] = state[4]; -+ wc_ShaUpdate(&sha, data, 64); -+ state[0] = sha.digest[0]; -+ state[1] = sha.digest[1]; -+ state[2] = sha.digest[2]; -+ state[3] = sha.digest[3]; -+ state[4] = sha.digest[4]; -+} -+ -+ -+int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen) -+{ -+ u8 xkey[64]; -+ u32 t[5], _t[5]; -+ int i, j, m, k; -+ u8 *xpos = x; -+ u32 carry; -+ -+ if (seed_len < sizeof(xkey)) -+ os_memset(xkey + seed_len, 0, sizeof(xkey) - seed_len); -+ else -+ seed_len = sizeof(xkey); -+ -+ /* FIPS 186-2 + change notice 1 */ -+ -+ os_memcpy(xkey, seed, seed_len); -+ t[0] = 0x67452301; -+ t[1] = 0xEFCDAB89; -+ t[2] = 0x98BADCFE; -+ t[3] = 0x10325476; -+ t[4] = 0xC3D2E1F0; -+ -+ m = xlen / 40; -+ for (j = 0; j < m; j++) { -+ /* XSEED_j = 0 */ -+ for (i = 0; i < 2; i++) { -+ /* XVAL = (XKEY + XSEED_j) mod 2^b */ -+ -+ /* w_i = G(t, XVAL) */ -+ os_memcpy(_t, t, 20); -+ sha1_transform(_t, xkey); -+ WPA_PUT_BE32(xpos, _t[0]); -+ WPA_PUT_BE32(xpos + 4, _t[1]); -+ WPA_PUT_BE32(xpos + 8, _t[2]); -+ WPA_PUT_BE32(xpos + 12, _t[3]); -+ WPA_PUT_BE32(xpos + 16, _t[4]); -+ -+ /* XKEY = (1 + XKEY + w_i) mod 2^b */ -+ carry = 1; -+ for (k = 19; k >= 0; k--) { -+ carry += xkey[k] + xpos[k]; -+ xkey[k] = carry & 0xff; -+ carry >>= 8; -+ } -+ -+ xpos += 20; -+ } -+ /* x_j = w_0|w_1 */ -+ } -+ -+ return 0; -+} -diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c -new file mode 100644 -index 0000000..b7c452e ---- /dev/null -+++ b/src/crypto/tls_wolfssl.c -@@ -0,0 +1,2150 @@ -+/* -+ * SSL/TLS interface functions for wolfSSL TLS case -+ * Copyright (c) 2004-2017, Jouni Malinen -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ */ -+ -+#include "includes.h" -+ -+#include "common.h" -+#include "crypto.h" -+#include "tls.h" -+ -+#define OPENSSL_EXTRA -+#define HAVE_STUNNEL -+#define HAVE_SECRET_CALLBACK -+#define HAVE_SESSION_TICKET -+#define HAVE_OCSP -+#define HAVE_CERTIFICATE_STATUS_REQUEST -+#define HAVE_CERTIFICATE_STATUS_REQUEST_V2 -+#ifndef WOLFSSL_DER_LOAD -+#define WOLFSSL_DER_LOAD -+#endif -+#if 0 -+/* Enable if a debug build of wolfSSL is installed. */ -+#define DEBUG_WOLFSSL -+#endif -+ -+/* wolfSSL includes */ -+#include -+#include -+#include -+ -+#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) -+#define HAVE_AESGCM -+#include -+#endif -+ -+#if !defined(CONFIG_FIPS) && \ -+ (defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || \ -+ defined(EAP_SERVER_FAST)) -+#define WOLFSSL_NEED_EAP_FAST_PRF -+#endif -+ -+#define SECRET_LEN 48 -+#define RAN_LEN 32 -+#define SESSION_TICKET_LEN 256 -+ -+static int tls_ref_count = 0; -+ -+static int tls_ex_idx_session = 0; -+ -+ -+/* tls input data for wolfSSL Read Callback */ -+struct tls_in_data { -+ const struct wpabuf *in_data; -+ size_t consumed; /* how many bytes have we used already */ -+}; -+ -+/* tls output data for wolfSSL Write Callback */ -+struct tls_out_data { -+ struct wpabuf *out_data; -+}; -+ -+struct tls_context { -+ void (*event_cb)(void *ctx, enum tls_event ev, -+ union tls_event_data *data); -+ void *cb_ctx; -+ int cert_in_cb; -+ char *ocsp_stapling_response; -+}; -+ -+static struct tls_context *tls_global = NULL; -+ -+/* wolfssl tls_connection */ -+struct tls_connection { -+ struct tls_context *context; -+ WOLFSSL *ssl; -+ int read_alerts; -+ int write_alerts; -+ int failed; -+ struct tls_in_data input; -+ struct tls_out_data output; -+ char *subject_match; -+ char *alt_subject_match; -+ char *suffix_match; -+ char *domain_match; -+ -+ u8 srv_cert_hash[32]; -+ -+ unsigned char client_random[RAN_LEN]; -+ unsigned char server_random[RAN_LEN]; -+ unsigned int flags; -+#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) -+ tls_session_ticket_cb session_ticket_cb; -+ void *session_ticket_cb_ctx; -+ byte session_ticket[SESSION_TICKET_LEN]; -+#endif -+ unsigned int ca_cert_verify:1; -+ unsigned int cert_probe:1; -+ unsigned int server_cert_only:1; -+ unsigned int success_data:1; -+ -+ WOLFSSL_X509 *peer_cert; -+ WOLFSSL_X509 *peer_issuer; -+ WOLFSSL_X509 *peer_issuer_issuer; -+}; -+ -+ -+static struct tls_context * tls_context_new(const struct tls_config *conf) -+{ -+ struct tls_context *context = os_zalloc(sizeof(*context)); -+ -+ if (!context) -+ return NULL; -+ -+ if (conf) { -+ context->event_cb = conf->event_cb; -+ context->cb_ctx = conf->cb_ctx; -+ context->cert_in_cb = conf->cert_in_cb; -+ } -+ -+ return context; -+} -+ -+ -+static void wolfssl_reset_in_data(struct tls_in_data *in, -+ const struct wpabuf *buf) -+{ -+ /* old one not owned by us so don't free */ -+ in->in_data = buf; -+ in->consumed = 0; -+} -+ -+ -+static void wolfssl_reset_out_data(struct tls_out_data *out) -+{ -+ /* old one not owned by us so don't free */ -+ out->out_data = wpabuf_alloc_copy("", 0); -+} -+ -+ -+/* wolfSSL I/O Receive CallBack */ -+static int wolfssl_receive_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx) -+{ -+ size_t get = sz; -+ struct tls_in_data *data = ctx; -+ -+ if (!data) -+ return -1; -+ -+ if (get > (wpabuf_len(data->in_data) - data->consumed)) -+ get = wpabuf_len(data->in_data) - data->consumed; -+ -+ os_memcpy(buf, wpabuf_head(data->in_data) + data->consumed, get); -+ data->consumed += get; -+ -+ if (get == 0) -+ return -2; /* WANT_READ */ -+ -+ return (int) get; -+} -+ -+ -+/* wolfSSL I/O Send CallBack */ -+static int wolfssl_send_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx) -+{ -+ struct wpabuf *tmp; -+ struct tls_out_data *data = ctx; -+ -+ if (!data) -+ return -1; -+ -+ wpa_printf(MSG_DEBUG, "SSL: adding %d bytes", sz); -+ -+ tmp = wpabuf_alloc_copy(buf, sz); -+ if (!tmp) -+ return -1; -+ data->out_data = wpabuf_concat(data->out_data, tmp); -+ if (!data->out_data) -+ return -1; -+ -+ return sz; -+} -+ -+ -+static void remove_session_cb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess) -+{ -+ struct wpabuf *buf; -+ -+ buf = wolfSSL_SESSION_get_ex_data(sess, tls_ex_idx_session); -+ if (!buf) -+ return; -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Free application session data %p (sess %p)", -+ buf, sess); -+ wpabuf_free(buf); -+ -+ wolfSSL_SESSION_set_ex_data(sess, tls_ex_idx_session, NULL); -+} -+ -+ -+void * tls_init(const struct tls_config *conf) -+{ -+ WOLFSSL_CTX *ssl_ctx; -+ struct tls_context *context; -+ const char *ciphers; -+ -+#ifdef DEBUG_WOLFSSL -+ wolfSSL_Debugging_ON(); -+#endif /* DEBUG_WOLFSSL */ -+ -+ context = tls_context_new(conf); -+ if (!context) -+ return NULL; -+ -+ if (tls_ref_count == 0) { -+ tls_global = context; -+ -+ if (wolfSSL_Init() < 0) -+ return NULL; -+ /* wolfSSL_Debugging_ON(); */ -+ } -+ -+ tls_ref_count++; -+ -+ /* start as client */ -+ ssl_ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); -+ if (!ssl_ctx) { -+ tls_ref_count--; -+ if (context != tls_global) -+ os_free(context); -+ if (tls_ref_count == 0) { -+ os_free(tls_global); -+ tls_global = NULL; -+ } -+ } -+ wolfSSL_SetIORecv(ssl_ctx, wolfssl_receive_cb); -+ wolfSSL_SetIOSend(ssl_ctx, wolfssl_send_cb); -+ wolfSSL_CTX_set_ex_data(ssl_ctx, 0, context); -+ -+ if (conf->tls_session_lifetime > 0) { -+ wolfSSL_CTX_set_quiet_shutdown(ssl_ctx, 1); -+ wolfSSL_CTX_set_session_cache_mode(ssl_ctx, -+ SSL_SESS_CACHE_SERVER); -+ wolfSSL_CTX_set_timeout(ssl_ctx, conf->tls_session_lifetime); -+ wolfSSL_CTX_sess_set_remove_cb(ssl_ctx, remove_session_cb); -+ } else { -+ wolfSSL_CTX_set_session_cache_mode(ssl_ctx, -+ SSL_SESS_CACHE_CLIENT); -+ } -+ -+ if (conf && conf->openssl_ciphers) -+ ciphers = conf->openssl_ciphers; -+ else -+ ciphers = "ALL"; -+ if (wolfSSL_CTX_set_cipher_list(ssl_ctx, ciphers) != 1) { -+ wpa_printf(MSG_ERROR, -+ "wolfSSL: Failed to set cipher string '%s'", -+ ciphers); -+ tls_deinit(ssl_ctx); -+ return NULL; -+ } -+ -+ return ssl_ctx; -+} -+ -+ -+void tls_deinit(void *ssl_ctx) -+{ -+ struct tls_context *context = wolfSSL_CTX_get_ex_data(ssl_ctx, 0); -+ -+ if (context != tls_global) -+ os_free(context); -+ -+ wolfSSL_CTX_free((WOLFSSL_CTX *) ssl_ctx); -+ -+ tls_ref_count--; -+ if (tls_ref_count == 0) { -+ wolfSSL_Cleanup(); -+ os_free(tls_global); -+ tls_global = NULL; -+ } -+} -+ -+ -+int tls_get_errors(void *tls_ctx) -+{ -+#ifdef DEBUG_WOLFSSL -+#if 0 -+ unsigned long err; -+ -+ err = wolfSSL_ERR_peek_last_error_line(NULL, NULL); -+ if (err != 0) { -+ wpa_printf(MSG_INFO, "TLS - SSL error: %s", -+ wolfSSL_ERR_error_string(err, NULL)); -+ return 1; -+ } -+#endif -+#endif /* DEBUG_WOLFSSL */ -+ return 0; -+} -+ -+ -+struct tls_connection * tls_connection_init(void *tls_ctx) -+{ -+ WOLFSSL_CTX *ssl_ctx = tls_ctx; -+ struct tls_connection *conn; -+ -+ wpa_printf(MSG_DEBUG, "SSL: connection init"); -+ -+ conn = os_zalloc(sizeof(*conn)); -+ if (!conn) -+ return NULL; -+ conn->ssl = wolfSSL_new(ssl_ctx); -+ if (!conn->ssl) { -+ os_free(conn); -+ return NULL; -+ } -+ -+ wolfSSL_SetIOReadCtx(conn->ssl, &conn->input); -+ wolfSSL_SetIOWriteCtx(conn->ssl, &conn->output); -+ wolfSSL_set_ex_data(conn->ssl, 0, conn); -+ conn->context = wolfSSL_CTX_get_ex_data(ssl_ctx, 0); -+ -+ /* Need randoms post-hanshake for EAP-FAST, export key and deriving -+ * session ID in EAP methods. */ -+ wolfSSL_KeepArrays(conn->ssl); -+ wolfSSL_KeepHandshakeResources(conn->ssl); -+ wolfSSL_UseClientSuites(conn->ssl); -+ -+ return conn; -+} -+ -+ -+void tls_connection_deinit(void *tls_ctx, struct tls_connection *conn) -+{ -+ if (!conn) -+ return; -+ -+ wpa_printf(MSG_DEBUG, "SSL: connection deinit"); -+ -+ /* parts */ -+ wolfSSL_free(conn->ssl); -+ os_free(conn->subject_match); -+ os_free(conn->alt_subject_match); -+ os_free(conn->suffix_match); -+ os_free(conn->domain_match); -+ -+ /* self */ -+ os_free(conn); -+} -+ -+ -+int tls_connection_established(void *tls_ctx, struct tls_connection *conn) -+{ -+ return conn ? wolfSSL_is_init_finished(conn->ssl) : 0; -+} -+ -+ -+int tls_connection_shutdown(void *tls_ctx, struct tls_connection *conn) -+{ -+ WOLFSSL_SESSION *session; -+ -+ if (!conn) -+ return -1; -+ -+ wpa_printf(MSG_DEBUG, "SSL: connection shutdown"); -+ -+ /* Set quiet as OpenSSL does */ -+ wolfSSL_set_quiet_shutdown(conn->ssl, 1); -+ wolfSSL_shutdown(conn->ssl); -+ -+ session = wolfSSL_get_session(conn->ssl); -+ if (wolfSSL_clear(conn->ssl) != 1) -+ return -1; -+ wolfSSL_set_session(conn->ssl, session); -+ -+ return 0; -+} -+ -+ -+static int tls_connection_set_subject_match(struct tls_connection *conn, -+ const char *subject_match, -+ const char *alt_subject_match, -+ const char *suffix_match, -+ const char *domain_match) -+{ -+ os_free(conn->subject_match); -+ conn->subject_match = NULL; -+ if (subject_match) { -+ conn->subject_match = os_strdup(subject_match); -+ if (!conn->subject_match) -+ return -1; -+ } -+ -+ os_free(conn->alt_subject_match); -+ conn->alt_subject_match = NULL; -+ if (alt_subject_match) { -+ conn->alt_subject_match = os_strdup(alt_subject_match); -+ if (!conn->alt_subject_match) -+ return -1; -+ } -+ -+ os_free(conn->suffix_match); -+ conn->suffix_match = NULL; -+ if (suffix_match) { -+ conn->suffix_match = os_strdup(suffix_match); -+ if (!conn->suffix_match) -+ return -1; -+ } -+ -+ os_free(conn->domain_match); -+ conn->domain_match = NULL; -+ if (domain_match) { -+ conn->domain_match = os_strdup(domain_match); -+ if (!conn->domain_match) -+ return -1; -+ } -+ -+ return 0; -+} -+ -+ -+static int tls_connection_dh(struct tls_connection *conn, const char *dh_file, -+ const u8 *dh_blob, size_t blob_len) -+{ -+ if (!dh_file && !dh_blob) -+ return 0; -+ -+ wolfSSL_set_accept_state(conn->ssl); -+ -+ if (dh_blob) { -+ if (wolfSSL_SetTmpDH_buffer(conn->ssl, dh_blob, blob_len, -+ SSL_FILETYPE_ASN1) < 0) { -+ wpa_printf(MSG_INFO, "SSL: use DH DER blob failed"); -+ return -1; -+ } -+ wpa_printf(MSG_DEBUG, "SSL: use DH blob OK"); -+ return 0; -+ } -+ -+ if (dh_file) { -+ wpa_printf(MSG_INFO, "SSL: use DH PEM file: %s", dh_file); -+ if (wolfSSL_SetTmpDH_file(conn->ssl, dh_file, -+ SSL_FILETYPE_PEM) < 0) { -+ wpa_printf(MSG_INFO, "SSL: use DH PEM file failed"); -+ if (wolfSSL_SetTmpDH_file(conn->ssl, dh_file, -+ SSL_FILETYPE_ASN1) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: use DH DER file failed"); -+ return -1; -+ } -+ } -+ wpa_printf(MSG_DEBUG, "SSL: use DH file OK"); -+ return 0; -+ } -+ -+ return 0; -+} -+ -+ -+static int tls_connection_client_cert(struct tls_connection *conn, -+ const char *client_cert, -+ const u8 *client_cert_blob, -+ size_t blob_len) -+{ -+ if (!client_cert && !client_cert_blob) -+ return 0; -+ -+ if (client_cert_blob) { -+ if (wolfSSL_use_certificate_buffer(conn->ssl, client_cert_blob, -+ blob_len, -+ SSL_FILETYPE_ASN1) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: use client cert DER blob failed"); -+ return -1; -+ } -+ wpa_printf(MSG_DEBUG, "SSL: use client cert blob OK"); -+ return 0; -+ } -+ -+ if (client_cert) { -+ if (wolfSSL_use_certificate_file(conn->ssl, client_cert, -+ SSL_FILETYPE_PEM) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: use client cert PEM file failed"); -+ if (wolfSSL_use_certificate_file( -+ conn->ssl, client_cert, -+ SSL_FILETYPE_ASN1) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: use client cert DER file failed"); -+ return -1; -+ } -+ } -+ wpa_printf(MSG_DEBUG, "SSL: use client cert file OK"); -+ return 0; -+ } -+ -+ return 0; -+} -+ -+ -+static int tls_passwd_cb(char *buf, int size, int rwflag, void *password) -+{ -+ if (!password) -+ return 0; -+ os_strlcpy(buf, (char *) password, size); -+ return os_strlen(buf); -+} -+ -+ -+static int tls_connection_private_key(void *tls_ctx, -+ struct tls_connection *conn, -+ const char *private_key, -+ const char *private_key_passwd, -+ const u8 *private_key_blob, -+ size_t blob_len) -+{ -+ WOLFSSL_CTX *ctx = tls_ctx; -+ char *passwd = NULL; -+ int ok = 0; -+ -+ if (!private_key && !private_key_blob) -+ return 0; -+ -+ if (private_key_passwd) { -+ passwd = os_strdup(private_key_passwd); -+ if (!passwd) -+ return -1; -+ } -+ -+ wolfSSL_CTX_set_default_passwd_cb(ctx, tls_passwd_cb); -+ wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, passwd); -+ -+ if (private_key_blob) { -+ if (wolfSSL_use_PrivateKey_buffer(conn->ssl, -+ private_key_blob, blob_len, -+ SSL_FILETYPE_ASN1) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: use private DER blob failed"); -+ } else { -+ wpa_printf(MSG_DEBUG, "SSL: use private key blob OK"); -+ ok = 1; -+ } -+ } -+ -+ if (!ok && private_key) { -+ if (wolfSSL_use_PrivateKey_file(conn->ssl, private_key, -+ SSL_FILETYPE_PEM) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: use private key PEM file failed"); -+ if (wolfSSL_use_PrivateKey_file(conn->ssl, private_key, -+ SSL_FILETYPE_ASN1) < 0) -+ { -+ wpa_printf(MSG_INFO, -+ "SSL: use private key DER file failed"); -+ } else { -+ ok = 1; -+ } -+ } else { -+ ok = 1; -+ } -+ -+ if (ok) -+ wpa_printf(MSG_DEBUG, "SSL: use private key file OK"); -+ } -+ -+ wolfSSL_CTX_set_default_passwd_cb(ctx, NULL); -+ os_free(passwd); -+ -+ if (!ok) -+ return -1; -+ -+ return 0; -+} -+ -+ -+#define GEN_EMAIL 1 -+#define GEN_DNS ALT_NAMES_OID -+#define GEN_URI 6 -+ -+static int tls_match_alt_subject_component(WOLFSSL_X509 *cert, int type, -+ const char *value, size_t len) -+{ -+ WOLFSSL_ASN1_OBJECT *gen; -+ void *ext; -+ int found = 0; -+ int i; -+ -+ ext = wolfSSL_X509_get_ext_d2i(cert, ALT_NAMES_OID, NULL, NULL); -+ -+ for (i = 0; ext && i < wolfSSL_sk_num(ext); i++) { -+ gen = wolfSSL_sk_value(ext, i); -+ if (gen->type != type) -+ continue; -+ if (os_strlen((char *) gen->obj) == len && -+ os_memcmp(value, gen->obj, len) == 0) -+ found++; -+ } -+ -+ wolfSSL_sk_ASN1_OBJECT_free(ext); -+ -+ return found; -+} -+ -+ -+static int tls_match_alt_subject(WOLFSSL_X509 *cert, const char *match) -+{ -+ int type; -+ const char *pos, *end; -+ size_t len; -+ -+ pos = match; -+ do { -+ if (os_strncmp(pos, "EMAIL:", 6) == 0) { -+ type = GEN_EMAIL; -+ pos += 6; -+ } else if (os_strncmp(pos, "DNS:", 4) == 0) { -+ type = GEN_DNS; -+ pos += 4; -+ } else if (os_strncmp(pos, "URI:", 4) == 0) { -+ type = GEN_URI; -+ pos += 4; -+ } else { -+ wpa_printf(MSG_INFO, -+ "TLS: Invalid altSubjectName match '%s'", -+ pos); -+ return 0; -+ } -+ end = os_strchr(pos, ';'); -+ while (end) { -+ if (os_strncmp(end + 1, "EMAIL:", 6) == 0 || -+ os_strncmp(end + 1, "DNS:", 4) == 0 || -+ os_strncmp(end + 1, "URI:", 4) == 0) -+ break; -+ end = os_strchr(end + 1, ';'); -+ } -+ if (end) -+ len = end - pos; -+ else -+ len = os_strlen(pos); -+ if (tls_match_alt_subject_component(cert, type, pos, len) > 0) -+ return 1; -+ pos = end + 1; -+ } while (end); -+ -+ return 0; -+} -+ -+ -+static int domain_suffix_match(const char *val, size_t len, const char *match, -+ int full) -+{ -+ size_t i, match_len; -+ -+ /* Check for embedded nuls that could mess up suffix matching */ -+ for (i = 0; i < len; i++) { -+ if (val[i] == '\0') { -+ wpa_printf(MSG_DEBUG, -+ "TLS: Embedded null in a string - reject"); -+ return 0; -+ } -+ } -+ -+ match_len = os_strlen(match); -+ if (match_len > len || (full && match_len != len)) -+ return 0; -+ -+ if (os_strncasecmp(val + len - match_len, match, match_len) != 0) -+ return 0; /* no match */ -+ -+ if (match_len == len) -+ return 1; /* exact match */ -+ -+ if (val[len - match_len - 1] == '.') -+ return 1; /* full label match completes suffix match */ -+ -+ wpa_printf(MSG_DEBUG, "TLS: Reject due to incomplete label match"); -+ return 0; -+} -+ -+ -+static int tls_match_suffix(WOLFSSL_X509 *cert, const char *match, int full) -+{ -+ WOLFSSL_ASN1_OBJECT *gen; -+ void *ext; -+ int i; -+ int j; -+ int dns_name = 0; -+ WOLFSSL_X509_NAME *name; -+ -+ wpa_printf(MSG_DEBUG, "TLS: Match domain against %s%s", -+ full ? "" : "suffix ", match); -+ -+ ext = wolfSSL_X509_get_ext_d2i(cert, ALT_NAMES_OID, NULL, NULL); -+ -+ for (j = 0; ext && j < wolfSSL_sk_num(ext); j++) { -+ gen = wolfSSL_sk_value(ext, j); -+ if (gen->type != ALT_NAMES_OID) -+ continue; -+ dns_name++; -+ wpa_hexdump_ascii(MSG_DEBUG, "TLS: Certificate dNSName", -+ gen->obj, os_strlen((char *)gen->obj)); -+ if (domain_suffix_match((const char *) gen->obj, -+ os_strlen((char *) gen->obj), match, -+ full) == 1) { -+ wpa_printf(MSG_DEBUG, "TLS: %s in dNSName found", -+ full ? "Match" : "Suffix match"); -+ wolfSSL_sk_ASN1_OBJECT_free(ext); -+ return 1; -+ } -+ } -+ wolfSSL_sk_ASN1_OBJECT_free(ext); -+ -+ if (dns_name) { -+ wpa_printf(MSG_DEBUG, "TLS: None of the dNSName(s) matched"); -+ return 0; -+ } -+ -+ name = wolfSSL_X509_get_subject_name(cert); -+ i = -1; -+ for (;;) { -+ WOLFSSL_X509_NAME_ENTRY *e; -+ WOLFSSL_ASN1_STRING *cn; -+ -+ i = wolfSSL_X509_NAME_get_index_by_NID(name, ASN_COMMON_NAME, -+ i); -+ if (i == -1) -+ break; -+ e = wolfSSL_X509_NAME_get_entry(name, i); -+ if (!e) -+ continue; -+ cn = wolfSSL_X509_NAME_ENTRY_get_data(e); -+ if (!cn) -+ continue; -+ wpa_hexdump_ascii(MSG_DEBUG, "TLS: Certificate commonName", -+ cn->data, cn->length); -+ if (domain_suffix_match(cn->data, cn->length, match, full) == 1) -+ { -+ wpa_printf(MSG_DEBUG, "TLS: %s in commonName found", -+ full ? "Match" : "Suffix match"); -+ return 1; -+ } -+ } -+ -+ wpa_printf(MSG_DEBUG, "TLS: No CommonName %smatch found", -+ full ? "" : "suffix "); -+ return 0; -+} -+ -+ -+static enum tls_fail_reason wolfssl_tls_fail_reason(int err) -+{ -+ switch (err) { -+ case X509_V_ERR_CERT_REVOKED: -+ return TLS_FAIL_REVOKED; -+ case ASN_BEFORE_DATE_E: -+ case X509_V_ERR_CERT_NOT_YET_VALID: -+ case X509_V_ERR_CRL_NOT_YET_VALID: -+ return TLS_FAIL_NOT_YET_VALID; -+ case ASN_AFTER_DATE_E: -+ case X509_V_ERR_CERT_HAS_EXPIRED: -+ case X509_V_ERR_CRL_HAS_EXPIRED: -+ return TLS_FAIL_EXPIRED; -+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: -+ case X509_V_ERR_UNABLE_TO_GET_CRL: -+ case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: -+ case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: -+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: -+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: -+ case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: -+ case X509_V_ERR_CERT_CHAIN_TOO_LONG: -+ case X509_V_ERR_PATH_LENGTH_EXCEEDED: -+ case X509_V_ERR_INVALID_CA: -+ return TLS_FAIL_UNTRUSTED; -+ case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: -+ case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: -+ case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: -+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: -+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: -+ case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: -+ case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: -+ case X509_V_ERR_CERT_UNTRUSTED: -+ case X509_V_ERR_CERT_REJECTED: -+ return TLS_FAIL_BAD_CERTIFICATE; -+ default: -+ return TLS_FAIL_UNSPECIFIED; -+ } -+} -+ -+ -+static const char * wolfssl_tls_err_string(int err, const char *err_str) -+{ -+ switch (err) { -+ case ASN_BEFORE_DATE_E: -+ return "certificate is not yet valid"; -+ case ASN_AFTER_DATE_E: -+ return "certificate has expired"; -+ default: -+ return err_str; -+ } -+} -+ -+ -+static struct wpabuf * get_x509_cert(WOLFSSL_X509 *cert) -+{ -+ struct wpabuf *buf = NULL; -+ const u8 *data; -+ int cert_len; -+ -+ data = wolfSSL_X509_get_der(cert, &cert_len); -+ if (!data) -+ buf = wpabuf_alloc_copy(data, cert_len); -+ -+ return buf; -+} -+ -+ -+static void wolfssl_tls_fail_event(struct tls_connection *conn, -+ WOLFSSL_X509 *err_cert, int err, int depth, -+ const char *subject, const char *err_str, -+ enum tls_fail_reason reason) -+{ -+ union tls_event_data ev; -+ struct wpabuf *cert = NULL; -+ struct tls_context *context = conn->context; -+ -+ if (!context->event_cb) -+ return; -+ -+ cert = get_x509_cert(err_cert); -+ os_memset(&ev, 0, sizeof(ev)); -+ ev.cert_fail.reason = reason != TLS_FAIL_UNSPECIFIED ? -+ reason : wolfssl_tls_fail_reason(err); -+ ev.cert_fail.depth = depth; -+ ev.cert_fail.subject = subject; -+ ev.cert_fail.reason_txt = wolfssl_tls_err_string(err, err_str); -+ ev.cert_fail.cert = cert; -+ context->event_cb(context->cb_ctx, TLS_CERT_CHAIN_FAILURE, &ev); -+ wpabuf_free(cert); -+} -+ -+ -+static void wolfssl_tls_cert_event(struct tls_connection *conn, -+ WOLFSSL_X509 *err_cert, int depth, -+ const char *subject) -+{ -+ struct wpabuf *cert = NULL; -+ union tls_event_data ev; -+ struct tls_context *context = conn->context; -+ char *alt_subject[TLS_MAX_ALT_SUBJECT]; -+ int alt, num_alt_subject = 0; -+ WOLFSSL_ASN1_OBJECT *gen; -+ void *ext; -+ int i; -+#ifdef CONFIG_SHA256 -+ u8 hash[32]; -+#endif /* CONFIG_SHA256 */ -+ -+ if (!context->event_cb) -+ return; -+ -+ os_memset(&ev, 0, sizeof(ev)); -+ if (conn->cert_probe || (conn->flags & TLS_CONN_EXT_CERT_CHECK) || -+ context->cert_in_cb) { -+ cert = get_x509_cert(err_cert); -+ ev.peer_cert.cert = cert; -+ } -+ -+#ifdef CONFIG_SHA256 -+ if (cert) { -+ const u8 *addr[1]; -+ size_t len[1]; -+ -+ addr[0] = wpabuf_head(cert); -+ len[0] = wpabuf_len(cert); -+ if (sha256_vector(1, addr, len, hash) == 0) { -+ ev.peer_cert.hash = hash; -+ ev.peer_cert.hash_len = sizeof(hash); -+ } -+ } -+#endif /* CONFIG_SHA256 */ -+ -+ ev.peer_cert.depth = depth; -+ ev.peer_cert.subject = subject; -+ -+ ext = wolfSSL_X509_get_ext_d2i(err_cert, ALT_NAMES_OID, NULL, NULL); -+ for (i = 0; ext && i < wolfSSL_sk_num(ext); i++) { -+ char *pos; -+ -+ if (num_alt_subject == TLS_MAX_ALT_SUBJECT) -+ break; -+ gen = wolfSSL_sk_value((void *) ext, i); -+#if 0 -+ if (gen->type != GEN_EMAIL && -+ gen->type != GEN_DNS && -+ gen->type != GEN_URI) -+ continue; -+#endif -+ -+ pos = os_malloc(10 + os_strlen((char *) gen->obj) + 1); -+ if (!pos) -+ break; -+ alt_subject[num_alt_subject++] = pos; -+ -+#if 0 -+ switch (gen->type) { -+ case GEN_EMAIL: -+ os_memcpy(pos, "EMAIL:", 6); -+ pos += 6; -+ break; -+ case GEN_DNS: -+ os_memcpy(pos, "DNS:", 4); -+ pos += 4; -+ break; -+ case GEN_URI: -+ os_memcpy(pos, "URI:", 4); -+ pos += 4; -+ break; -+ } -+#else -+ os_memcpy(pos, "DNS:", 4); -+ pos += 4; -+#endif -+ -+ os_memcpy(pos, gen->obj, os_strlen((char *)gen->obj)); -+ pos += os_strlen((char *)gen->obj); -+ *pos = '\0'; -+ } -+ wolfSSL_sk_ASN1_OBJECT_free(ext); -+ -+ for (alt = 0; alt < num_alt_subject; alt++) -+ ev.peer_cert.altsubject[alt] = alt_subject[alt]; -+ ev.peer_cert.num_altsubject = num_alt_subject; -+ -+ context->event_cb(context->cb_ctx, TLS_PEER_CERTIFICATE, &ev); -+ wpabuf_free(cert); -+ for (alt = 0; alt < num_alt_subject; alt++) -+ os_free(alt_subject[alt]); -+} -+ -+ -+static int tls_verify_cb(int preverify_ok, WOLFSSL_X509_STORE_CTX *x509_ctx) -+{ -+ char buf[256]; -+ WOLFSSL_X509 *err_cert; -+ int err, depth; -+ WOLFSSL *ssl; -+ struct tls_connection *conn; -+ struct tls_context *context; -+ char *match, *altmatch, *suffix_match, *domain_match; -+ const char *err_str; -+ -+ err_cert = wolfSSL_X509_STORE_CTX_get_current_cert(x509_ctx); -+ if (!err_cert) { -+ wpa_printf(MSG_DEBUG, "wolfSSL: No Cert"); -+ return 0; -+ } -+ -+ err = wolfSSL_X509_STORE_CTX_get_error(x509_ctx); -+ depth = wolfSSL_X509_STORE_CTX_get_error_depth(x509_ctx); -+ ssl = wolfSSL_X509_STORE_CTX_get_ex_data( -+ x509_ctx, wolfSSL_get_ex_data_X509_STORE_CTX_idx()); -+ wolfSSL_X509_NAME_oneline(wolfSSL_X509_get_subject_name(err_cert), buf, -+ sizeof(buf)); -+ -+ conn = wolfSSL_get_ex_data(ssl, 0); -+ if (!conn) { -+ wpa_printf(MSG_DEBUG, "wolfSSL: No ex_data"); -+ return 0; -+ } -+ -+ if (depth == 0) -+ conn->peer_cert = err_cert; -+ else if (depth == 1) -+ conn->peer_issuer = err_cert; -+ else if (depth == 2) -+ conn->peer_issuer_issuer = err_cert; -+ -+ context = conn->context; -+ match = conn->subject_match; -+ altmatch = conn->alt_subject_match; -+ suffix_match = conn->suffix_match; -+ domain_match = conn->domain_match; -+ -+ if (!preverify_ok && !conn->ca_cert_verify) -+ preverify_ok = 1; -+ if (!preverify_ok && depth > 0 && conn->server_cert_only) -+ preverify_ok = 1; -+ if (!preverify_ok && (conn->flags & TLS_CONN_DISABLE_TIME_CHECKS) && -+ (err == X509_V_ERR_CERT_HAS_EXPIRED || -+ err == ASN_AFTER_DATE_E || err == ASN_BEFORE_DATE_E || -+ err == X509_V_ERR_CERT_NOT_YET_VALID)) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Ignore certificate validity time mismatch"); -+ preverify_ok = 1; -+ } -+ -+ err_str = wolfSSL_X509_verify_cert_error_string(err); -+ -+#ifdef CONFIG_SHA256 -+ /* -+ * Do not require preverify_ok so we can explicity allow otherwise -+ * invalid pinned server certificates. -+ */ -+ if (depth == 0 && conn->server_cert_only) { -+ struct wpabuf *cert; -+ -+ cert = get_x509_cert(err_cert); -+ if (!cert) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Could not fetch server certificate data"); -+ preverify_ok = 0; -+ } else { -+ u8 hash[32]; -+ const u8 *addr[1]; -+ size_t len[1]; -+ -+ addr[0] = wpabuf_head(cert); -+ len[0] = wpabuf_len(cert); -+ if (sha256_vector(1, addr, len, hash) < 0 || -+ os_memcmp(conn->srv_cert_hash, hash, 32) != 0) { -+ err_str = "Server certificate mismatch"; -+ err = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; -+ preverify_ok = 0; -+ } else if (!preverify_ok) { -+ /* -+ * Certificate matches pinned certificate, allow -+ * regardless of other problems. -+ */ -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Ignore validation issues for a pinned server certificate"); -+ preverify_ok = 1; -+ } -+ wpabuf_free(cert); -+ } -+ } -+#endif /* CONFIG_SHA256 */ -+ -+ if (!preverify_ok) { -+ wpa_printf(MSG_WARNING, -+ "TLS: Certificate verification failed, error %d (%s) depth %d for '%s'", -+ err, err_str, depth, buf); -+ wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, -+ err_str, TLS_FAIL_UNSPECIFIED); -+ return preverify_ok; -+ } -+ -+ wpa_printf(MSG_DEBUG, -+ "TLS: %s - preverify_ok=%d err=%d (%s) ca_cert_verify=%d depth=%d buf='%s'", -+ __func__, preverify_ok, err, err_str, -+ conn->ca_cert_verify, depth, buf); -+ if (depth == 0 && match && os_strstr(buf, match) == NULL) { -+ wpa_printf(MSG_WARNING, -+ "TLS: Subject '%s' did not match with '%s'", -+ buf, match); -+ preverify_ok = 0; -+ wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, -+ "Subject mismatch", -+ TLS_FAIL_SUBJECT_MISMATCH); -+ } else if (depth == 0 && altmatch && -+ !tls_match_alt_subject(err_cert, altmatch)) { -+ wpa_printf(MSG_WARNING, -+ "TLS: altSubjectName match '%s' not found", -+ altmatch); -+ preverify_ok = 0; -+ wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, -+ "AltSubject mismatch", -+ TLS_FAIL_ALTSUBJECT_MISMATCH); -+ } else if (depth == 0 && suffix_match && -+ !tls_match_suffix(err_cert, suffix_match, 0)) { -+ wpa_printf(MSG_WARNING, -+ "TLS: Domain suffix match '%s' not found", -+ suffix_match); -+ preverify_ok = 0; -+ wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, -+ "Domain suffix mismatch", -+ TLS_FAIL_DOMAIN_SUFFIX_MISMATCH); -+ } else if (depth == 0 && domain_match && -+ !tls_match_suffix(err_cert, domain_match, 1)) { -+ wpa_printf(MSG_WARNING, "TLS: Domain match '%s' not found", -+ domain_match); -+ preverify_ok = 0; -+ wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, -+ "Domain mismatch", -+ TLS_FAIL_DOMAIN_MISMATCH); -+ } else { -+ wolfssl_tls_cert_event(conn, err_cert, depth, buf); -+ } -+ -+ if (conn->cert_probe && preverify_ok && depth == 0) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Reject server certificate on probe-only run"); -+ preverify_ok = 0; -+ wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, -+ "Server certificate chain probe", -+ TLS_FAIL_SERVER_CHAIN_PROBE); -+ } -+ -+#ifdef HAVE_OCSP_OPENSSL -+ if (depth == 0 && (conn->flags & TLS_CONN_REQUEST_OCSP) && -+ preverify_ok) { -+ enum ocsp_result res; -+ -+ res = check_ocsp_resp(conn->ssl_ctx, conn->ssl, err_cert, -+ conn->peer_issuer, -+ conn->peer_issuer_issuer); -+ if (res == OCSP_REVOKED) { -+ preverify_ok = 0; -+ wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, -+ "certificate revoked", -+ TLS_FAIL_REVOKED); -+ if (err == X509_V_OK) -+ X509_STORE_CTX_set_error( -+ x509_ctx, X509_V_ERR_CERT_REVOKED); -+ } else if (res != OCSP_GOOD && -+ (conn->flags & TLS_CONN_REQUIRE_OCSP)) { -+ preverify_ok = 0; -+ wolfssl_tls_fail_event(conn, err_cert, err, depth, buf, -+ "bad certificate status response", -+ TLS_FAIL_UNSPECIFIED); -+ } -+ } -+#endif /* HAVE_OCSP */ -+ if (depth == 0 && preverify_ok && context->event_cb != NULL) -+ context->event_cb(context->cb_ctx, -+ TLS_CERT_CHAIN_SUCCESS, NULL); -+ -+ return preverify_ok; -+} -+ -+ -+static int tls_connection_ca_cert(void *tls_ctx, struct tls_connection *conn, -+ const char *ca_cert, -+ const u8 *ca_cert_blob, size_t blob_len, -+ const char *ca_path) -+{ -+ WOLFSSL_CTX *ctx = tls_ctx; -+ -+ wolfSSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb); -+ conn->ca_cert_verify = 1; -+ -+ if (ca_cert && os_strncmp(ca_cert, "probe://", 8) == 0) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Probe for server certificate chain"); -+ conn->cert_probe = 1; -+ conn->ca_cert_verify = 0; -+ return 0; -+ } -+ -+ if (ca_cert && os_strncmp(ca_cert, "hash://", 7) == 0) { -+#ifdef CONFIG_SHA256 -+ const char *pos = ca_cert + 7; -+ -+ if (os_strncmp(pos, "server/sha256/", 14) != 0) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Unsupported ca_cert hash value '%s'", -+ ca_cert); -+ return -1; -+ } -+ pos += 14; -+ if (os_strlen(pos) != 32 * 2) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Unexpected SHA256 hash length in ca_cert '%s'", -+ ca_cert); -+ return -1; -+ } -+ if (hexstr2bin(pos, conn->srv_cert_hash, 32) < 0) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Invalid SHA256 hash value in ca_cert '%s'", -+ ca_cert); -+ return -1; -+ } -+ conn->server_cert_only = 1; -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Checking only server certificate match"); -+ return 0; -+#else /* CONFIG_SHA256 */ -+ wpa_printf(MSG_INFO, -+ "No SHA256 included in the build - cannot validate server certificate hash"); -+ return -1; -+#endif /* CONFIG_SHA256 */ -+ } -+ -+ if (ca_cert_blob) { -+ if (wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_blob, blob_len, -+ SSL_FILETYPE_ASN1) != -+ SSL_SUCCESS) { -+ wpa_printf(MSG_INFO, "SSL: failed to load CA blob"); -+ return -1; -+ } -+ wpa_printf(MSG_DEBUG, "SSL: use CA cert blob OK"); -+ return 0; -+ } -+ -+ if (ca_cert || ca_path) { -+ WOLFSSL_X509_STORE *cm = wolfSSL_X509_STORE_new(); -+ -+ if (!cm) { -+ wpa_printf(MSG_INFO, -+ "SSL: failed to create certificate store"); -+ return -1; -+ } -+ wolfSSL_CTX_set_cert_store(ctx, cm); -+ XFREE(cm, NULL, DYNAMIC_TYPE_X509_STORE); -+ -+ if (wolfSSL_CTX_load_verify_locations(ctx, ca_cert, ca_path) != -+ SSL_SUCCESS) { -+ wpa_printf(MSG_INFO, -+ "SSL: failed to load ca_cert as PEM"); -+ -+ if (!ca_cert) -+ return -1; -+ -+ if (wolfSSL_CTX_der_load_verify_locations( -+ ctx, ca_cert, SSL_FILETYPE_ASN1) != -+ SSL_SUCCESS) { -+ wpa_printf(MSG_INFO, -+ "SSL: failed to load ca_cert as DER"); -+ return -1; -+ } -+ } -+ return 0; -+ } -+ -+ conn->ca_cert_verify = 0; -+ return 0; -+} -+ -+ -+static void tls_set_conn_flags(WOLFSSL *ssl, unsigned int flags) -+{ -+#ifdef HAVE_SESSION_TICKET -+#if 0 -+ if (!(flags & TLS_CONN_DISABLE_SESSION_TICKET)) -+ wolfSSL_UseSessionTicket(ssl); -+#endif -+#endif /* HAVE_SESSION_TICKET */ -+ -+ if (flags & TLS_CONN_DISABLE_TLSv1_0) -+ wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1); -+ if (flags & TLS_CONN_DISABLE_TLSv1_1) -+ wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1_1); -+ if (flags & TLS_CONN_DISABLE_TLSv1_2) -+ wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1_2); -+} -+ -+ -+int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, -+ const struct tls_connection_params *params) -+{ -+ wpa_printf(MSG_DEBUG, "SSL: set params"); -+ -+ if (tls_connection_set_subject_match(conn, params->subject_match, -+ params->altsubject_match, -+ params->suffix_match, -+ params->domain_match) < 0) { -+ wpa_printf(MSG_INFO, "Error setting subject match"); -+ return -1; -+ } -+ -+ if (tls_connection_ca_cert(tls_ctx, conn, params->ca_cert, -+ params->ca_cert_blob, -+ params->ca_cert_blob_len, -+ params->ca_path) < 0) { -+ wpa_printf(MSG_INFO, "Error setting CA cert"); -+ return -1; -+ } -+ -+ if (tls_connection_client_cert(conn, params->client_cert, -+ params->client_cert_blob, -+ params->client_cert_blob_len) < 0) { -+ wpa_printf(MSG_INFO, "Error setting client cert"); -+ return -1; -+ } -+ -+ if (tls_connection_private_key(tls_ctx, conn, params->private_key, -+ params->private_key_passwd, -+ params->private_key_blob, -+ params->private_key_blob_len) < 0) { -+ wpa_printf(MSG_INFO, "Error setting private key"); -+ return -1; -+ } -+ -+ if (tls_connection_dh(conn, params->dh_file, params->dh_blob, -+ params->dh_blob_len) < 0) { -+ wpa_printf(MSG_INFO, "Error setting DH"); -+ return -1; -+ } -+ -+ if (params->openssl_ciphers && -+ wolfSSL_set_cipher_list(conn->ssl, params->openssl_ciphers) != 1) { -+ wpa_printf(MSG_INFO, -+ "wolfSSL: Failed to set cipher string '%s'", -+ params->openssl_ciphers); -+ return -1; -+ } -+ -+ tls_set_conn_flags(conn->ssl, params->flags); -+ -+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST -+ if (params->flags & TLS_CONN_REQUEST_OCSP) { -+ if (wolfSSL_UseOCSPStapling(conn->ssl, WOLFSSL_CSR_OCSP, -+ WOLFSSL_CSR_OCSP_USE_NONCE) != -+ SSL_SUCCESS) -+ return -1; -+ wolfSSL_CTX_EnableOCSP(tls_ctx, 0); -+ } -+#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ -+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 -+ if (params->flags & TLS_CONN_REQUEST_OCSP) { -+ if (wolfSSL_UseOCSPStaplingV2(conn->ssl, -+ WOLFSSL_CSR2_OCSP_MULTI, 0) != -+ SSL_SUCCESS) -+ return -1; -+ wolfSSL_CTX_EnableOCSP(tls_ctx, 0); -+ } -+#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */ -+#if !defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \ -+ !defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) -+#ifdef HAVE_OCSP -+ if (params->flags & TLS_CONN_REQUEST_OCSP) -+ wolfSSL_CTX_EnableOCSP(ctx, 0); -+#else /* HAVE_OCSP */ -+ if (params->flags & TLS_CONN_REQUIRE_OCSP) { -+ wpa_printf(MSG_INFO, -+ "wolfSSL: No OCSP support included - reject configuration"); -+ return -1; -+ } -+ if (params->flags & TLS_CONN_REQUEST_OCSP) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: No OCSP support included - allow optional OCSP case to continue"); -+ } -+#endif /* HAVE_OCSP */ -+#endif /* !HAVE_CERTIFICATE_STATUS_REQUEST && -+ * !HAVE_CERTIFICATE_STATUS_REQUEST_V2 */ -+ -+ conn->flags = params->flags; -+ -+ return 0; -+} -+ -+ -+static int tls_global_ca_cert(void *ssl_ctx, const char *ca_cert) -+{ -+ WOLFSSL_CTX *ctx = ssl_ctx; -+ -+ if (ca_cert) { -+ if (wolfSSL_CTX_load_verify_locations(ctx, ca_cert, NULL) != 1) -+ { -+ wpa_printf(MSG_WARNING, -+ "Failed to load root certificates"); -+ return -1; -+ } -+ -+ wpa_printf(MSG_DEBUG, -+ "TLS: Trusted root certificate(s) loaded"); -+ } -+ -+ return 0; -+} -+ -+ -+static int tls_global_client_cert(void *ssl_ctx, const char *client_cert) -+{ -+ WOLFSSL_CTX *ctx = ssl_ctx; -+ -+ if (!client_cert) -+ return 0; -+ -+ if (wolfSSL_CTX_use_certificate_file(ctx, client_cert, -+ SSL_FILETYPE_ASN1) != -+ SSL_SUCCESS && -+ wolfSSL_CTX_use_certificate_file(ctx, client_cert, -+ SSL_FILETYPE_PEM) != SSL_SUCCESS) { -+ wpa_printf(MSG_INFO, "Failed to load client certificate"); -+ return -1; -+ } -+ -+ wpa_printf(MSG_DEBUG, "SSL: Loaded global client certificate: %s", -+ client_cert); -+ -+ return 0; -+} -+ -+ -+static int tls_global_private_key(void *ssl_ctx, const char *private_key, -+ const char *private_key_passwd) -+{ -+ WOLFSSL_CTX *ctx = ssl_ctx; -+ char *passwd = NULL; -+ int ret = 0; -+ -+ if (!private_key) -+ return 0; -+ -+ if (private_key_passwd) { -+ passwd = os_strdup(private_key_passwd); -+ if (!passwd) -+ return -1; -+ } -+ -+ wolfSSL_CTX_set_default_passwd_cb(ctx, tls_passwd_cb); -+ wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, passwd); -+ -+ if (wolfSSL_CTX_use_PrivateKey_file(ctx, private_key, -+ SSL_FILETYPE_ASN1) != 1 && -+ wolfSSL_CTX_use_PrivateKey_file(ctx, private_key, -+ SSL_FILETYPE_PEM) != 1) { -+ wpa_printf(MSG_INFO, "Failed to load private key"); -+ ret = -1; -+ } -+ -+ wpa_printf(MSG_DEBUG, "SSL: Loaded global private key"); -+ -+ os_free(passwd); -+ wolfSSL_CTX_set_default_passwd_cb(ctx, NULL); -+ -+ return ret; -+} -+ -+ -+static int tls_global_dh(void *ssl_ctx, const char *dh_file, -+ const u8 *dh_blob, size_t blob_len) -+{ -+ WOLFSSL_CTX *ctx = ssl_ctx; -+ -+ if (!dh_file && !dh_blob) -+ return 0; -+ -+ if (dh_blob) { -+ if (wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_blob, blob_len, -+ SSL_FILETYPE_ASN1) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: global use DH DER blob failed"); -+ return -1; -+ } -+ wpa_printf(MSG_DEBUG, "SSL: global use DH blob OK"); -+ return 0; -+ } -+ -+ if (dh_file) { -+ if (wolfSSL_CTX_SetTmpDH_file(ctx, dh_file, SSL_FILETYPE_PEM) < -+ 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: global use DH PEM file failed"); -+ if (wolfSSL_CTX_SetTmpDH_file(ctx, dh_file, -+ SSL_FILETYPE_ASN1) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: global use DH DER file failed"); -+ return -1; -+ } -+ } -+ wpa_printf(MSG_DEBUG, "SSL: global use DH file OK"); -+ return 0; -+ } -+ -+ return 0; -+} -+ -+ -+#ifdef HAVE_OCSP -+ -+int ocsp_status_cb(void *unused, const char *url, int url_sz, -+ unsigned char *request, int request_sz, -+ unsigned char **response) -+{ -+ size_t len; -+ -+ (void) unused; -+ -+ if (!url) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: OCSP status callback - no response configured"); -+ *response = NULL; -+ return 0; -+ } -+ -+ *response = (unsigned char *) os_readfile(url, &len); -+ if (!*response) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: OCSP status callback - could not read response file"); -+ return -1; -+ } -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: OCSP status callback - send cached response"); -+ return len; -+} -+ -+ -+void ocsp_resp_free_cb(void *ocsp_stapling_response, unsigned char *response) -+{ -+ os_free(response); -+} -+ -+#endif /* HAVE_OCSP */ -+ -+ -+int tls_global_set_params(void *tls_ctx, -+ const struct tls_connection_params *params) -+{ -+ wpa_printf(MSG_DEBUG, "SSL: global set params"); -+ -+ if (tls_global_ca_cert(tls_ctx, params->ca_cert) < 0) { -+ wpa_printf(MSG_INFO, "SSL: Failed to load ca cert file '%s'", -+ params->ca_cert); -+ return -1; -+ } -+ -+ if (tls_global_client_cert(tls_ctx, params->client_cert) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: Failed to load client cert file '%s'", -+ params->client_cert); -+ return -1; -+ } -+ -+ if (tls_global_private_key(tls_ctx, params->private_key, -+ params->private_key_passwd) < 0) { -+ wpa_printf(MSG_INFO, -+ "SSL: Failed to load private key file '%s'", -+ params->private_key); -+ return -1; -+ } -+ -+ if (tls_global_dh(tls_ctx, params->dh_file, params->dh_blob, -+ params->dh_blob_len) < 0) { -+ wpa_printf(MSG_INFO, "SSL: Failed to load DH file '%s'", -+ params->dh_file); -+ return -1; -+ } -+ -+ if (params->openssl_ciphers && -+ wolfSSL_CTX_set_cipher_list(tls_ctx, -+ params->openssl_ciphers) != 1) { -+ wpa_printf(MSG_INFO, -+ "wolfSSL: Failed to set cipher string '%s'", -+ params->openssl_ciphers); -+ return -1; -+ } -+ -+#ifdef HAVE_SESSION_TICKET -+ /* Session ticket is off by default - can't disable once on. */ -+ if (!(params->flags & TLS_CONN_DISABLE_SESSION_TICKET)) -+ wolfSSL_CTX_UseSessionTicket(tls_ctx); -+#endif /* HAVE_SESSION_TICKET */ -+ -+#ifdef HAVE_OCSP -+ if (params->ocsp_stapling_response) { -+ wolfSSL_CTX_SetOCSP_OverrideURL(tls_ctx, -+ params->ocsp_stapling_response); -+ wolfSSL_CTX_SetOCSP_Cb(tls_ctx, ocsp_status_cb, -+ ocsp_resp_free_cb, NULL); -+ } -+#endif /* HAVE_OCSP */ -+ -+ return 0; -+} -+ -+ -+int tls_global_set_verify(void *tls_ctx, int check_crl) -+{ -+ wpa_printf(MSG_DEBUG, "SSL: global set verify: %d", check_crl); -+ -+ if (check_crl) { -+ /* Hack to Enable CRLs. */ -+ wolfSSL_CTX_LoadCRLBuffer(tls_ctx, NULL, 0, SSL_FILETYPE_PEM); -+ } -+ -+ return 0; -+} -+ -+ -+int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn, -+ int verify_peer, unsigned int flags, -+ const u8 *session_ctx, size_t session_ctx_len) -+{ -+ if (!conn) -+ return -1; -+ -+ wpa_printf(MSG_DEBUG, "SSL: set verify: %d", verify_peer); -+ -+ if (verify_peer) { -+ conn->ca_cert_verify = 1; -+ wolfSSL_set_verify(conn->ssl, SSL_VERIFY_PEER | -+ SSL_VERIFY_FAIL_IF_NO_PEER_CERT, -+ tls_verify_cb); -+ } else { -+ conn->ca_cert_verify = 0; -+ wolfSSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL); -+ } -+ -+ wolfSSL_set_accept_state(conn->ssl); -+ -+ /* TODO: do we need to fake a session like OpenSSL does here? */ -+ -+ return 0; -+} -+ -+ -+static struct wpabuf * wolfssl_handshake(struct tls_connection *conn, -+ const struct wpabuf *in_data, -+ int server) -+{ -+ int res; -+ -+ wolfssl_reset_out_data(&conn->output); -+ -+ /* Initiate TLS handshake or continue the existing handshake */ -+ if (server) { -+ wolfSSL_set_accept_state(conn->ssl); -+ res = wolfSSL_accept(conn->ssl); -+ wpa_printf(MSG_DEBUG, "SSL: wolfSSL_accept: %d", res); -+ } else { -+ wolfSSL_set_connect_state(conn->ssl); -+ res = wolfSSL_connect(conn->ssl); -+ wpa_printf(MSG_DEBUG, "SSL: wolfSSL_connect: %d", res); -+ } -+ -+ if (res != 1) { -+ int err = wolfSSL_get_error(conn->ssl, res); -+ -+ if (err == SSL_ERROR_WANT_READ) { -+ wpa_printf(MSG_DEBUG, -+ "SSL: wolfSSL_connect - want more data"); -+ } else if (err == SSL_ERROR_WANT_WRITE) { -+ wpa_printf(MSG_DEBUG, -+ "SSL: wolfSSL_connect - want to write"); -+ } else { -+ char msg[80]; -+ -+ wpa_printf(MSG_DEBUG, -+ "SSL: wolfSSL_connect - failed %s", -+ wolfSSL_ERR_error_string(err, msg)); -+ conn->failed++; -+ } -+ } -+ -+ return conn->output.out_data; -+} -+ -+ -+static struct wpabuf * wolfssl_get_appl_data(struct tls_connection *conn, -+ size_t max_len) -+{ -+ int res; -+ struct wpabuf *appl_data = wpabuf_alloc(max_len + 100); -+ -+ if (!appl_data) -+ return NULL; -+ -+ res = wolfSSL_read(conn->ssl, wpabuf_mhead(appl_data), -+ wpabuf_size(appl_data)); -+ if (res < 0) { -+ int err = wolfSSL_get_error(conn->ssl, res); -+ -+ if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) { -+ wpa_printf(MSG_DEBUG, -+ "SSL: No Application Data included"); -+ } else { -+ char msg[80]; -+ -+ wpa_printf(MSG_DEBUG, -+ "Failed to read possible Application Data %s", -+ wolfSSL_ERR_error_string(err, msg)); -+ } -+ -+ wpabuf_free(appl_data); -+ return NULL; -+ } -+ -+ wpabuf_put(appl_data, res); -+ wpa_hexdump_buf_key(MSG_MSGDUMP, -+ "SSL: Application Data in Finished message", -+ appl_data); -+ return appl_data; -+} -+ -+ -+static struct wpabuf * -+wolfssl_connection_handshake(struct tls_connection *conn, -+ const struct wpabuf *in_data, -+ struct wpabuf **appl_data, int server) -+{ -+ struct wpabuf *out_data; -+ -+ wolfssl_reset_in_data(&conn->input, in_data); -+ -+ if (appl_data) -+ *appl_data = NULL; -+ -+ out_data = wolfssl_handshake(conn, in_data, server); -+ if (!out_data) -+ return NULL; -+ -+ if (wolfSSL_is_init_finished(conn->ssl)) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Handshake finished - resumed=%d", -+ tls_connection_resumed(NULL, conn)); -+ if (appl_data && in_data) -+ *appl_data = wolfssl_get_appl_data(conn, -+ wpabuf_len(in_data)); -+ } -+ -+ return out_data; -+} -+ -+ -+struct wpabuf * tls_connection_handshake(void *tls_ctx, -+ struct tls_connection *conn, -+ const struct wpabuf *in_data, -+ struct wpabuf **appl_data) -+{ -+ return wolfssl_connection_handshake(conn, in_data, appl_data, 0); -+} -+ -+ -+struct wpabuf * tls_connection_server_handshake(void *tls_ctx, -+ struct tls_connection *conn, -+ const struct wpabuf *in_data, -+ struct wpabuf **appl_data) -+{ -+ return wolfssl_connection_handshake(conn, in_data, appl_data, 1); -+} -+ -+ -+struct wpabuf * tls_connection_encrypt(void *tls_ctx, -+ struct tls_connection *conn, -+ const struct wpabuf *in_data) -+{ -+ int res; -+ -+ if (!conn) -+ return NULL; -+ -+ wpa_printf(MSG_DEBUG, "SSL: encrypt: %ld bytes", wpabuf_len(in_data)); -+ -+ wolfssl_reset_out_data(&conn->output); -+ -+ res = wolfSSL_write(conn->ssl, wpabuf_head(in_data), -+ wpabuf_len(in_data)); -+ if (res < 0) { -+ int err = wolfSSL_get_error(conn->ssl, res); -+ char msg[80]; -+ -+ wpa_printf(MSG_INFO, "Encryption failed - SSL_write: %s", -+ wolfSSL_ERR_error_string(err, msg)); -+ return NULL; -+ } -+ -+ return conn->output.out_data; -+} -+ -+ -+struct wpabuf * tls_connection_decrypt(void *tls_ctx, -+ struct tls_connection *conn, -+ const struct wpabuf *in_data) -+{ -+ int res; -+ struct wpabuf *buf; -+ -+ if (!conn) -+ return NULL; -+ -+ wpa_printf(MSG_DEBUG, "SSL: decrypt"); -+ -+ wolfssl_reset_in_data(&conn->input, in_data); -+ -+ /* Read decrypted data for further processing */ -+ /* -+ * Even though we try to disable TLS compression, it is possible that -+ * this cannot be done with all TLS libraries. Add extra buffer space -+ * to handle the possibility of the decrypted data being longer than -+ * input data. -+ */ -+ buf = wpabuf_alloc((wpabuf_len(in_data) + 500) * 3); -+ if (!buf) -+ return NULL; -+ res = wolfSSL_read(conn->ssl, wpabuf_mhead(buf), wpabuf_size(buf)); -+ if (res < 0) { -+ wpa_printf(MSG_INFO, "Decryption failed - SSL_read"); -+ wpabuf_free(buf); -+ return NULL; -+ } -+ wpabuf_put(buf, res); -+ -+ wpa_printf(MSG_DEBUG, "SSL: decrypt: %ld bytes", wpabuf_len(buf)); -+ -+ return buf; -+} -+ -+ -+int tls_connection_resumed(void *tls_ctx, struct tls_connection *conn) -+{ -+ return conn ? wolfSSL_session_reused(conn->ssl) : 0; -+} -+ -+ -+int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn, -+ u8 *ciphers) -+{ -+ char buf[128], *pos, *end; -+ u8 *c; -+ int ret; -+ -+ if (!conn || !conn->ssl || !ciphers) -+ return -1; -+ -+ buf[0] = '\0'; -+ pos = buf; -+ end = pos + sizeof(buf); -+ -+ c = ciphers; -+ while (*c != TLS_CIPHER_NONE) { -+ const char *suite; -+ -+ switch (*c) { -+ case TLS_CIPHER_RC4_SHA: -+ suite = "RC4-SHA"; -+ break; -+ case TLS_CIPHER_AES128_SHA: -+ suite = "AES128-SHA"; -+ break; -+ case TLS_CIPHER_RSA_DHE_AES128_SHA: -+ suite = "DHE-RSA-AES128-SHA"; -+ break; -+ case TLS_CIPHER_ANON_DH_AES128_SHA: -+ suite = "ADH-AES128-SHA"; -+ break; -+ case TLS_CIPHER_RSA_DHE_AES256_SHA: -+ suite = "DHE-RSA-AES256-SHA"; -+ break; -+ case TLS_CIPHER_AES256_SHA: -+ suite = "AES256-SHA"; -+ break; -+ default: -+ wpa_printf(MSG_DEBUG, -+ "TLS: Unsupported cipher selection: %d", *c); -+ return -1; -+ } -+ ret = os_snprintf(pos, end - pos, ":%s", suite); -+ if (os_snprintf_error(end - pos, ret)) -+ break; -+ pos += ret; -+ -+ c++; -+ } -+ -+ wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", buf + 1); -+ -+ if (wolfSSL_set_cipher_list(conn->ssl, buf + 1) != 1) { -+ wpa_printf(MSG_DEBUG, "Cipher suite configuration failed"); -+ return -1; -+ } -+ -+ return 0; -+} -+ -+ -+int tls_get_cipher(void *tls_ctx, struct tls_connection *conn, -+ char *buf, size_t buflen) -+{ -+ WOLFSSL_CIPHER *cipher; -+ const char *name; -+ -+ if (!conn || !conn->ssl) -+ return -1; -+ -+ cipher = wolfSSL_get_current_cipher(conn->ssl); -+ if (!cipher) -+ return -1; -+ -+ name = wolfSSL_CIPHER_get_name(cipher); -+ if (!name) -+ return -1; -+ -+ if (os_strcmp(name, "SSL_RSA_WITH_RC4_128_SHA") == 0) -+ os_strlcpy(buf, "RC4-SHA", buflen); -+ else if (os_strcmp(name, "TLS_RSA_WITH_AES_128_CBC_SHA") == 0) -+ os_strlcpy(buf, "AES128-SHA", buflen); -+ else if (os_strcmp(name, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA") == 0) -+ os_strlcpy(buf, "DHE-RSA-AES128-SHA", buflen); -+ else if (os_strcmp(name, "TLS_DH_anon_WITH_AES_128_CBC_SHA") == 0) -+ os_strlcpy(buf, "ADH-AES128-SHA", buflen); -+ else if (os_strcmp(name, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA") == 0) -+ os_strlcpy(buf, "DHE-RSA-AES256-SHA", buflen); -+ else if (os_strcmp(name, "TLS_RSA_WITH_AES_256_CBC_SHA") == 0) -+ os_strlcpy(buf, "AES256-SHA", buflen); -+ else -+ os_strlcpy(buf, name, buflen); -+ -+ return 0; -+} -+ -+ -+int tls_connection_enable_workaround(void *tls_ctx, -+ struct tls_connection *conn) -+{ -+ /* no empty fragments in wolfSSL for now */ -+ return 0; -+} -+ -+ -+int tls_connection_get_failed(void *tls_ctx, struct tls_connection *conn) -+{ -+ if (!conn) -+ return -1; -+ -+ return conn->failed; -+} -+ -+ -+int tls_connection_get_read_alerts(void *tls_ctx, struct tls_connection *conn) -+{ -+ if (!conn) -+ return -1; -+ -+ /* TODO: this is not incremented anywhere */ -+ return conn->read_alerts; -+} -+ -+ -+int tls_connection_get_write_alerts(void *tls_ctx, -+ struct tls_connection *conn) -+{ -+ if (!conn) -+ return -1; -+ -+ /* TODO: this is not incremented anywhere */ -+ return conn->write_alerts; -+} -+ -+ -+ -+int tls_get_library_version(char *buf, size_t buf_len) -+{ -+ return os_snprintf(buf, buf_len, "wolfSSL build=%s run=%s", -+ WOLFSSL_VERSION, wolfSSL_lib_version()); -+} -+ -+int tls_get_version(void *ssl_ctx, struct tls_connection *conn, -+ char *buf, size_t buflen) -+{ -+ const char *name; -+ -+ if (!conn || !conn->ssl) -+ return -1; -+ -+ name = wolfSSL_get_version(conn->ssl); -+ if (!name) -+ return -1; -+ -+ os_strlcpy(buf, name, buflen); -+ return 0; -+} -+ -+ -+int tls_connection_get_random(void *ssl_ctx, struct tls_connection *conn, -+ struct tls_random *keys) -+{ -+ WOLFSSL *ssl; -+ -+ if (!conn || !keys) -+ return -1; -+ ssl = conn->ssl; -+ if (!ssl) -+ return -1; -+ -+ os_memset(keys, 0, sizeof(*keys)); -+ keys->client_random = conn->client_random; -+ keys->client_random_len = wolfSSL_get_client_random( -+ ssl, conn->client_random, sizeof(conn->client_random)); -+ keys->server_random = conn->server_random; -+ keys->server_random_len = wolfSSL_get_server_random( -+ ssl, conn->server_random, sizeof(conn->server_random)); -+ -+ return 0; -+} -+ -+ -+int tls_connection_export_key(void *tls_ctx, struct tls_connection *conn, -+ const char *label, u8 *out, size_t out_len) -+{ -+ if (!conn || wolfSSL_make_eap_keys(conn->ssl, out, out_len, label) != 0) -+ return -1; -+ return 0; -+} -+ -+ -+int tls_connection_get_eap_fast_key(void *tls_ctx, struct tls_connection *conn, -+ u8 *out, size_t out_len) -+{ -+ int ret; -+ -+ if (!conn || !conn->ssl) -+ return -1; -+ -+ ret = wolfSSL_make_eap_keys(conn->ssl, out, out_len, "key expansion"); -+ if (ret != 0) -+ return -1; -+ return 0; -+} -+ -+ -+#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) -+ -+int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn, -+ int ext_type, const u8 *data, -+ size_t data_len) -+{ -+ (void) ssl_ctx; -+ -+ if (!conn || !conn->ssl || ext_type != 35) -+ return -1; -+ -+ if (wolfSSL_set_SessionTicket(conn->ssl, data, -+ (unsigned int) data_len) != 1) -+ return -1; -+ -+ return 0; -+} -+ -+ -+static int tls_sess_sec_cb(WOLFSSL *s, void *secret, int *secret_len, void *arg) -+{ -+ struct tls_connection *conn = arg; -+ int ret; -+ unsigned char client_random[RAN_LEN]; -+ unsigned char server_random[RAN_LEN]; -+ word32 ticket_len = sizeof(conn->session_ticket); -+ -+ if (!conn || !conn->session_ticket_cb) -+ return 1; -+ -+ if (wolfSSL_get_client_random(s, client_random, -+ sizeof(client_random)) == 0 || -+ wolfSSL_get_server_random(s, server_random, -+ sizeof(server_random)) == 0 || -+ wolfSSL_get_SessionTicket(s, conn->session_ticket, &ticketLen) != 1) -+ return 1; -+ -+ if (ticket_len == 0) -+ return 0; -+ -+ ret = conn->session_ticket_cb(conn->session_ticket_cb_ctx, -+ conn->session_ticket, ticketLen, -+ client_random, server_random, secret); -+ if (ret <= 0) -+ return 1; -+ -+ *secret_len = SECRET_LEN; -+ return 0; -+} -+ -+#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */ -+ -+ -+int tls_connection_set_session_ticket_cb(void *tls_ctx, -+ struct tls_connection *conn, -+ tls_session_ticket_cb cb, -+ void *ctx) -+{ -+#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) -+ conn->session_ticket_cb = cb; -+ conn->session_ticket_cb_ctx = ctx; -+ -+ if (cb) { -+ if (wolfSSL_set_session_secret_cb(conn->ssl, tls_sess_sec_cb, -+ conn) != 1) -+ return -1; -+ } else { -+ if (wolfSSL_set_session_secret_cb(conn->ssl, NULL, NULL) != 1) -+ return -1; -+ } -+ -+ return 0; -+#else /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */ -+ return -1; -+#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */ -+} -+ -+ -+void tls_connection_set_success_data_resumed(struct tls_connection *conn) -+{ -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Success data accepted for resumed session"); -+} -+ -+ -+void tls_connection_remove_session(struct tls_connection *conn) -+{ -+ WOLFSSL_SESSION *sess; -+ -+ sess = wolfSSL_get_session(conn->ssl); -+ if (!sess) -+ return; -+ -+ wolfSSL_SSL_SESSION_set_timeout(sess, 0); -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: Removed cached session to disable session resumption"); -+} -+ -+ -+void tls_connection_set_success_data(struct tls_connection *conn, -+ struct wpabuf *data) -+{ -+ WOLFSSL_SESSION *sess; -+ struct wpabuf *old; -+ -+ wpa_printf(MSG_DEBUG, "wolfSSL: Set success data"); -+ -+ sess = wolfSSL_get_session(conn->ssl); -+ if (!sess) { -+ wpa_printf(MSG_DEBUG, -+ "wolfSSL: No session found for success data"); -+ goto fail; -+ } -+ -+ old = wolfSSL_SESSION_get_ex_data(sess, tls_ex_idx_session); -+ if (old) { -+ wpa_printf(MSG_DEBUG, "wolfSSL: Replacing old success data %p", -+ old); -+ wpabuf_free(old); -+ } -+ if (wolfSSL_SESSION_set_ex_data(sess, tls_ex_idx_session, data) != 1) -+ goto fail; -+ -+ wpa_printf(MSG_DEBUG, "wolfSSL: Stored success data %p", data); -+ conn->success_data = 1; -+ return; -+ -+fail: -+ wpa_printf(MSG_INFO, "wolfSSL: Failed to store success data"); -+ wpabuf_free(data); -+} -+ -+ -+const struct wpabuf * -+tls_connection_get_success_data(struct tls_connection *conn) -+{ -+ WOLFSSL_SESSION *sess; -+ -+ wpa_printf(MSG_DEBUG, "wolfSSL: Get success data"); -+ -+ sess = wolfSSL_get_session(conn->ssl); -+ if (!sess) -+ return NULL; -+ return wolfSSL_SESSION_get_ex_data(sess, tls_ex_idx_session); -+} -diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile -index 4b531fe..d70189b 100644 ---- a/wpa_supplicant/Makefile -+++ b/wpa_supplicant/Makefile -@@ -666,6 +666,9 @@ endif - - ifdef CONFIG_EAP_PWD - CFLAGS += -DEAP_PWD -+ifeq ($(CONFIG_TLS), wolfssl) -+CFLAGS += -DCONFIG_ECC -+endif - OBJS += ../src/eap_peer/eap_pwd.o ../src/eap_common/eap_pwd_common.o - CONFIG_IEEE8021X_EAPOL=y - NEED_SHA256=y -@@ -998,6 +1001,20 @@ CFLAGS += -DCONFIG_TLSV12 - NEED_SHA256=y - endif - -+ifeq ($(CONFIG_TLS), wolfssl) -+ifdef TLS_FUNCS -+CFLAGS += -DWOLFSSL_DER_LOAD -I/usr/local/include/wolfssl -+OBJS += ../src/crypto/tls_wolfssl.o -+endif -+OBJS += ../src/crypto/crypto_wolfssl.o -+OBJS_p += ../src/crypto/crypto_wolfssl.o -+ifdef NEED_FIPS186_2_PRF -+OBJS += ../src/crypto/fips_prf_wolfssl.o -+endif -+LIBS += -lwolfssl -lm -+LIBS_p += -lwolfssl -lm -+endif -+ - ifeq ($(CONFIG_TLS), openssl) - ifdef TLS_FUNCS - CFLAGS += -DEAP_TLS_OPENSSL -@@ -1165,8 +1182,10 @@ AESOBJS += ../src/crypto/aes-internal.o ../src/crypto/aes-internal-dec.o - endif - - ifneq ($(CONFIG_TLS), openssl) -+ifneq ($(CONFIG_TLS), wolfssl) - NEED_INTERNAL_AES_WRAP=y - endif -+endif - ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP - # Seems to be needed at least with BoringSSL - NEED_INTERNAL_AES_WRAP=y -@@ -1196,9 +1215,11 @@ NEED_AES_ENC=y - ifdef CONFIG_OPENSSL_CMAC - CFLAGS += -DCONFIG_OPENSSL_CMAC - else -+ifneq ($(CONFIG_TLS), wolfssl) - AESOBJS += ../src/crypto/aes-omac1.o - endif - endif -+endif - ifdef NEED_AES_SIV - AESOBJS += ../src/crypto/aes-siv.o - endif -@@ -1211,9 +1232,11 @@ endif - ifdef NEED_AES_CBC - NEED_AES_ENC=y - ifneq ($(CONFIG_TLS), openssl) -+ifneq ($(CONFIG_TLS), wolfssl) - AESOBJS += ../src/crypto/aes-cbc.o - endif - endif -+endif - ifdef NEED_AES_ENC - ifdef CONFIG_INTERNAL_AES - AESOBJS += ../src/crypto/aes-internal-enc.o -@@ -1225,8 +1248,10 @@ endif - - ifdef NEED_SHA1 - ifneq ($(CONFIG_TLS), openssl) -+ifneq ($(CONFIG_TLS), wolfssl) - SHA1OBJS += ../src/crypto/sha1.o - endif -+endif - SHA1OBJS += ../src/crypto/sha1-prf.o - ifdef CONFIG_INTERNAL_SHA1 - SHA1OBJS += ../src/crypto/sha1-internal.o -@@ -1238,9 +1263,11 @@ ifdef CONFIG_NO_WPA_PASSPHRASE - CFLAGS += -DCONFIG_NO_PBKDF2 - else - ifneq ($(CONFIG_TLS), openssl) -+ifneq ($(CONFIG_TLS), wolfssl) - SHA1OBJS += ../src/crypto/sha1-pbkdf2.o - endif - endif -+endif - ifdef NEED_T_PRF - SHA1OBJS += ../src/crypto/sha1-tprf.o - endif -@@ -1251,9 +1278,11 @@ endif - - ifndef CONFIG_FIPS - ifneq ($(CONFIG_TLS), openssl) -+ifneq ($(CONFIG_TLS), wolfssl) - MD5OBJS += ../src/crypto/md5.o - endif - endif -+endif - ifdef NEED_MD5 - ifdef CONFIG_INTERNAL_MD5 - MD5OBJS += ../src/crypto/md5-internal.o -@@ -1271,6 +1300,9 @@ endif - - DESOBJS = # none needed when not internal - ifdef NEED_DES -+ifndef CONFIG_FIPS -+CFLAGS += -DCONFIG_DES -+endif - ifdef CONFIG_INTERNAL_DES - DESOBJS += ../src/crypto/des-internal.o - endif -@@ -1292,8 +1324,10 @@ SHA256OBJS = # none by default - ifdef NEED_SHA256 - CFLAGS += -DCONFIG_SHA256 - ifneq ($(CONFIG_TLS), openssl) -+ifneq ($(CONFIG_TLS), wolfssl) - SHA256OBJS += ../src/crypto/sha256.o - endif -+endif - SHA256OBJS += ../src/crypto/sha256-prf.o - ifdef CONFIG_INTERNAL_SHA256 - SHA256OBJS += ../src/crypto/sha256-internal.o -@@ -1512,9 +1546,11 @@ endif - ifdef CONFIG_FIPS - CFLAGS += -DCONFIG_FIPS - ifneq ($(CONFIG_TLS), openssl) -+ifneq ($(CONFIG_TLS), wolfssl) - $(error CONFIG_FIPS=y requires CONFIG_TLS=openssl) - endif - endif -+endif - - OBJS += $(SHA1OBJS) $(DESOBJS) - --- -1.8.3.1 - diff --git a/backport-Share-common-SAE-and-EAP-pwd-functionality-suitable-.patch b/backport-Share-common-SAE-and-EAP-pwd-functionality-suitable-.patch deleted file mode 100644 index c79c444d8535510c94aed63496a1d850bd810454..0000000000000000000000000000000000000000 --- a/backport-Share-common-SAE-and-EAP-pwd-functionality-suitable-.patch +++ /dev/null @@ -1,219 +0,0 @@ -From 2b84ca4dd96459b661b0ebaf40ec43074fc9f42c Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Thu, 25 Apr 2019 19:45:27 +0300 -Subject: Share common SAE and EAP-pwd functionality: suitable groups - -Start sharing common SAE and EAP-pwd functionality by adding a new -source code file that can be included into both. This first step is -bringing in a shared function to check whether a group is suitable. - -Signed-off-by: Jouni Malinen ---- - src/common/dragonfly.c | 27 +++++++++++++++++++++++++++ - src/common/dragonfly.h | 15 +++++++++++++++ - src/common/sae.c | 27 ++++++--------------------- - src/eap_common/eap_pwd_common.c | 9 ++------- - wpa_supplicant/Android.mk | 6 ++++++ - wpa_supplicant/Makefile | 6 ++++++ - 6 files changed, 62 insertions(+), 28 deletions(-) - create mode 100644 src/common/dragonfly.c - create mode 100644 src/common/dragonfly.h - -diff --git a/src/common/dragonfly.c b/src/common/dragonfly.c -new file mode 100644 -index 0000000..1e80404 ---- /dev/null -+++ b/src/common/dragonfly.c -@@ -0,0 +1,27 @@ -+/* -+ * Shared Dragonfly functionality -+ * Copyright (c) 2012-2016, Jouni Malinen -+ * Copyright (c) 2019, The Linux Foundation -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ */ -+ -+#include "utils/includes.h" -+ -+#include "utils/common.h" -+#include "dragonfly.h" -+ -+ -+int dragonfly_suitable_group(int group, int ecc_only) -+{ -+ /* Enforce REVmd rules on which SAE groups are suitable for production -+ * purposes: FFC groups whose prime is >= 3072 bits and ECC groups -+ * defined over a prime field whose prime is >= 256 bits. Furthermore, -+ * ECC groups defined over a characteristic 2 finite field and ECC -+ * groups with a co-factor greater than 1 are not suitable. */ -+ return group == 19 || group == 20 || group == 21 || -+ group == 28 || group == 29 || group == 30 || -+ (!ecc_only && -+ (group == 15 || group == 16 || group == 17 || group == 18)); -+} -diff --git a/src/common/dragonfly.h b/src/common/dragonfly.h -new file mode 100644 -index 0000000..9f3c428 ---- /dev/null -+++ b/src/common/dragonfly.h -@@ -0,0 +1,15 @@ -+/* -+ * Shared Dragonfly functionality -+ * Copyright (c) 2012-2016, Jouni Malinen -+ * Copyright (c) 2019, The Linux Foundation -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ */ -+ -+#ifndef DRAGONFLY_H -+#define DRAGONFLY_H -+ -+int dragonfly_suitable_group(int group, int ecc_only); -+ -+#endif /* DRAGONFLY_H */ -diff --git a/src/common/sae.c b/src/common/sae.c -index 5ef6c4c..b35821d 100644 ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -15,36 +15,21 @@ - #include "crypto/random.h" - #include "crypto/dh_groups.h" - #include "ieee802_11_defs.h" -+#include "dragonfly.h" - #include "sae.h" - --static int sae_suitable_group(int group) --{ --#ifdef CONFIG_TESTING_OPTIONS -- /* Allow all groups for testing purposes in non-production builds. */ -- return 1; --#else /* CONFIG_TESTING_OPTIONS */ -- /* Enforce REVmd rules on which SAE groups are suitable for production -- * purposes: FFC groups whose prime is >= 3072 bits and ECC groups -- * defined over a prime field whose prime is >= 256 bits. Furthermore, -- * ECC groups defined over a characteristic 2 finite field and ECC -- * groups with a co-factor greater than 1 are not suitable. Disable -- * groups that use Brainpool curves as well for now since they leak more -- * timing information due to the prime not being close to a power of -- * two. */ -- -- return group == 19 || group == 20 || group == 21 || -- group == 15 || group == 16 || group == 17 || group == 18; --#endif /* CONFIG_TESTING_OPTIONS */ --} -- - int sae_set_group(struct sae_data *sae, int group) - { - struct sae_temporary_data *tmp; - -- if (!sae_suitable_group(group)) { -+#ifdef CONFIG_TESTING_OPTIONS -+ /* Allow all groups for testing purposes in non-production builds. */ -+#else /* CONFIG_TESTING_OPTIONS */ -+ if (!dragonfly_suitable_group(group, 0)) { - wpa_printf(MSG_DEBUG, "SAE: Reject unsuitable group %d", group); - return -1; - } -+#endif /* CONFIG_TESTING_OPTIONS */ - - sae_clear_data(sae); - tmp = sae->tmp = os_zalloc(sizeof(*tmp)); -diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c -index bac2796..755aafb 100644 ---- a/src/eap_common/eap_pwd_common.c -+++ b/src/eap_common/eap_pwd_common.c -@@ -9,6 +9,7 @@ - #include "includes.h" - #include "common.h" - #include "utils/const_time.h" -+#include "common/dragonfly.h" - #include "crypto/sha256.h" - #include "crypto/crypto.h" - #include "eap_defs.h" -@@ -84,18 +85,12 @@ static int eap_pwd_kdf(const u8 *key, size_t keylen, const u8 *label, - return 0; - } - --static int eap_pwd_suitable_group(u16 num) --{ -- /* Do not allow ECC groups with prime under 256 bits based on guidance -- * for the similar design in SAE. */ -- return num == 19 || num == 20 || num == 21; --} - EAP_PWD_group * get_eap_pwd_group(u16 num) - { - EAP_PWD_group *grp; - - grp = os_zalloc(sizeof(EAP_PWD_group)); -- if (!eap_pwd_suitable_group(num)) { -+ if (!dragonfly_suitable_group(num, 1)) { - wpa_printf(MSG_INFO, "EAP-pwd: unsuitable group %u", num); - return NULL; - } -diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk -index 924ac07..aa5ac8c 100644 ---- a/wpa_supplicant/Android.mk -+++ b/wpa_supplicant/Android.mk -@@ -236,6 +236,7 @@ L_CFLAGS += -DCONFIG_SAE - OBJS += src/common/sae.c - NEED_ECC=y - NEED_DH_GROUPS=y -+NEED_DRAGONFLY=y - endif - - ifdef CONFIG_WNM -@@ -641,6 +642,7 @@ OBJS += src/eap_peer/eap_pwd.c src/eap_common/eap_pwd_common.c - CONFIG_IEEE8021X_EAPOL=y - NEED_SHA256=y - NEED_ECC=y -+NEED_DRAGONFLY=y - endif - - ifdef CONFIG_EAP_EKE -@@ -918,6 +920,10 @@ ifdef CONFIG_SMARTCARD - L_CFLAGS += -DCONFIG_SMARTCARD - endif - -+ifdef NEED_DRAGONFLY -+OBJS += src/common/dragonfly.c -+endif -+ - ifdef MS_FUNCS - OBJS += src/crypto/ms_funcs.c - NEED_DES=y -diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile -index d70189b..8fce344 100644 ---- a/wpa_supplicant/Makefile -+++ b/wpa_supplicant/Makefile -@@ -270,6 +270,7 @@ CFLAGS += -DCONFIG_SAE - OBJS += ../src/common/sae.o - NEED_ECC=y - NEED_DH_GROUPS=y -+NEED_DRAGONFLY=y - endif - - ifdef CONFIG_WNM -@@ -673,6 +674,7 @@ OBJS += ../src/eap_peer/eap_pwd.o ../src/eap_common/eap_pwd_common.o - CONFIG_IEEE8021X_EAPOL=y - NEED_SHA256=y - NEED_ECC=y -+NEED_DRAGONFLY=y - endif - - ifdef CONFIG_EAP_EKE -@@ -967,6 +969,10 @@ ifdef CONFIG_SMARTCARD - CFLAGS += -DCONFIG_SMARTCARD - endif - -+ifdef NEED_DRAGONFLY -+OBJS += ../src/common/dragonfly.o -+endif -+ - ifdef MS_FUNCS - OBJS += ../src/crypto/ms_funcs.o - NEED_DES=y --- -1.8.3.1 - diff --git a/macsec-0001-mka-Move-structs-transmit-receive-_-sa-sc-to-a-commo.patch b/macsec-0001-mka-Move-structs-transmit-receive-_-sa-sc-to-a-commo.patch deleted file mode 100644 index eac57ac2f05d97e884587240bb43899e6de8d15e..0000000000000000000000000000000000000000 --- a/macsec-0001-mka-Move-structs-transmit-receive-_-sa-sc-to-a-commo.patch +++ /dev/null @@ -1,237 +0,0 @@ -From f75f6e2b03fa5e807142a37039b0b613565eafa7 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Tue, 20 Sep 2016 09:43:04 +0200 -Subject: [PATCH] mka: Move structs {transmit,receive}_{sa,sc} to a common - header - -These structs will be passed down to macsec drivers in a coming patch to -make the driver interface cleaner, so they need to be shared between the -core MKA implementation and the drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 3 ++ - src/pae/ieee802_1x_kay.h | 82 +++++++++++++++++++++++++++++++++++++++++++ - src/pae/ieee802_1x_kay_i.h | 82 ------------------------------------------- - src/pae/ieee802_1x_secy_ops.h | 4 --- - 4 files changed, 85 insertions(+), 86 deletions(-) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index a449cc9..073219e 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -21,6 +21,9 @@ - - #include "common/defs.h" - #include "common/ieee802_11_defs.h" -+#ifdef CONFIG_MACSEC -+#include "pae/ieee802_1x_kay.h" -+#endif /* CONFIG_MACSEC */ - #include "utils/list.h" - - #define HOSTAPD_CHAN_DISABLED 0x00000001 -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index afbaa33..0361e1a 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -49,6 +49,88 @@ enum mka_created_mode { - EAP_EXCHANGE, - }; - -+struct data_key { -+ u8 *key; -+ int key_len; -+ struct ieee802_1x_mka_ki key_identifier; -+ enum confidentiality_offset confidentiality_offset; -+ u8 an; -+ Boolean transmits; -+ Boolean receives; -+ struct os_time created_time; -+ u32 next_pn; -+ -+ /* not defined data */ -+ Boolean rx_latest; -+ Boolean tx_latest; -+ -+ int user; /* FIXME: to indicate if it can be delete safely */ -+ -+ struct dl_list list; -+}; -+ -+/* TransmitSC in IEEE Std 802.1AE-2006, Figure 10-6 */ -+struct transmit_sc { -+ struct ieee802_1x_mka_sci sci; /* const SCI sci */ -+ Boolean transmitting; /* bool transmitting (read only) */ -+ -+ struct os_time created_time; /* Time createdTime */ -+ -+ u8 encoding_sa; /* AN encodingSA (read only) */ -+ u8 enciphering_sa; /* AN encipheringSA (read only) */ -+ -+ /* not defined data */ -+ unsigned int channel; -+ -+ struct dl_list list; -+ struct dl_list sa_list; -+}; -+ -+/* TransmitSA in IEEE Std 802.1AE-2006, Figure 10-6 */ -+struct transmit_sa { -+ Boolean in_use; /* bool inUse (read only) */ -+ u32 next_pn; /* PN nextPN (read only) */ -+ struct os_time created_time; /* Time createdTime */ -+ -+ Boolean enable_transmit; /* bool EnableTransmit */ -+ -+ u8 an; -+ Boolean confidentiality; -+ struct data_key *pkey; -+ -+ struct transmit_sc *sc; -+ struct dl_list list; /* list entry in struct transmit_sc::sa_list */ -+}; -+ -+/* ReceiveSC in IEEE Std 802.1AE-2006, Figure 10-6 */ -+struct receive_sc { -+ struct ieee802_1x_mka_sci sci; /* const SCI sci */ -+ Boolean receiving; /* bool receiving (read only) */ -+ -+ struct os_time created_time; /* Time createdTime */ -+ -+ unsigned int channel; -+ -+ struct dl_list list; -+ struct dl_list sa_list; -+}; -+ -+/* ReceiveSA in IEEE Std 802.1AE-2006, Figure 10-6 */ -+struct receive_sa { -+ Boolean enable_receive; /* bool enableReceive */ -+ Boolean in_use; /* bool inUse (read only) */ -+ -+ u32 next_pn; /* PN nextPN (read only) */ -+ u32 lowest_pn; /* PN lowestPN (read only) */ -+ u8 an; -+ struct os_time created_time; -+ -+ struct data_key *pkey; -+ struct receive_sc *sc; /* list entry in struct receive_sc::sa_list */ -+ -+ struct dl_list list; -+}; -+ - struct ieee802_1x_kay_ctx { - /* pointer to arbitrary upper level context */ - void *ctx; -diff --git a/src/pae/ieee802_1x_kay_i.h b/src/pae/ieee802_1x_kay_i.h -index 622282e..e3d7db4 100644 ---- a/src/pae/ieee802_1x_kay_i.h -+++ b/src/pae/ieee802_1x_kay_i.h -@@ -54,88 +54,6 @@ struct ieee802_1x_kay_peer { - struct dl_list list; - }; - --struct data_key { -- u8 *key; -- int key_len; -- struct ieee802_1x_mka_ki key_identifier; -- enum confidentiality_offset confidentiality_offset; -- u8 an; -- Boolean transmits; -- Boolean receives; -- struct os_time created_time; -- u32 next_pn; -- -- /* not defined data */ -- Boolean rx_latest; -- Boolean tx_latest; -- -- int user; /* FIXME: to indicate if it can be delete safely */ -- -- struct dl_list list; --}; -- --/* TransmitSC in IEEE Std 802.1AE-2006, Figure 10-6 */ --struct transmit_sc { -- struct ieee802_1x_mka_sci sci; /* const SCI sci */ -- Boolean transmitting; /* bool transmitting (read only) */ -- -- struct os_time created_time; /* Time createdTime */ -- -- u8 encoding_sa; /* AN encodingSA (read only) */ -- u8 enciphering_sa; /* AN encipheringSA (read only) */ -- -- /* not defined data */ -- unsigned int channel; -- -- struct dl_list list; -- struct dl_list sa_list; --}; -- --/* TransmitSA in IEEE Std 802.1AE-2006, Figure 10-6 */ --struct transmit_sa { -- Boolean in_use; /* bool inUse (read only) */ -- u32 next_pn; /* PN nextPN (read only) */ -- struct os_time created_time; /* Time createdTime */ -- -- Boolean enable_transmit; /* bool EnableTransmit */ -- -- u8 an; -- Boolean confidentiality; -- struct data_key *pkey; -- -- struct transmit_sc *sc; -- struct dl_list list; /* list entry in struct transmit_sc::sa_list */ --}; -- --/* ReceiveSC in IEEE Std 802.1AE-2006, Figure 10-6 */ --struct receive_sc { -- struct ieee802_1x_mka_sci sci; /* const SCI sci */ -- Boolean receiving; /* bool receiving (read only) */ -- -- struct os_time created_time; /* Time createdTime */ -- -- unsigned int channel; -- -- struct dl_list list; -- struct dl_list sa_list; --}; -- --/* ReceiveSA in IEEE Std 802.1AE-2006, Figure 10-6 */ --struct receive_sa { -- Boolean enable_receive; /* bool enableReceive */ -- Boolean in_use; /* bool inUse (read only) */ -- -- u32 next_pn; /* PN nextPN (read only) */ -- u32 lowest_pn; /* PN lowestPN (read only) */ -- u8 an; -- struct os_time created_time; -- -- struct data_key *pkey; -- struct receive_sc *sc; /* list entry in struct receive_sc::sa_list */ -- -- struct dl_list list; --}; -- - struct macsec_ciphersuite { - u64 id; - char name[32]; -diff --git a/src/pae/ieee802_1x_secy_ops.h b/src/pae/ieee802_1x_secy_ops.h -index f5057ee..120ca3c 100644 ---- a/src/pae/ieee802_1x_secy_ops.h -+++ b/src/pae/ieee802_1x_secy_ops.h -@@ -13,10 +13,6 @@ - #include "common/ieee802_1x_defs.h" - - struct ieee802_1x_kay_conf; --struct receive_sa; --struct transmit_sa; --struct receive_sc; --struct transmit_sc; - - int secy_init_macsec(struct ieee802_1x_kay *kay); - int secy_deinit_macsec(struct ieee802_1x_kay *kay); --- -2.7.4 - diff --git a/macsec-0002-mka-Pass-full-structures-down-to-macsec-drivers-pack.patch b/macsec-0002-mka-Pass-full-structures-down-to-macsec-drivers-pack.patch deleted file mode 100644 index beba8f2c1aeba1b832c24ff9d483effa77434c9b..0000000000000000000000000000000000000000 --- a/macsec-0002-mka-Pass-full-structures-down-to-macsec-drivers-pack.patch +++ /dev/null @@ -1,296 +0,0 @@ -From 7fa5eff8abbbff4f3385932175b080aad40bf211 Mon Sep 17 00:00:00 2001 -Message-Id: <7fa5eff8abbbff4f3385932175b080aad40bf211.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Tue, 20 Sep 2016 09:43:05 +0200 -Subject: [PATCH] mka: Pass full structures down to macsec drivers' packet - number ops - -Clean up the driver interface by passing pointers to structs transmit_sa -and receive_sa down the stack to get_receive_lowest_pn(), -get_transmit_next_pn(), and set_transmit_next_pn() ops, instead of -passing the individual arguments. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 21 ++++++--------------- - src/drivers/driver_macsec_qca.c | 33 ++++++++++++++++++--------------- - src/pae/ieee802_1x_kay.h | 8 +++----- - src/pae/ieee802_1x_secy_ops.c | 15 +++------------ - wpa_supplicant/driver_i.h | 18 ++++++------------ - wpa_supplicant/wpas_kay.c | 15 ++++++--------- - 6 files changed, 42 insertions(+), 68 deletions(-) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index 073219e..2c7ce6c 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -3336,35 +3336,26 @@ struct wpa_driver_ops { - /** - * get_receive_lowest_pn - Get receive lowest pn - * @priv: Private driver interface data -- * @channel: secure channel -- * @an: association number -- * @lowest_pn: lowest accept pn -+ * @sa: secure association - * Returns: 0 on success, -1 on failure (or if not supported) - */ -- int (*get_receive_lowest_pn)(void *priv, u32 channel, u8 an, -- u32 *lowest_pn); -+ int (*get_receive_lowest_pn)(void *priv, struct receive_sa *sa); - - /** - * get_transmit_next_pn - Get transmit next pn - * @priv: Private driver interface data -- * @channel: secure channel -- * @an: association number -- * @next_pn: next pn -+ * @sa: secure association - * Returns: 0 on success, -1 on failure (or if not supported) - */ -- int (*get_transmit_next_pn)(void *priv, u32 channel, u8 an, -- u32 *next_pn); -+ int (*get_transmit_next_pn)(void *priv, struct transmit_sa *sa); - - /** - * set_transmit_next_pn - Set transmit next pn - * @priv: Private driver interface data -- * @channel: secure channel -- * @an: association number -- * @next_pn: next pn -+ * @sa: secure association - * Returns: 0 on success, -1 on failure (or if not supported) - */ -- int (*set_transmit_next_pn)(void *priv, u32 channel, u8 an, -- u32 next_pn); -+ int (*set_transmit_next_pn)(void *priv, struct transmit_sa *sa); - - /** - * get_available_receive_sc - get available receive channel -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 826d3cc..95f1e27 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -29,6 +29,7 @@ - #include "utils/eloop.h" - #include "common/defs.h" - #include "common/ieee802_1x_defs.h" -+#include "pae/ieee802_1x_kay.h" - #include "driver.h" - - #include "nss_macsec_secy.h" -@@ -515,16 +516,16 @@ static int macsec_qca_enable_controlled_port(void *priv, Boolean enabled) - } - - --static int macsec_qca_get_receive_lowest_pn(void *priv, u32 channel, u8 an, -- u32 *lowest_pn) -+static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; - u32 next_pn = 0; - bool enabled = FALSE; - u32 win; -+ u32 channel = sa->sc->channel; - -- ret += nss_macsec_secy_rx_sa_next_pn_get(drv->secy_id, channel, an, -+ ret += nss_macsec_secy_rx_sa_next_pn_get(drv->secy_id, channel, sa->an, - &next_pn); - ret += nss_macsec_secy_rx_sc_replay_protect_get(drv->secy_id, channel, - &enabled); -@@ -532,40 +533,42 @@ static int macsec_qca_get_receive_lowest_pn(void *priv, u32 channel, u8 an, - channel, &win); - - if (enabled) -- *lowest_pn = (next_pn > win) ? (next_pn - win) : 1; -+ sa->lowest_pn = (next_pn > win) ? (next_pn - win) : 1; - else -- *lowest_pn = next_pn; -+ sa->lowest_pn = next_pn; - -- wpa_printf(MSG_DEBUG, "%s: lpn=0x%x", __func__, *lowest_pn); -+ wpa_printf(MSG_DEBUG, "%s: lpn=0x%x", __func__, sa->lowest_pn); - - return ret; - } - - --static int macsec_qca_get_transmit_next_pn(void *priv, u32 channel, u8 an, -- u32 *next_pn) -+static int macsec_qca_get_transmit_next_pn(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; -+ u32 channel = sa->sc->channel; - -- ret += nss_macsec_secy_tx_sa_next_pn_get(drv->secy_id, channel, an, -- next_pn); -+ ret += nss_macsec_secy_tx_sa_next_pn_get(drv->secy_id, channel, sa->an, -+ &sa->next_pn); - -- wpa_printf(MSG_DEBUG, "%s: npn=0x%x", __func__, *next_pn); -+ wpa_printf(MSG_DEBUG, "%s: npn=0x%x", __func__, sa->next_pn); - - return ret; - } - - --int macsec_qca_set_transmit_next_pn(void *priv, u32 channel, u8 an, u32 next_pn) -+int macsec_qca_set_transmit_next_pn(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; -+ u32 channel = sa->sc->channel; - -- ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, an, -- next_pn); - -- wpa_printf(MSG_INFO, "%s: npn=0x%x", __func__, next_pn); -+ ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, sa->an, -+ sa->next_pn); -+ -+ wpa_printf(MSG_INFO, "%s: npn=0x%x", __func__, sa->next_pn); - - return ret; - } -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index 0361e1a..a747b11 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -142,11 +142,9 @@ struct ieee802_1x_kay_ctx { - int (*set_replay_protect)(void *ctx, Boolean enabled, u32 window); - int (*set_current_cipher_suite)(void *ctx, u64 cs); - int (*enable_controlled_port)(void *ctx, Boolean enabled); -- int (*get_receive_lowest_pn)(void *ctx, u32 channel, u8 an, -- u32 *lowest_pn); -- int (*get_transmit_next_pn)(void *ctx, u32 channel, u8 an, -- u32 *next_pn); -- int (*set_transmit_next_pn)(void *ctx, u32 channel, u8 an, u32 next_pn); -+ int (*get_receive_lowest_pn)(void *ctx, struct receive_sa *sa); -+ int (*get_transmit_next_pn)(void *ctx, struct transmit_sa *sa); -+ int (*set_transmit_next_pn)(void *ctx, struct transmit_sa *sa); - int (*get_available_receive_sc)(void *ctx, u32 *channel); - int (*create_receive_sc)(void *ctx, u32 channel, - struct ieee802_1x_mka_sci *sci, -diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c -index 2d12911..d05e00f 100644 ---- a/src/pae/ieee802_1x_secy_ops.c -+++ b/src/pae/ieee802_1x_secy_ops.c -@@ -130,10 +130,7 @@ int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay, - return -1; - } - -- return ops->get_receive_lowest_pn(ops->ctx, -- rxsa->sc->channel, -- rxsa->an, -- &rxsa->lowest_pn); -+ return ops->get_receive_lowest_pn(ops->ctx, rxsa); - } - - -@@ -154,10 +151,7 @@ int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay, - return -1; - } - -- return ops->get_transmit_next_pn(ops->ctx, -- txsa->sc->channel, -- txsa->an, -- &txsa->next_pn); -+ return ops->get_transmit_next_pn(ops->ctx, txsa); - } - - -@@ -178,10 +172,7 @@ int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay, - return -1; - } - -- return ops->set_transmit_next_pn(ops->ctx, -- txsa->sc->channel, -- txsa->an, -- txsa->next_pn); -+ return ops->set_transmit_next_pn(ops->ctx, txsa); - } - - -diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h -index 220b7ba..639bb83 100644 ---- a/wpa_supplicant/driver_i.h -+++ b/wpa_supplicant/driver_i.h -@@ -749,33 +749,27 @@ static inline int wpa_drv_enable_controlled_port(struct wpa_supplicant *wpa_s, - } - - static inline int wpa_drv_get_receive_lowest_pn(struct wpa_supplicant *wpa_s, -- u32 channel, u8 an, -- u32 *lowest_pn) -+ struct receive_sa *sa) - { - if (!wpa_s->driver->get_receive_lowest_pn) - return -1; -- return wpa_s->driver->get_receive_lowest_pn(wpa_s->drv_priv, channel, -- an, lowest_pn); -+ return wpa_s->driver->get_receive_lowest_pn(wpa_s->drv_priv, sa); - } - - static inline int wpa_drv_get_transmit_next_pn(struct wpa_supplicant *wpa_s, -- u32 channel, u8 an, -- u32 *next_pn) -+ struct transmit_sa *sa) - { - if (!wpa_s->driver->get_transmit_next_pn) - return -1; -- return wpa_s->driver->get_transmit_next_pn(wpa_s->drv_priv, channel, -- an, next_pn); -+ return wpa_s->driver->get_transmit_next_pn(wpa_s->drv_priv, sa); - } - - static inline int wpa_drv_set_transmit_next_pn(struct wpa_supplicant *wpa_s, -- u32 channel, u8 an, -- u32 next_pn) -+ struct transmit_sa *sa) - { - if (!wpa_s->driver->set_transmit_next_pn) - return -1; -- return wpa_s->driver->set_transmit_next_pn(wpa_s->drv_priv, channel, -- an, next_pn); -+ return wpa_s->driver->set_transmit_next_pn(wpa_s->drv_priv, sa); - } - - static inline int wpa_drv_get_available_receive_sc(struct wpa_supplicant *wpa_s, -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index d6ec8c5..306d9f1 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -62,24 +62,21 @@ static int wpas_enable_controlled_port(void *wpa_s, Boolean enabled) - } - - --static int wpas_get_receive_lowest_pn(void *wpa_s, u32 channel, -- u8 an, u32 *lowest_pn) -+static int wpas_get_receive_lowest_pn(void *wpa_s, struct receive_sa *sa) - { -- return wpa_drv_get_receive_lowest_pn(wpa_s, channel, an, lowest_pn); -+ return wpa_drv_get_receive_lowest_pn(wpa_s, sa); - } - - --static int wpas_get_transmit_next_pn(void *wpa_s, u32 channel, -- u8 an, u32 *next_pn) -+static int wpas_get_transmit_next_pn(void *wpa_s, struct transmit_sa *sa) - { -- return wpa_drv_get_transmit_next_pn(wpa_s, channel, an, next_pn); -+ return wpa_drv_get_transmit_next_pn(wpa_s, sa); - } - - --static int wpas_set_transmit_next_pn(void *wpa_s, u32 channel, -- u8 an, u32 next_pn) -+static int wpas_set_transmit_next_pn(void *wpa_s, struct transmit_sa *sa) - { -- return wpa_drv_set_transmit_next_pn(wpa_s, channel, an, next_pn); -+ return wpa_drv_set_transmit_next_pn(wpa_s, sa); - } - - --- -2.7.4 - diff --git a/macsec-0003-mka-Pass-full-structures-down-to-macsec-drivers-tran.patch b/macsec-0003-mka-Pass-full-structures-down-to-macsec-drivers-tran.patch deleted file mode 100644 index 1878f408c0a2be88a6d3e1ab8974fd86362c1c65..0000000000000000000000000000000000000000 --- a/macsec-0003-mka-Pass-full-structures-down-to-macsec-drivers-tran.patch +++ /dev/null @@ -1,290 +0,0 @@ -From 909c1b9835ecc9c115980e9827a9313c17dab22b Mon Sep 17 00:00:00 2001 -Message-Id: <909c1b9835ecc9c115980e9827a9313c17dab22b.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Tue, 20 Sep 2016 09:43:07 +0200 -Subject: [PATCH] mka: Pass full structures down to macsec drivers' transmit SA - ops - -Clean up the driver interface by passing pointers to struct transmit_sa -down the stack to the {create,enable,disable}_transmit_sa ops, instead -of passing the individual properties of the SA. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 20 ++++++-------------- - src/drivers/driver_macsec_qca.c | 39 +++++++++++++++++++++++---------------- - src/pae/ieee802_1x_kay.h | 7 +++---- - src/pae/ieee802_1x_secy_ops.c | 8 +++----- - wpa_supplicant/driver_i.h | 16 ++++++---------- - wpa_supplicant/wpas_kay.c | 15 ++++++--------- - 6 files changed, 47 insertions(+), 58 deletions(-) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index 2c7ce6c..bb2d1d2 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -3448,34 +3448,26 @@ struct wpa_driver_ops { - /** - * create_transmit_sa - create secure association for transmit - * @priv: private driver interface data from init() -- * @channel: secure channel index -- * @an: association number -- * @next_pn: the packet number used as next transmit packet -- * @confidentiality: True if the SA is to provide confidentiality -- * as well as integrity -- * @sak: the secure association key -+ * @sa: secure association - * Returns: 0 on success, -1 on failure - */ -- int (*create_transmit_sa)(void *priv, u32 channel, u8 an, u32 next_pn, -- Boolean confidentiality, const u8 *sak); -+ int (*create_transmit_sa)(void *priv, struct transmit_sa *sa); - - /** - * enable_transmit_sa - enable SA for transmit - * @priv: private driver interface data from init() -- * @channel: secure channel -- * @an: association number -+ * @sa: secure association - * Returns: 0 on success, -1 on failure - */ -- int (*enable_transmit_sa)(void *priv, u32 channel, u8 an); -+ int (*enable_transmit_sa)(void *priv, struct transmit_sa *sa); - - /** - * disable_transmit_sa - disable SA for transmit - * @priv: private driver interface data from init() -- * @channel: secure channel -- * @an: association number -+ * @sa: secure association - * Returns: 0 on success, -1 on failure - */ -- int (*disable_transmit_sa)(void *priv, u32 channel, u8 an); -+ int (*disable_transmit_sa)(void *priv, struct transmit_sa *sa); - #endif /* CONFIG_MACSEC */ - - /** -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 95f1e27..9bfc9a4 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -794,19 +794,18 @@ static int macsec_qca_delete_transmit_sc(void *priv, u32 channel) - } - - --static int macsec_qca_create_transmit_sa(void *priv, u32 channel, u8 an, -- u32 next_pn, Boolean confidentiality, -- const u8 *sak) -+static int macsec_qca_create_transmit_sa(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; - u8 tci = 0; - fal_tx_sak_t tx_sak; - int i; -+ u32 channel = sa->sc->channel; - - wpa_printf(MSG_DEBUG, - "%s: channel=%d, an=%d, next_pn=0x%x, confidentiality=%d", -- __func__, channel, an, next_pn, confidentiality); -+ __func__, channel, sa->an, sa->next_pn, sa->confidentiality); - - if (drv->always_include_sci) - tci |= TCI_SC; -@@ -815,45 +814,53 @@ static int macsec_qca_create_transmit_sa(void *priv, u32 channel, u8 an, - else if (drv->use_scb) - tci |= TCI_SCB; - -- if (confidentiality) -+ if (sa->confidentiality) - tci |= TCI_E | TCI_C; - - os_memset(&tx_sak, 0, sizeof(tx_sak)); - for (i = 0; i < 16; i++) -- tx_sak.sak[i] = sak[15 - i]; -+ tx_sak.sak[i] = sa->pkey->key[15 - i]; - -- ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, an, -- next_pn); -- ret += nss_macsec_secy_tx_sak_set(drv->secy_id, channel, an, &tx_sak); -+ ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, sa->an, -+ sa->next_pn); -+ ret += nss_macsec_secy_tx_sak_set(drv->secy_id, channel, sa->an, -+ &tx_sak); - ret += nss_macsec_secy_tx_sc_tci_7_2_set(drv->secy_id, channel, - (tci >> 2)); -- ret += nss_macsec_secy_tx_sc_an_set(drv->secy_id, channel, an); -+ ret += nss_macsec_secy_tx_sc_an_set(drv->secy_id, channel, sa->an); - - return ret; - } - - --static int macsec_qca_enable_transmit_sa(void *priv, u32 channel, u8 an) -+static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; -+ u32 channel = sa->sc->channel; - -- wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, an); - -- ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, an, TRUE); -+ wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, -+ sa->an); -+ -+ ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, sa->an, -+ TRUE); - - return ret; - } - - --static int macsec_qca_disable_transmit_sa(void *priv, u32 channel, u8 an) -+static int macsec_qca_disable_transmit_sa(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; -+ u32 channel = sa->sc->channel; - -- wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, an); -+ wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, -+ sa->an); - -- ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, an, FALSE); -+ ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, sa->an, -+ FALSE); - - return ret; - } -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index a747b11..36a7bd6 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -160,10 +160,9 @@ struct ieee802_1x_kay_ctx { - const struct ieee802_1x_mka_sci *sci, - enum confidentiality_offset co); - int (*delete_transmit_sc)(void *ctx, u32 channel); -- int (*create_transmit_sa)(void *ctx, u32 channel, u8 an, u32 next_pn, -- Boolean confidentiality, const u8 *sak); -- int (*enable_transmit_sa)(void *ctx, u32 channel, u8 an); -- int (*disable_transmit_sa)(void *ctx, u32 channel, u8 an); -+ int (*create_transmit_sa)(void *ctx, struct transmit_sa *sa); -+ int (*enable_transmit_sa)(void *ctx, struct transmit_sa *sa); -+ int (*disable_transmit_sa)(void *ctx, struct transmit_sa *sa); - }; - - struct ieee802_1x_kay { -diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c -index d05e00f..8c31ca9 100644 ---- a/src/pae/ieee802_1x_secy_ops.c -+++ b/src/pae/ieee802_1x_secy_ops.c -@@ -382,9 +382,7 @@ int secy_create_transmit_sa(struct ieee802_1x_kay *kay, - return -1; - } - -- return ops->create_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an, -- txsa->next_pn, txsa->confidentiality, -- txsa->pkey->key); -+ return ops->create_transmit_sa(ops->ctx, txsa); - } - - -@@ -407,7 +405,7 @@ int secy_enable_transmit_sa(struct ieee802_1x_kay *kay, - - txsa->enable_transmit = TRUE; - -- return ops->enable_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an); -+ return ops->enable_transmit_sa(ops->ctx, txsa); - } - - -@@ -430,7 +428,7 @@ int secy_disable_transmit_sa(struct ieee802_1x_kay *kay, - - txsa->enable_transmit = FALSE; - -- return ops->disable_transmit_sa(ops->ctx, txsa->sc->channel, txsa->an); -+ return ops->disable_transmit_sa(ops->ctx, txsa); - } - - -diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h -index 639bb83..e2c2bd7 100644 ---- a/wpa_supplicant/driver_i.h -+++ b/wpa_supplicant/driver_i.h -@@ -857,31 +857,27 @@ static inline int wpa_drv_delete_transmit_sc(struct wpa_supplicant *wpa_s, - } - - static inline int wpa_drv_create_transmit_sa(struct wpa_supplicant *wpa_s, -- u32 channel, u8 an, -- u32 next_pn, -- Boolean confidentiality, -- const u8 *sak) -+ struct transmit_sa *sa) - { - if (!wpa_s->driver->create_transmit_sa) - return -1; -- return wpa_s->driver->create_transmit_sa(wpa_s->drv_priv, channel, an, -- next_pn, confidentiality, sak); -+ return wpa_s->driver->create_transmit_sa(wpa_s->drv_priv, sa); - } - - static inline int wpa_drv_enable_transmit_sa(struct wpa_supplicant *wpa_s, -- u32 channel, u8 an) -+ struct transmit_sa *sa) - { - if (!wpa_s->driver->enable_transmit_sa) - return -1; -- return wpa_s->driver->enable_transmit_sa(wpa_s->drv_priv, channel, an); -+ return wpa_s->driver->enable_transmit_sa(wpa_s->drv_priv, sa); - } - - static inline int wpa_drv_disable_transmit_sa(struct wpa_supplicant *wpa_s, -- u32 channel, u8 an) -+ struct transmit_sa *sa) - { - if (!wpa_s->driver->disable_transmit_sa) - return -1; -- return wpa_s->driver->disable_transmit_sa(wpa_s->drv_priv, channel, an); -+ return wpa_s->driver->disable_transmit_sa(wpa_s->drv_priv, sa); - } - #endif /* CONFIG_MACSEC */ - -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index 306d9f1..4b74112 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -159,24 +159,21 @@ static int wpas_delete_transmit_sc(void *wpa_s, u32 channel) - } - - --static int wpas_create_transmit_sa(void *wpa_s, u32 channel, u8 an, -- u32 next_pn, Boolean confidentiality, -- const u8 *sak) -+static int wpas_create_transmit_sa(void *wpa_s, struct transmit_sa *sa) - { -- return wpa_drv_create_transmit_sa(wpa_s, channel, an, next_pn, -- confidentiality, sak); -+ return wpa_drv_create_transmit_sa(wpa_s, sa); - } - - --static int wpas_enable_transmit_sa(void *wpa_s, u32 channel, u8 an) -+static int wpas_enable_transmit_sa(void *wpa_s, struct transmit_sa *sa) - { -- return wpa_drv_enable_transmit_sa(wpa_s, channel, an); -+ return wpa_drv_enable_transmit_sa(wpa_s, sa); - } - - --static int wpas_disable_transmit_sa(void *wpa_s, u32 channel, u8 an) -+static int wpas_disable_transmit_sa(void *wpa_s, struct transmit_sa *sa) - { -- return wpa_drv_disable_transmit_sa(wpa_s, channel, an); -+ return wpa_drv_disable_transmit_sa(wpa_s, sa); - } - - --- -2.7.4 - diff --git a/macsec-0004-mka-Pass-full-structures-down-to-macsec-drivers-rece.patch b/macsec-0004-mka-Pass-full-structures-down-to-macsec-drivers-rece.patch deleted file mode 100644 index 520d24fd4d55f23db17af067f62580d3ef105a6e..0000000000000000000000000000000000000000 --- a/macsec-0004-mka-Pass-full-structures-down-to-macsec-drivers-rece.patch +++ /dev/null @@ -1,264 +0,0 @@ -From cecdecdbe81c9ca86127413c6559be2d3ffcabd3 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Tue, 20 Sep 2016 09:43:09 +0200 -Subject: [PATCH] mka: Pass full structures down to macsec drivers' receive SA - ops - -Clean up the driver interface by passing pointers to struct receive_sa -down the stack to the {create,enable,disable}_receive_sa() ops, instead -of passing the individual properties of the SA. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 18 ++++++------------ - src/drivers/driver_macsec_qca.c | 32 ++++++++++++++++++++------------ - src/pae/ieee802_1x_kay.h | 7 +++---- - src/pae/ieee802_1x_secy_ops.c | 7 +++---- - wpa_supplicant/driver_i.h | 14 ++++++-------- - wpa_supplicant/wpas_kay.c | 13 ++++++------- - 6 files changed, 44 insertions(+), 47 deletions(-) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index bb2d1d2..f1915fc 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -3391,32 +3391,26 @@ struct wpa_driver_ops { - /** - * create_receive_sa - create secure association for receive - * @priv: private driver interface data from init() -- * @channel: secure channel -- * @an: association number -- * @lowest_pn: the lowest packet number can be received -- * @sak: the secure association key -+ * @sa: secure association - * Returns: 0 on success, -1 on failure - */ -- int (*create_receive_sa)(void *priv, u32 channel, u8 an, -- u32 lowest_pn, const u8 *sak); -+ int (*create_receive_sa)(void *priv, struct receive_sa *sa); - - /** - * enable_receive_sa - enable the SA for receive - * @priv: private driver interface data from init() -- * @channel: secure channel -- * @an: association number -+ * @sa: secure association - * Returns: 0 on success, -1 on failure - */ -- int (*enable_receive_sa)(void *priv, u32 channel, u8 an); -+ int (*enable_receive_sa)(void *priv, struct receive_sa *sa); - - /** - * disable_receive_sa - disable SA for receive - * @priv: private driver interface data from init() -- * @channel: secure channel index -- * @an: association number -+ * @sa: secure association - * Returns: 0 on success, -1 on failure - */ -- int (*disable_receive_sa)(void *priv, u32 channel, u8 an); -+ int (*disable_receive_sa)(void *priv, struct receive_sa *sa); - - /** - * get_available_transmit_sc - get available transmit channel -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 9bfc9a4..2867c31 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -667,49 +667,57 @@ static int macsec_qca_delete_receive_sc(void *priv, u32 channel) - } - - --static int macsec_qca_create_receive_sa(void *priv, u32 channel, u8 an, -- u32 lowest_pn, const u8 *sak) -+static int macsec_qca_create_receive_sa(void *priv, struct receive_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; - fal_rx_sak_t rx_sak; - int i = 0; -+ u32 channel = sa->sc->channel; - - wpa_printf(MSG_DEBUG, "%s, channel=%d, an=%d, lpn=0x%x", -- __func__, channel, an, lowest_pn); -+ __func__, channel, sa->an, sa->lowest_pn); - - os_memset(&rx_sak, 0, sizeof(rx_sak)); - for (i = 0; i < 16; i++) -- rx_sak.sak[i] = sak[15 - i]; -+ rx_sak.sak[i] = sa->pkey->key[15 - i]; - -- ret += nss_macsec_secy_rx_sa_create(drv->secy_id, channel, an); -- ret += nss_macsec_secy_rx_sak_set(drv->secy_id, channel, an, &rx_sak); -+ ret += nss_macsec_secy_rx_sa_create(drv->secy_id, channel, sa->an); -+ ret += nss_macsec_secy_rx_sak_set(drv->secy_id, channel, sa->an, -+ &rx_sak); - - return ret; - } - - --static int macsec_qca_enable_receive_sa(void *priv, u32 channel, u8 an) -+static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; -+ u32 channel = sa->sc->channel; -+ - -- wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, an); -+ wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, -+ sa->an); - -- ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, an, TRUE); -+ ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, sa->an, -+ TRUE); - - return ret; - } - - --static int macsec_qca_disable_receive_sa(void *priv, u32 channel, u8 an) -+static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; -+ u32 channel = sa->sc->channel; - -- wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, an); -+ wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, -+ sa->an); - -- ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, an, FALSE); -+ ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, sa->an, -+ FALSE); - - return ret; - } -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index 36a7bd6..8ee5860 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -151,10 +151,9 @@ struct ieee802_1x_kay_ctx { - enum validate_frames vf, - enum confidentiality_offset co); - int (*delete_receive_sc)(void *ctx, u32 channel); -- int (*create_receive_sa)(void *ctx, u32 channel, u8 an, u32 lowest_pn, -- const u8 *sak); -- int (*enable_receive_sa)(void *ctx, u32 channel, u8 an); -- int (*disable_receive_sa)(void *ctx, u32 channel, u8 an); -+ int (*create_receive_sa)(void *ctx, struct receive_sa *sa); -+ int (*enable_receive_sa)(void *ctx, struct receive_sa *sa); -+ int (*disable_receive_sa)(void *ctx, struct receive_sa *sa); - int (*get_available_transmit_sc)(void *ctx, u32 *channel); - int (*create_transmit_sc)(void *ctx, u32 channel, - const struct ieee802_1x_mka_sci *sci, -diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c -index 8c31ca9..fb376df 100644 ---- a/src/pae/ieee802_1x_secy_ops.c -+++ b/src/pae/ieee802_1x_secy_ops.c -@@ -253,8 +253,7 @@ int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) - return -1; - } - -- return ops->create_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an, -- rxsa->lowest_pn, rxsa->pkey->key); -+ return ops->create_receive_sa(ops->ctx, rxsa); - } - - -@@ -276,7 +275,7 @@ int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) - - rxsa->enable_receive = TRUE; - -- return ops->enable_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an); -+ return ops->enable_receive_sa(ops->ctx, rxsa); - } - - -@@ -298,7 +297,7 @@ int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) - - rxsa->enable_receive = FALSE; - -- return ops->disable_receive_sa(ops->ctx, rxsa->sc->channel, rxsa->an); -+ return ops->disable_receive_sa(ops->ctx, rxsa); - } - - -diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h -index e2c2bd7..666798b 100644 ---- a/wpa_supplicant/driver_i.h -+++ b/wpa_supplicant/driver_i.h -@@ -802,29 +802,27 @@ static inline int wpa_drv_delete_receive_sc(struct wpa_supplicant *wpa_s, - } - - static inline int wpa_drv_create_receive_sa(struct wpa_supplicant *wpa_s, -- u32 channel, u8 an, -- u32 lowest_pn, const u8 *sak) -+ struct receive_sa *sa) - { - if (!wpa_s->driver->create_receive_sa) - return -1; -- return wpa_s->driver->create_receive_sa(wpa_s->drv_priv, channel, an, -- lowest_pn, sak); -+ return wpa_s->driver->create_receive_sa(wpa_s->drv_priv, sa); - } - - static inline int wpa_drv_enable_receive_sa(struct wpa_supplicant *wpa_s, -- u32 channel, u8 an) -+ struct receive_sa *sa) - { - if (!wpa_s->driver->enable_receive_sa) - return -1; -- return wpa_s->driver->enable_receive_sa(wpa_s->drv_priv, channel, an); -+ return wpa_s->driver->enable_receive_sa(wpa_s->drv_priv, sa); - } - - static inline int wpa_drv_disable_receive_sa(struct wpa_supplicant *wpa_s, -- u32 channel, u8 an) -+ struct receive_sa *sa) - { - if (!wpa_s->driver->disable_receive_sa) - return -1; -- return wpa_s->driver->disable_receive_sa(wpa_s->drv_priv, channel, an); -+ return wpa_s->driver->disable_receive_sa(wpa_s->drv_priv, sa); - } - - static inline int -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index 4b74112..344c59e 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -117,22 +117,21 @@ static int wpas_delete_receive_sc(void *wpa_s, u32 channel) - } - - --static int wpas_create_receive_sa(void *wpa_s, u32 channel, u8 an, -- u32 lowest_pn, const u8 *sak) -+static int wpas_create_receive_sa(void *wpa_s, struct receive_sa *sa) - { -- return wpa_drv_create_receive_sa(wpa_s, channel, an, lowest_pn, sak); -+ return wpa_drv_create_receive_sa(wpa_s, sa); - } - - --static int wpas_enable_receive_sa(void *wpa_s, u32 channel, u8 an) -+static int wpas_enable_receive_sa(void *wpa_s, struct receive_sa *sa) - { -- return wpa_drv_enable_receive_sa(wpa_s, channel, an); -+ return wpa_drv_enable_receive_sa(wpa_s, sa); - } - - --static int wpas_disable_receive_sa(void *wpa_s, u32 channel, u8 an) -+static int wpas_disable_receive_sa(void *wpa_s, struct receive_sa *sa) - { -- return wpa_drv_disable_receive_sa(wpa_s, channel, an); -+ return wpa_drv_disable_receive_sa(wpa_s, sa); - } - - --- -2.7.4 - diff --git a/macsec-0005-mka-Pass-full-structures-down-to-macsec-drivers-tran.patch b/macsec-0005-mka-Pass-full-structures-down-to-macsec-drivers-tran.patch deleted file mode 100644 index 2f61a55ea294ec3a2603718def8735c8f1e162de..0000000000000000000000000000000000000000 --- a/macsec-0005-mka-Pass-full-structures-down-to-macsec-drivers-tran.patch +++ /dev/null @@ -1,204 +0,0 @@ -From 8ebfc7c2ba77ac1f71577b3ddc46a050d9fb1103 Mon Sep 17 00:00:00 2001 -Message-Id: <8ebfc7c2ba77ac1f71577b3ddc46a050d9fb1103.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Fri, 7 Oct 2016 12:08:09 +0200 -Subject: [PATCH] mka: Pass full structures down to macsec drivers' transmit SC - ops - -Clean up the driver interface by passing pointers to struct transmit_sc -down the stack to the {create,delete}_transmit_sc() ops, instead of -passing the individual arguments. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 13 ++++++------- - src/drivers/driver_macsec_qca.c | 13 +++++++------ - src/pae/ieee802_1x_kay.h | 5 ++--- - src/pae/ieee802_1x_secy_ops.c | 5 ++--- - wpa_supplicant/driver_i.h | 10 ++++------ - wpa_supplicant/wpas_kay.c | 11 ++++------- - 6 files changed, 25 insertions(+), 32 deletions(-) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index f1915fc..1e2d623 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -3423,21 +3423,20 @@ struct wpa_driver_ops { - /** - * create_transmit_sc - create secure connection for transmit - * @priv: private driver interface data from init() -- * @channel: secure channel -- * @sci_addr: secure channel identifier - address -- * @sci_port: secure channel identifier - port -+ * @sc: secure channel -+ * @conf_offset: confidentiality offset (0, 30, or 50) - * Returns: 0 on success, -1 on failure - */ -- int (*create_transmit_sc)(void *priv, u32 channel, const u8 *sci_addr, -- u16 sci_port, unsigned int conf_offset); -+ int (*create_transmit_sc)(void *priv, struct transmit_sc *sc, -+ unsigned int conf_offset); - - /** - * delete_transmit_sc - delete secure connection for transmit - * @priv: private driver interface data from init() -- * @channel: secure channel -+ * @sc: secure channel - * Returns: 0 on success, -1 on failure - */ -- int (*delete_transmit_sc)(void *priv, u32 channel); -+ int (*delete_transmit_sc)(void *priv, struct transmit_sc *sc); - - /** - * create_transmit_sa - create secure association for transmit -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 2867c31..fef93df 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -750,14 +750,14 @@ static int macsec_qca_get_available_transmit_sc(void *priv, u32 *channel) - } - - --static int macsec_qca_create_transmit_sc(void *priv, u32 channel, -- const u8 *sci_addr, u16 sci_port, -+static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc, - unsigned int conf_offset) - { - struct macsec_qca_data *drv = priv; - int ret = 0; - fal_tx_class_lut_t entry; - u8 psci[ETH_ALEN + 2]; -+ u32 channel = sc->channel; - - wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); - -@@ -768,9 +768,9 @@ static int macsec_qca_create_transmit_sc(void *priv, u32 channel, - entry.action = FAL_TX_CLASS_ACTION_FORWARD; - entry.channel = channel; - -- os_memcpy(psci, sci_addr, ETH_ALEN); -- psci[6] = (sci_port >> 8) & 0xf; -- psci[7] = sci_port & 0xf; -+ os_memcpy(psci, sc->sci.addr, ETH_ALEN); -+ psci[6] = (sc->sci.port >> 8) & 0xf; -+ psci[7] = sc->sci.port & 0xf; - - ret += nss_macsec_secy_tx_class_lut_set(drv->secy_id, channel, &entry); - ret += nss_macsec_secy_tx_sc_create(drv->secy_id, channel, psci, 8); -@@ -784,11 +784,12 @@ static int macsec_qca_create_transmit_sc(void *priv, u32 channel, - } - - --static int macsec_qca_delete_transmit_sc(void *priv, u32 channel) -+static int macsec_qca_delete_transmit_sc(void *priv, struct transmit_sc *sc) - { - struct macsec_qca_data *drv = priv; - int ret = 0; - fal_tx_class_lut_t entry; -+ u32 channel = sc->channel; - - wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); - -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index 8ee5860..8cd5fa6 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -155,10 +155,9 @@ struct ieee802_1x_kay_ctx { - int (*enable_receive_sa)(void *ctx, struct receive_sa *sa); - int (*disable_receive_sa)(void *ctx, struct receive_sa *sa); - int (*get_available_transmit_sc)(void *ctx, u32 *channel); -- int (*create_transmit_sc)(void *ctx, u32 channel, -- const struct ieee802_1x_mka_sci *sci, -+ int (*create_transmit_sc)(void *ctx, struct transmit_sc *sc, - enum confidentiality_offset co); -- int (*delete_transmit_sc)(void *ctx, u32 channel); -+ int (*delete_transmit_sc)(void *ctx, struct transmit_sc *sc); - int (*create_transmit_sa)(void *ctx, struct transmit_sa *sa); - int (*enable_transmit_sa)(void *ctx, struct transmit_sa *sa); - int (*disable_transmit_sa)(void *ctx, struct transmit_sa *sa); -diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c -index fb376df..669dc98 100644 ---- a/src/pae/ieee802_1x_secy_ops.c -+++ b/src/pae/ieee802_1x_secy_ops.c -@@ -338,8 +338,7 @@ int secy_create_transmit_sc(struct ieee802_1x_kay *kay, - return -1; - } - -- return ops->create_transmit_sc(ops->ctx, txsc->channel, &txsc->sci, -- kay->co); -+ return ops->create_transmit_sc(ops->ctx, txsc, kay->co); - } - - -@@ -360,7 +359,7 @@ int secy_delete_transmit_sc(struct ieee802_1x_kay *kay, - return -1; - } - -- return ops->delete_transmit_sc(ops->ctx, txsc->channel); -+ return ops->delete_transmit_sc(ops->ctx, txsc); - } - - -diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h -index 666798b..2dc74bf 100644 ---- a/wpa_supplicant/driver_i.h -+++ b/wpa_supplicant/driver_i.h -@@ -835,23 +835,21 @@ wpa_drv_get_available_transmit_sc(struct wpa_supplicant *wpa_s, u32 *channel) - } - - static inline int --wpa_drv_create_transmit_sc(struct wpa_supplicant *wpa_s, u32 channel, -- const u8 *sci_addr, u16 sci_port, -+wpa_drv_create_transmit_sc(struct wpa_supplicant *wpa_s, struct transmit_sc *sc, - unsigned int conf_offset) - { - if (!wpa_s->driver->create_transmit_sc) - return -1; -- return wpa_s->driver->create_transmit_sc(wpa_s->drv_priv, channel, -- sci_addr, sci_port, -+ return wpa_s->driver->create_transmit_sc(wpa_s->drv_priv, sc, - conf_offset); - } - - static inline int wpa_drv_delete_transmit_sc(struct wpa_supplicant *wpa_s, -- u32 channel) -+ struct transmit_sc *sc) - { - if (!wpa_s->driver->delete_transmit_sc) - return -1; -- return wpa_s->driver->delete_transmit_sc(wpa_s->drv_priv, channel); -+ return wpa_s->driver->delete_transmit_sc(wpa_s->drv_priv, sc); - } - - static inline int wpa_drv_create_transmit_sa(struct wpa_supplicant *wpa_s, -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index 344c59e..e0f8e28 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -142,19 +142,16 @@ static int wpas_get_available_transmit_sc(void *wpa_s, u32 *channel) - - - static int --wpas_create_transmit_sc(void *wpa_s, u32 channel, -- const struct ieee802_1x_mka_sci *sci, -+wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc, - enum confidentiality_offset co) - { -- return wpa_drv_create_transmit_sc(wpa_s, channel, sci->addr, -- be_to_host16(sci->port), -- conf_offset_val(co)); -+ return wpa_drv_create_transmit_sc(wpa_s, sc, conf_offset_val(co)); - } - - --static int wpas_delete_transmit_sc(void *wpa_s, u32 channel) -+static int wpas_delete_transmit_sc(void *wpa_s, struct transmit_sc *sc) - { -- return wpa_drv_delete_transmit_sc(wpa_s, channel); -+ return wpa_drv_delete_transmit_sc(wpa_s, sc); - } - - --- -2.7.4 - diff --git a/macsec-0006-mka-Pass-full-structures-down-to-macsec-drivers-rece.patch b/macsec-0006-mka-Pass-full-structures-down-to-macsec-drivers-rece.patch deleted file mode 100644 index 14d08a4c3a1e3826887ffbefb958e5da5ee9385d..0000000000000000000000000000000000000000 --- a/macsec-0006-mka-Pass-full-structures-down-to-macsec-drivers-rece.patch +++ /dev/null @@ -1,200 +0,0 @@ -From 5f5ca28414de7ae0b86d4c2aa09c3e67b697dd56 Mon Sep 17 00:00:00 2001 -Message-Id: <5f5ca28414de7ae0b86d4c2aa09c3e67b697dd56.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Fri, 7 Oct 2016 12:08:10 +0200 -Subject: [PATCH] mka: Pass full structures down to macsec drivers' receive SC - ops - -Clean up the driver interface by passing pointers to struct receive_sc -down the stack to the {create,delete}_recevie_sc() ops, instead of -passing the individual properties of the SC. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 12 +++++------- - src/drivers/driver_macsec_qca.c | 9 ++++++--- - src/pae/ieee802_1x_kay.h | 5 ++--- - src/pae/ieee802_1x_secy_ops.c | 5 ++--- - wpa_supplicant/driver_i.h | 12 +++++------- - wpa_supplicant/wpas_kay.c | 11 ++++------- - 6 files changed, 24 insertions(+), 30 deletions(-) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index 1e2d623..a57aa53 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -3368,25 +3368,23 @@ struct wpa_driver_ops { - /** - * create_receive_sc - create secure channel for receiving - * @priv: Private driver interface data -- * @channel: secure channel -- * @sci_addr: secure channel identifier - address -- * @sci_port: secure channel identifier - port -+ * @sc: secure channel - * @conf_offset: confidentiality offset (0, 30, or 50) - * @validation: frame validation policy (0 = Disabled, 1 = Checked, - * 2 = Strict) - * Returns: 0 on success, -1 on failure (or if not supported) - */ -- int (*create_receive_sc)(void *priv, u32 channel, const u8 *sci_addr, -- u16 sci_port, unsigned int conf_offset, -+ int (*create_receive_sc)(void *priv, struct receive_sc *sc, -+ unsigned int conf_offset, - int validation); - - /** - * delete_receive_sc - delete secure connection for receiving - * @priv: private driver interface data from init() -- * @channel: secure channel -+ * @sc: secure channel - * Returns: 0 on success, -1 on failure - */ -- int (*delete_receive_sc)(void *priv, u32 channel); -+ int (*delete_receive_sc)(void *priv, struct receive_sc *sc); - - /** - * create_receive_sa - create secure association for receive -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index fef93df..385f7c5 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -601,8 +601,7 @@ static int macsec_qca_get_available_receive_sc(void *priv, u32 *channel) - } - - --static int macsec_qca_create_receive_sc(void *priv, u32 channel, -- const u8 *sci_addr, u16 sci_port, -+static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc, - unsigned int conf_offset, - int validation) - { -@@ -611,6 +610,9 @@ static int macsec_qca_create_receive_sc(void *priv, u32 channel, - fal_rx_prc_lut_t entry; - fal_rx_sc_validate_frame_e vf; - enum validate_frames validate_frames = validation; -+ u32 channel = sc->channel; -+ const u8 *sci_addr = sc->sci.addr; -+ u16 sci_port = be_to_host16(sc->sci.port); - - wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); - -@@ -649,11 +651,12 @@ static int macsec_qca_create_receive_sc(void *priv, u32 channel, - } - - --static int macsec_qca_delete_receive_sc(void *priv, u32 channel) -+static int macsec_qca_delete_receive_sc(void *priv, struct receive_sc *sc) - { - struct macsec_qca_data *drv = priv; - int ret = 0; - fal_rx_prc_lut_t entry; -+ u32 channel = sc->channel; - - wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); - -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index 8cd5fa6..144ee90 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -146,11 +146,10 @@ struct ieee802_1x_kay_ctx { - int (*get_transmit_next_pn)(void *ctx, struct transmit_sa *sa); - int (*set_transmit_next_pn)(void *ctx, struct transmit_sa *sa); - int (*get_available_receive_sc)(void *ctx, u32 *channel); -- int (*create_receive_sc)(void *ctx, u32 channel, -- struct ieee802_1x_mka_sci *sci, -+ int (*create_receive_sc)(void *ctx, struct receive_sc *sc, - enum validate_frames vf, - enum confidentiality_offset co); -- int (*delete_receive_sc)(void *ctx, u32 channel); -+ int (*delete_receive_sc)(void *ctx, struct receive_sc *sc); - int (*create_receive_sa)(void *ctx, struct receive_sa *sa); - int (*enable_receive_sa)(void *ctx, struct receive_sa *sa); - int (*disable_receive_sa)(void *ctx, struct receive_sa *sa); -diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c -index 669dc98..b8fcf05 100644 ---- a/src/pae/ieee802_1x_secy_ops.c -+++ b/src/pae/ieee802_1x_secy_ops.c -@@ -212,8 +212,7 @@ int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc) - return -1; - } - -- return ops->create_receive_sc(ops->ctx, rxsc->channel, &rxsc->sci, -- kay->vf, kay->co); -+ return ops->create_receive_sc(ops->ctx, rxsc, kay->vf, kay->co); - } - - -@@ -233,7 +232,7 @@ int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc) - return -1; - } - -- return ops->delete_receive_sc(ops->ctx, rxsc->channel); -+ return ops->delete_receive_sc(ops->ctx, rxsc); - } - - -diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h -index 2dc74bf..d47395c 100644 ---- a/wpa_supplicant/driver_i.h -+++ b/wpa_supplicant/driver_i.h -@@ -782,23 +782,21 @@ static inline int wpa_drv_get_available_receive_sc(struct wpa_supplicant *wpa_s, - } - - static inline int --wpa_drv_create_receive_sc(struct wpa_supplicant *wpa_s, u32 channel, -- const u8 *sci_addr, u16 sci_port, -+wpa_drv_create_receive_sc(struct wpa_supplicant *wpa_s, struct receive_sc *sc, - unsigned int conf_offset, int validation) - { - if (!wpa_s->driver->create_receive_sc) - return -1; -- return wpa_s->driver->create_receive_sc(wpa_s->drv_priv, channel, -- sci_addr, sci_port, conf_offset, -- validation); -+ return wpa_s->driver->create_receive_sc(wpa_s->drv_priv, sc, -+ conf_offset, validation); - } - - static inline int wpa_drv_delete_receive_sc(struct wpa_supplicant *wpa_s, -- u32 channel) -+ struct receive_sc *sc) - { - if (!wpa_s->driver->delete_receive_sc) - return -1; -- return wpa_s->driver->delete_receive_sc(wpa_s->drv_priv, channel); -+ return wpa_s->driver->delete_receive_sc(wpa_s->drv_priv, sc); - } - - static inline int wpa_drv_create_receive_sa(struct wpa_supplicant *wpa_s, -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index e0f8e28..4163b61 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -100,20 +100,17 @@ static unsigned int conf_offset_val(enum confidentiality_offset co) - } - - --static int wpas_create_receive_sc(void *wpa_s, u32 channel, -- struct ieee802_1x_mka_sci *sci, -+static int wpas_create_receive_sc(void *wpa_s, struct receive_sc *sc, - enum validate_frames vf, - enum confidentiality_offset co) - { -- return wpa_drv_create_receive_sc(wpa_s, channel, sci->addr, -- be_to_host16(sci->port), -- conf_offset_val(co), vf); -+ return wpa_drv_create_receive_sc(wpa_s, sc, conf_offset_val(co), vf); - } - - --static int wpas_delete_receive_sc(void *wpa_s, u32 channel) -+static int wpas_delete_receive_sc(void *wpa_s, struct receive_sc *sc) - { -- return wpa_drv_delete_receive_sc(wpa_s, channel); -+ return wpa_drv_delete_receive_sc(wpa_s, sc); - } - - --- -2.7.4 - diff --git a/macsec-0007-mka-Add-driver-op-to-get-macsec-capabilities.patch b/macsec-0007-mka-Add-driver-op-to-get-macsec-capabilities.patch deleted file mode 100644 index 9ea4c46b9a031b42bcc12b8f37b5c6b9f568a8af..0000000000000000000000000000000000000000 --- a/macsec-0007-mka-Add-driver-op-to-get-macsec-capabilities.patch +++ /dev/null @@ -1,219 +0,0 @@ -From a25e4efc9e428d968e83398bd8c9c94698ba5851 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Fri, 7 Oct 2016 12:08:12 +0200 -Subject: [PATCH] mka: Add driver op to get macsec capabilities - -This also implements the macsec_get_capability for the macsec_qca -driver to maintain the existing behavior. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 8 ++++++++ - src/drivers/driver_macsec_qca.c | 11 +++++++++++ - src/pae/ieee802_1x_kay.c | 18 ++++++++++++++++-- - src/pae/ieee802_1x_kay.h | 1 + - src/pae/ieee802_1x_secy_ops.c | 20 ++++++++++++++++++++ - src/pae/ieee802_1x_secy_ops.h | 1 + - wpa_supplicant/driver_i.h | 8 ++++++++ - wpa_supplicant/wpas_kay.c | 7 +++++++ - 8 files changed, 72 insertions(+), 2 deletions(-) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index a57aa53..ea4a41f 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -3298,6 +3298,14 @@ struct wpa_driver_ops { - int (*macsec_deinit)(void *priv); - - /** -+ * macsec_get_capability - Inform MKA of this driver's capability -+ * @priv: Private driver interface data -+ * @cap: Driver's capability -+ * Returns: 0 on success, -1 on failure -+ */ -+ int (*macsec_get_capability)(void *priv, enum macsec_cap *cap); -+ -+ /** - * enable_protect_frames - Set protect frames status - * @priv: Private driver interface data - * @enabled: TRUE = protect frames enabled -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 385f7c5..041bcf5 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -458,6 +458,16 @@ static int macsec_qca_macsec_deinit(void *priv) - } - - -+static int macsec_qca_get_capability(void *priv, enum macsec_cap *cap) -+{ -+ wpa_printf(MSG_DEBUG, "%s", __func__); -+ -+ *cap = MACSEC_CAP_INTEG_AND_CONF_0_30_50; -+ -+ return 0; -+} -+ -+ - static int macsec_qca_enable_protect_frames(void *priv, Boolean enabled) - { - struct macsec_qca_data *drv = priv; -@@ -889,6 +899,7 @@ const struct wpa_driver_ops wpa_driver_macsec_qca_ops = { - - .macsec_init = macsec_qca_macsec_init, - .macsec_deinit = macsec_qca_macsec_deinit, -+ .macsec_get_capability = macsec_qca_get_capability, - .enable_protect_frames = macsec_qca_enable_protect_frames, - .set_replay_protect = macsec_qca_set_replay_protect, - .set_current_cipher_suite = macsec_qca_set_current_cipher_suite, -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index a8e7efc..52eeeff 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -3069,13 +3069,20 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - kay->macsec_replay_window = 0; - kay->macsec_confidentiality = CONFIDENTIALITY_NONE; - } else { -- kay->macsec_capable = MACSEC_CAP_INTEG_AND_CONF_0_30_50; -+ if (secy_get_capability(kay, &kay->macsec_capable) < 0) { -+ os_free(kay); -+ return NULL; -+ } -+ - kay->macsec_desired = TRUE; - kay->macsec_protect = TRUE; - kay->macsec_validate = Strict; - kay->macsec_replay_protect = FALSE; - kay->macsec_replay_window = 0; -- kay->macsec_confidentiality = CONFIDENTIALITY_OFFSET_0; -+ if (kay->macsec_capable >= MACSEC_CAP_INTEG_AND_CONF) -+ kay->macsec_confidentiality = CONFIDENTIALITY_OFFSET_0; -+ else -+ kay->macsec_confidentiality = MACSEC_CAP_INTEGRITY; - } - - wpa_printf(MSG_DEBUG, "KaY: state machine created"); -@@ -3409,6 +3416,7 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay, - unsigned int cs_index) - { - struct ieee802_1x_mka_participant *participant; -+ enum macsec_cap secy_cap; - - if (!kay) - return -1; -@@ -3427,6 +3435,12 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay, - kay->macsec_csindex = cs_index; - kay->macsec_capable = cipher_suite_tbl[kay->macsec_csindex].capable; - -+ if (secy_get_capability(kay, &secy_cap) < 0) -+ return -3; -+ -+ if (kay->macsec_capable > secy_cap) -+ kay->macsec_capable = secy_cap; -+ - participant = ieee802_1x_kay_get_principal_participant(kay); - if (participant) { - wpa_printf(MSG_INFO, "KaY: Cipher Suite changed"); -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index 144ee90..bf6fbe5 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -138,6 +138,7 @@ struct ieee802_1x_kay_ctx { - /* abstract wpa driver interface */ - int (*macsec_init)(void *ctx, struct macsec_init_params *params); - int (*macsec_deinit)(void *ctx); -+ int (*macsec_get_capability)(void *priv, enum macsec_cap *cap); - int (*enable_protect_frames)(void *ctx, Boolean enabled); - int (*set_replay_protect)(void *ctx, Boolean enabled, u32 window); - int (*set_current_cipher_suite)(void *ctx, u64 cs); -diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c -index b8fcf05..32ee816 100644 ---- a/src/pae/ieee802_1x_secy_ops.c -+++ b/src/pae/ieee802_1x_secy_ops.c -@@ -113,6 +113,26 @@ int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, Boolean enabled) - } - - -+int secy_get_capability(struct ieee802_1x_kay *kay, enum macsec_cap *cap) -+{ -+ struct ieee802_1x_kay_ctx *ops; -+ -+ if (!kay) { -+ wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); -+ return -1; -+ } -+ -+ ops = kay->ctx; -+ if (!ops || !ops->macsec_get_capability) { -+ wpa_printf(MSG_ERROR, -+ "KaY: secy macsec_get_capability operation not supported"); -+ return -1; -+ } -+ -+ return ops->macsec_get_capability(ops->ctx, cap); -+} -+ -+ - int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay, - struct receive_sa *rxsa) - { -diff --git a/src/pae/ieee802_1x_secy_ops.h b/src/pae/ieee802_1x_secy_ops.h -index 120ca3c..bfd5737 100644 ---- a/src/pae/ieee802_1x_secy_ops.h -+++ b/src/pae/ieee802_1x_secy_ops.h -@@ -28,6 +28,7 @@ int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay, - int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, Boolean flag); - - /****** KaY -> SecY *******/ -+int secy_get_capability(struct ieee802_1x_kay *kay, enum macsec_cap *cap); - int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay, - struct receive_sa *rxsa); - int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay, -diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h -index d47395c..5d5dcf0 100644 ---- a/wpa_supplicant/driver_i.h -+++ b/wpa_supplicant/driver_i.h -@@ -715,6 +715,14 @@ static inline int wpa_drv_macsec_deinit(struct wpa_supplicant *wpa_s) - return wpa_s->driver->macsec_deinit(wpa_s->drv_priv); - } - -+static inline int wpa_drv_macsec_get_capability(struct wpa_supplicant *wpa_s, -+ enum macsec_cap *cap) -+{ -+ if (!wpa_s->driver->macsec_get_capability) -+ return -1; -+ return wpa_s->driver->macsec_get_capability(wpa_s->drv_priv, cap); -+} -+ - static inline int wpa_drv_enable_protect_frames(struct wpa_supplicant *wpa_s, - Boolean enabled) - { -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index 4163b61..29b7b56 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -38,6 +38,12 @@ static int wpas_macsec_deinit(void *priv) - } - - -+static int wpas_macsec_get_capability(void *priv, enum macsec_cap *cap) -+{ -+ return wpa_drv_macsec_get_capability(priv, cap); -+} -+ -+ - static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled) - { - return wpa_drv_enable_protect_frames(wpa_s, enabled); -@@ -191,6 +197,7 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) - - kay_ctx->macsec_init = wpas_macsec_init; - kay_ctx->macsec_deinit = wpas_macsec_deinit; -+ kay_ctx->macsec_get_capability = wpas_macsec_get_capability; - kay_ctx->enable_protect_frames = wpas_enable_protect_frames; - kay_ctx->set_replay_protect = wpas_set_replay_protect; - kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite; --- -2.7.4 - diff --git a/macsec-0008-mka-Remove-channel-hacks-from-the-stack-and-the-macs.patch b/macsec-0008-mka-Remove-channel-hacks-from-the-stack-and-the-macs.patch deleted file mode 100644 index cab3859115c5b6802dd0a6f59216a899a052cc23..0000000000000000000000000000000000000000 --- a/macsec-0008-mka-Remove-channel-hacks-from-the-stack-and-the-macs.patch +++ /dev/null @@ -1,774 +0,0 @@ -From 6f551abdfca16021e7cd9d4ac891e3eb27010a90 Mon Sep 17 00:00:00 2001 -Message-Id: <6f551abdfca16021e7cd9d4ac891e3eb27010a90.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Fri, 21 Oct 2016 14:45:26 +0200 -Subject: [PATCH] mka: Remove "channel" hacks from the stack and the macsec_qca - driver - -This is specific to the macsec_qca driver. The core implementation -shouldn't care about this, and only deal with the complete secure -channel, and pass this down to the driver. - -Drivers that have such limitations should take care of these in their -->create functions and throw an error. - -Since the core MKA no longer saves the channel number, the macsec_qca -driver must be able to recover it. Add a map (which is just an array -since it's quite short) to match SCIs to channel numbers, and lookup -functions that will be called in every place where functions would get -the channel from the core code. Getting an available channel should be -part of channel creation, instead of being a preparation step. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 16 ---- - src/drivers/driver_macsec_qca.c | 174 +++++++++++++++++++++++++++++++++------- - src/pae/ieee802_1x_kay.c | 41 +++------- - src/pae/ieee802_1x_kay.h | 7 -- - src/pae/ieee802_1x_secy_ops.c | 40 --------- - src/pae/ieee802_1x_secy_ops.h | 2 - - wpa_supplicant/driver_i.h | 18 ----- - wpa_supplicant/wpas_kay.c | 14 ---- - 8 files changed, 159 insertions(+), 153 deletions(-) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index aeb9694..54ae6b7 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -3390,14 +3390,6 @@ struct wpa_driver_ops { - int (*set_transmit_next_pn)(void *priv, struct transmit_sa *sa); - - /** -- * get_available_receive_sc - get available receive channel -- * @priv: Private driver interface data -- * @channel: secure channel -- * Returns: 0 on success, -1 on failure (or if not supported) -- */ -- int (*get_available_receive_sc)(void *priv, u32 *channel); -- -- /** - * create_receive_sc - create secure channel for receiving - * @priv: Private driver interface data - * @sc: secure channel -@@ -3443,14 +3435,6 @@ struct wpa_driver_ops { - int (*disable_receive_sa)(void *priv, struct receive_sa *sa); - - /** -- * get_available_transmit_sc - get available transmit channel -- * @priv: Private driver interface data -- * @channel: secure channel -- * Returns: 0 on success, -1 on failure (or if not supported) -- */ -- int (*get_available_transmit_sc)(void *priv, u32 *channel); -- -- /** - * create_transmit_sc - create secure connection for transmit - * @priv: private driver interface data from init() - * @sc: secure channel -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 041bcf5..22d414c 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -56,6 +56,10 @@ - static const u8 pae_group_addr[ETH_ALEN] = - { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; - -+struct channel_map { -+ struct ieee802_1x_mka_sci sci; -+}; -+ - struct macsec_qca_data { - char ifname[IFNAMSIZ + 1]; - u32 secy_id; -@@ -72,6 +76,9 @@ struct macsec_qca_data { - Boolean protect_frames; - Boolean replay_protect; - u32 replay_window; -+ -+ struct channel_map receive_channel_map[MAXSC]; -+ struct channel_map transmit_channel_map[MAXSC]; - }; - - -@@ -526,6 +533,68 @@ static int macsec_qca_enable_controlled_port(void *priv, Boolean enabled) - } - - -+static int macsec_qca_lookup_channel(struct channel_map *map, -+ struct ieee802_1x_mka_sci *sci, -+ u32 *channel) -+{ -+ u32 i; -+ -+ for (i = 0; i < MAXSC; i++) { -+ if (os_memcmp(&map[i].sci, sci, -+ sizeof(struct ieee802_1x_mka_sci)) == 0) { -+ *channel = i; -+ return 0; -+ } -+ } -+ -+ return -1; -+} -+ -+ -+static void macsec_qca_register_channel(struct channel_map *map, -+ struct ieee802_1x_mka_sci *sci, -+ u32 channel) -+{ -+ os_memcpy(&map[channel].sci, sci, sizeof(struct ieee802_1x_mka_sci)); -+} -+ -+ -+static int macsec_qca_lookup_receive_channel(struct macsec_qca_data *drv, -+ struct receive_sc *sc, -+ u32 *channel) -+{ -+ return macsec_qca_lookup_channel(drv->receive_channel_map, &sc->sci, -+ channel); -+} -+ -+ -+static void macsec_qca_register_receive_channel(struct macsec_qca_data *drv, -+ struct receive_sc *sc, -+ u32 channel) -+{ -+ macsec_qca_register_channel(drv->receive_channel_map, &sc->sci, -+ channel); -+} -+ -+ -+static int macsec_qca_lookup_transmit_channel(struct macsec_qca_data *drv, -+ struct transmit_sc *sc, -+ u32 *channel) -+{ -+ return macsec_qca_lookup_channel(drv->transmit_channel_map, &sc->sci, -+ channel); -+} -+ -+ -+static void macsec_qca_register_transmit_channel(struct macsec_qca_data *drv, -+ struct transmit_sc *sc, -+ u32 channel) -+{ -+ macsec_qca_register_channel(drv->transmit_channel_map, &sc->sci, -+ channel); -+} -+ -+ - static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa) - { - struct macsec_qca_data *drv = priv; -@@ -533,7 +602,11 @@ static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa) - u32 next_pn = 0; - bool enabled = FALSE; - u32 win; -- u32 channel = sa->sc->channel; -+ u32 channel; -+ -+ ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel); -+ if (ret != 0) -+ return ret; - - ret += nss_macsec_secy_rx_sa_next_pn_get(drv->secy_id, channel, sa->an, - &next_pn); -@@ -557,7 +630,11 @@ static int macsec_qca_get_transmit_next_pn(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; -- u32 channel = sa->sc->channel; -+ u32 channel; -+ -+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); -+ if (ret != 0) -+ return ret; - - ret += nss_macsec_secy_tx_sa_next_pn_get(drv->secy_id, channel, sa->an, - &sa->next_pn); -@@ -572,8 +649,11 @@ int macsec_qca_set_transmit_next_pn(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; - int ret = 0; -- u32 channel = sa->sc->channel; -+ u32 channel; - -+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); -+ if (ret != 0) -+ return ret; - - ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, sa->an, - sa->next_pn); -@@ -620,10 +700,14 @@ static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc, - fal_rx_prc_lut_t entry; - fal_rx_sc_validate_frame_e vf; - enum validate_frames validate_frames = validation; -- u32 channel = sc->channel; -+ u32 channel; - const u8 *sci_addr = sc->sci.addr; - u16 sci_port = be_to_host16(sc->sci.port); - -+ ret = macsec_qca_get_available_receive_sc(priv, &channel); -+ if (ret != 0) -+ return ret; -+ - wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); - - /* rx prc lut */ -@@ -657,6 +741,8 @@ static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc, - channel, - drv->replay_window); - -+ macsec_qca_register_receive_channel(drv, sc, channel); -+ - return ret; - } - -@@ -664,9 +750,13 @@ static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc, - static int macsec_qca_delete_receive_sc(void *priv, struct receive_sc *sc) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; -+ int ret; - fal_rx_prc_lut_t entry; -- u32 channel = sc->channel; -+ u32 channel; -+ -+ ret = macsec_qca_lookup_receive_channel(priv, sc, &channel); -+ if (ret != 0) -+ return ret; - - wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); - -@@ -683,10 +773,14 @@ static int macsec_qca_delete_receive_sc(void *priv, struct receive_sc *sc) - static int macsec_qca_create_receive_sa(void *priv, struct receive_sa *sa) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; -+ int ret; - fal_rx_sak_t rx_sak; - int i = 0; -- u32 channel = sa->sc->channel; -+ u32 channel; -+ -+ ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel); -+ if (ret != 0) -+ return ret; - - wpa_printf(MSG_DEBUG, "%s, channel=%d, an=%d, lpn=0x%x", - __func__, channel, sa->an, sa->lowest_pn); -@@ -706,9 +800,12 @@ static int macsec_qca_create_receive_sa(void *priv, struct receive_sa *sa) - static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; -- u32 channel = sa->sc->channel; -+ int ret; -+ u32 channel; - -+ ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel); -+ if (ret != 0) -+ return ret; - - wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, - sa->an); -@@ -723,8 +820,12 @@ static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa) - static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; -- u32 channel = sa->sc->channel; -+ int ret; -+ u32 channel; -+ -+ ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel); -+ if (ret != 0) -+ return ret; - - wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, - sa->an); -@@ -739,14 +840,12 @@ static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa) - static int macsec_qca_get_available_transmit_sc(void *priv, u32 *channel) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; - u32 sc_ch = 0; - bool in_use = FALSE; - - for (sc_ch = 0; sc_ch < MAXSC; sc_ch++) { -- ret = nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch, -- &in_use); -- if (ret) -+ if (nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch, -+ &in_use)) - continue; - - if (!in_use) { -@@ -767,10 +866,14 @@ static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc, - unsigned int conf_offset) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; -+ int ret; - fal_tx_class_lut_t entry; - u8 psci[ETH_ALEN + 2]; -- u32 channel = sc->channel; -+ u32 channel; -+ -+ ret = macsec_qca_get_available_transmit_sc(priv, &channel); -+ if (ret != 0) -+ return ret; - - wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); - -@@ -793,6 +896,8 @@ static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc, - channel, - conf_offset); - -+ macsec_qca_register_transmit_channel(drv, sc, channel); -+ - return ret; - } - -@@ -800,9 +905,13 @@ static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc, - static int macsec_qca_delete_transmit_sc(void *priv, struct transmit_sc *sc) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; -+ int ret; - fal_tx_class_lut_t entry; -- u32 channel = sc->channel; -+ u32 channel; -+ -+ ret = macsec_qca_lookup_transmit_channel(priv, sc, &channel); -+ if (ret != 0) -+ return ret; - - wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); - -@@ -819,11 +928,15 @@ static int macsec_qca_delete_transmit_sc(void *priv, struct transmit_sc *sc) - static int macsec_qca_create_transmit_sa(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; -+ int ret; - u8 tci = 0; - fal_tx_sak_t tx_sak; - int i; -- u32 channel = sa->sc->channel; -+ u32 channel; -+ -+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); -+ if (ret != 0) -+ return ret; - - wpa_printf(MSG_DEBUG, - "%s: channel=%d, an=%d, next_pn=0x%x, confidentiality=%d", -@@ -858,9 +971,12 @@ static int macsec_qca_create_transmit_sa(void *priv, struct transmit_sa *sa) - static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; -- u32 channel = sa->sc->channel; -+ int ret; -+ u32 channel; - -+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); -+ if (ret != 0) -+ return ret; - - wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, - sa->an); -@@ -875,8 +991,12 @@ static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa) - static int macsec_qca_disable_transmit_sa(void *priv, struct transmit_sa *sa) - { - struct macsec_qca_data *drv = priv; -- int ret = 0; -- u32 channel = sa->sc->channel; -+ int ret; -+ u32 channel; -+ -+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel); -+ if (ret != 0) -+ return ret; - - wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, - sa->an); -@@ -907,13 +1027,11 @@ const struct wpa_driver_ops wpa_driver_macsec_qca_ops = { - .get_receive_lowest_pn = macsec_qca_get_receive_lowest_pn, - .get_transmit_next_pn = macsec_qca_get_transmit_next_pn, - .set_transmit_next_pn = macsec_qca_set_transmit_next_pn, -- .get_available_receive_sc = macsec_qca_get_available_receive_sc, - .create_receive_sc = macsec_qca_create_receive_sc, - .delete_receive_sc = macsec_qca_delete_receive_sc, - .create_receive_sa = macsec_qca_create_receive_sa, - .enable_receive_sa = macsec_qca_enable_receive_sa, - .disable_receive_sa = macsec_qca_disable_receive_sa, -- .get_available_transmit_sc = macsec_qca_get_available_transmit_sc, - .create_transmit_sc = macsec_qca_create_transmit_sc, - .delete_transmit_sc = macsec_qca_delete_transmit_sc, - .create_transmit_sa = macsec_qca_create_transmit_sa, -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 52eeeff..38a8293 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -440,8 +440,8 @@ ieee802_1x_kay_init_receive_sa(struct receive_sc *psc, u8 an, u32 lowest_pn, - - dl_list_add(&psc->sa_list, &psa->list); - wpa_printf(MSG_DEBUG, -- "KaY: Create receive SA(AN: %hhu lowest_pn: %u of SC(channel: %d)", -- an, lowest_pn, psc->channel); -+ "KaY: Create receive SA(AN: %hhu lowest_pn: %u of SC", -+ an, lowest_pn); - - return psa; - } -@@ -465,8 +465,7 @@ static void ieee802_1x_kay_deinit_receive_sa(struct receive_sa *psa) - * ieee802_1x_kay_init_receive_sc - - */ - static struct receive_sc * --ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci, -- int channel) -+ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci) - { - struct receive_sc *psc; - -@@ -480,13 +479,12 @@ ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci, - } - - os_memcpy(&psc->sci, psci, sizeof(psc->sci)); -- psc->channel = channel; - - os_get_time(&psc->created_time); - psc->receiving = FALSE; - - dl_list_init(&psc->sa_list); -- wpa_printf(MSG_DEBUG, "KaY: Create receive SC(channel: %d)", channel); -+ wpa_printf(MSG_DEBUG, "KaY: Create receive SC"); - wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)psci, sizeof(*psci)); - - return psc; -@@ -502,8 +500,7 @@ ieee802_1x_kay_deinit_receive_sc( - { - struct receive_sa *psa, *pre_sa; - -- wpa_printf(MSG_DEBUG, "KaY: Delete receive SC(channel: %d)", -- psc->channel); -+ wpa_printf(MSG_DEBUG, "KaY: Delete receive SC"); - dl_list_for_each_safe(psa, pre_sa, &psc->sa_list, struct receive_sa, - list) { - secy_disable_receive_sa(participant->kay, psa); -@@ -552,7 +549,6 @@ ieee802_1x_kay_create_live_peer(struct ieee802_1x_mka_participant *participant, - { - struct ieee802_1x_kay_peer *peer; - struct receive_sc *rxsc; -- u32 sc_ch = 0; - - peer = ieee802_1x_kay_create_peer(mi, mn); - if (!peer) -@@ -561,9 +557,7 @@ ieee802_1x_kay_create_live_peer(struct ieee802_1x_mka_participant *participant, - os_memcpy(&peer->sci, &participant->current_peer_sci, - sizeof(peer->sci)); - -- secy_get_available_receive_sc(participant->kay, &sc_ch); -- -- rxsc = ieee802_1x_kay_init_receive_sc(&peer->sci, sc_ch); -+ rxsc = ieee802_1x_kay_init_receive_sc(&peer->sci); - if (!rxsc) { - os_free(peer); - return NULL; -@@ -611,12 +605,10 @@ ieee802_1x_kay_move_live_peer(struct ieee802_1x_mka_participant *participant, - { - struct ieee802_1x_kay_peer *peer; - struct receive_sc *rxsc; -- u32 sc_ch = 0; - - peer = ieee802_1x_kay_get_potential_peer(participant, mi); - -- rxsc = ieee802_1x_kay_init_receive_sc(&participant->current_peer_sci, -- sc_ch); -+ rxsc = ieee802_1x_kay_init_receive_sc(&participant->current_peer_sci); - if (!rxsc) - return NULL; - -@@ -631,8 +623,6 @@ ieee802_1x_kay_move_live_peer(struct ieee802_1x_mka_participant *participant, - dl_list_del(&peer->list); - dl_list_add_tail(&participant->live_peers, &peer->list); - -- secy_get_available_receive_sc(participant->kay, &sc_ch); -- - dl_list_add(&participant->rxsc_list, &rxsc->list); - secy_create_receive_sc(participant->kay, rxsc); - -@@ -2438,8 +2428,8 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN, - - dl_list_add(&psc->sa_list, &psa->list); - wpa_printf(MSG_DEBUG, -- "KaY: Create transmit SA(an: %hhu, next_PN: %u) of SC(channel: %d)", -- an, next_PN, psc->channel); -+ "KaY: Create transmit SA(an: %hhu, next_PN: %u) of SC", -+ an, next_PN); - - return psa; - } -@@ -2463,8 +2453,7 @@ static void ieee802_1x_kay_deinit_transmit_sa(struct transmit_sa *psa) - * init_transmit_sc - - */ - static struct transmit_sc * --ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci, -- int channel) -+ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci) - { - struct transmit_sc *psc; - -@@ -2474,7 +2463,6 @@ ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci, - return NULL; - } - os_memcpy(&psc->sci, sci, sizeof(psc->sci)); -- psc->channel = channel; - - os_get_time(&psc->created_time); - psc->transmitting = FALSE; -@@ -2482,7 +2470,7 @@ ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci, - psc->enciphering_sa = FALSE; - - dl_list_init(&psc->sa_list); -- wpa_printf(MSG_DEBUG, "KaY: Create transmit SC(channel: %d)", channel); -+ wpa_printf(MSG_DEBUG, "KaY: Create transmit SC"); - wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)sci , sizeof(*sci)); - - return psc; -@@ -2498,8 +2486,7 @@ ieee802_1x_kay_deinit_transmit_sc( - { - struct transmit_sa *psa, *tmp; - -- wpa_printf(MSG_DEBUG, "KaY: Delete transmit SC(channel: %d)", -- psc->channel); -+ wpa_printf(MSG_DEBUG, "KaY: Delete transmit SC"); - dl_list_for_each_safe(psa, tmp, &psc->sa_list, struct transmit_sa, - list) { - secy_disable_transmit_sa(participant->kay, psa); -@@ -3089,7 +3076,6 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - - /* Initialize the SecY must be prio to CP, as CP will control SecY */ - secy_init_macsec(kay); -- secy_get_available_transmit_sc(kay, &kay->sc_ch); - - wpa_printf(MSG_DEBUG, "KaY: secy init macsec done"); - -@@ -3250,8 +3236,7 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn, - dl_list_init(&participant->sak_list); - participant->new_key = NULL; - dl_list_init(&participant->rxsc_list); -- participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci, -- kay->sc_ch); -+ participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci); - secy_cp_control_protect_frames(kay, kay->macsec_protect); - secy_cp_control_replay(kay, kay->macsec_replay_protect, - kay->macsec_replay_window); -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index bf6fbe5..c6fa387 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -80,8 +80,6 @@ struct transmit_sc { - u8 enciphering_sa; /* AN encipheringSA (read only) */ - - /* not defined data */ -- unsigned int channel; -- - struct dl_list list; - struct dl_list sa_list; - }; -@@ -109,8 +107,6 @@ struct receive_sc { - - struct os_time created_time; /* Time createdTime */ - -- unsigned int channel; -- - struct dl_list list; - struct dl_list sa_list; - }; -@@ -146,7 +142,6 @@ struct ieee802_1x_kay_ctx { - int (*get_receive_lowest_pn)(void *ctx, struct receive_sa *sa); - int (*get_transmit_next_pn)(void *ctx, struct transmit_sa *sa); - int (*set_transmit_next_pn)(void *ctx, struct transmit_sa *sa); -- int (*get_available_receive_sc)(void *ctx, u32 *channel); - int (*create_receive_sc)(void *ctx, struct receive_sc *sc, - enum validate_frames vf, - enum confidentiality_offset co); -@@ -154,7 +149,6 @@ struct ieee802_1x_kay_ctx { - int (*create_receive_sa)(void *ctx, struct receive_sa *sa); - int (*enable_receive_sa)(void *ctx, struct receive_sa *sa); - int (*disable_receive_sa)(void *ctx, struct receive_sa *sa); -- int (*get_available_transmit_sc)(void *ctx, u32 *channel); - int (*create_transmit_sc)(void *ctx, struct transmit_sc *sc, - enum confidentiality_offset co); - int (*delete_transmit_sc)(void *ctx, struct transmit_sc *sc); -@@ -209,7 +203,6 @@ struct ieee802_1x_kay { - - u8 mka_version; - u8 algo_agility[4]; -- u32 sc_ch; - - u32 pn_exhaustion; - Boolean port_enable; -diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c -index 32ee816..b57c670 100644 ---- a/src/pae/ieee802_1x_secy_ops.c -+++ b/src/pae/ieee802_1x_secy_ops.c -@@ -196,26 +196,6 @@ int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay, - } - - --int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel) --{ -- struct ieee802_1x_kay_ctx *ops; -- -- if (!kay) { -- wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); -- return -1; -- } -- -- ops = kay->ctx; -- if (!ops || !ops->get_available_receive_sc) { -- wpa_printf(MSG_ERROR, -- "KaY: secy get_available_receive_sc operation not supported"); -- return -1; -- } -- -- return ops->get_available_receive_sc(ops->ctx, channel); --} -- -- - int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc) - { - struct ieee802_1x_kay_ctx *ops; -@@ -320,26 +300,6 @@ int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) - } - - --int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel) --{ -- struct ieee802_1x_kay_ctx *ops; -- -- if (!kay) { -- wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); -- return -1; -- } -- -- ops = kay->ctx; -- if (!ops || !ops->get_available_transmit_sc) { -- wpa_printf(MSG_ERROR, -- "KaY: secy get_available_transmit_sc operation not supported"); -- return -1; -- } -- -- return ops->get_available_transmit_sc(ops->ctx, channel); --} -- -- - int secy_create_transmit_sc(struct ieee802_1x_kay *kay, - struct transmit_sc *txsc) - { -diff --git a/src/pae/ieee802_1x_secy_ops.h b/src/pae/ieee802_1x_secy_ops.h -index bfd5737..59f0baa 100644 ---- a/src/pae/ieee802_1x_secy_ops.h -+++ b/src/pae/ieee802_1x_secy_ops.h -@@ -35,7 +35,6 @@ int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay, - struct transmit_sa *txsa); - int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay, - struct transmit_sa *txsa); --int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel); - int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc); - int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc); - int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); -@@ -43,7 +42,6 @@ int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); - int secy_disable_receive_sa(struct ieee802_1x_kay *kay, - struct receive_sa *rxsa); - --int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel); - int secy_create_transmit_sc(struct ieee802_1x_kay *kay, - struct transmit_sc *txsc); - int secy_delete_transmit_sc(struct ieee802_1x_kay *kay, -diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h -index f8efddc..244e386 100644 ---- a/wpa_supplicant/driver_i.h -+++ b/wpa_supplicant/driver_i.h -@@ -780,15 +780,6 @@ static inline int wpa_drv_set_transmit_next_pn(struct wpa_supplicant *wpa_s, - return wpa_s->driver->set_transmit_next_pn(wpa_s->drv_priv, sa); - } - --static inline int wpa_drv_get_available_receive_sc(struct wpa_supplicant *wpa_s, -- u32 *channel) --{ -- if (!wpa_s->driver->get_available_receive_sc) -- return -1; -- return wpa_s->driver->get_available_receive_sc(wpa_s->drv_priv, -- channel); --} -- - static inline int - wpa_drv_create_receive_sc(struct wpa_supplicant *wpa_s, struct receive_sc *sc, - unsigned int conf_offset, int validation) -@@ -832,15 +823,6 @@ static inline int wpa_drv_disable_receive_sa(struct wpa_supplicant *wpa_s, - } - - static inline int --wpa_drv_get_available_transmit_sc(struct wpa_supplicant *wpa_s, u32 *channel) --{ -- if (!wpa_s->driver->get_available_transmit_sc) -- return -1; -- return wpa_s->driver->get_available_transmit_sc(wpa_s->drv_priv, -- channel); --} -- --static inline int - wpa_drv_create_transmit_sc(struct wpa_supplicant *wpa_s, struct transmit_sc *sc, - unsigned int conf_offset) - { -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index 29b7b56..64364f7 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -86,12 +86,6 @@ static int wpas_set_transmit_next_pn(void *wpa_s, struct transmit_sa *sa) - } - - --static int wpas_get_available_receive_sc(void *wpa_s, u32 *channel) --{ -- return wpa_drv_get_available_receive_sc(wpa_s, channel); --} -- -- - static unsigned int conf_offset_val(enum confidentiality_offset co) - { - switch (co) { -@@ -138,12 +132,6 @@ static int wpas_disable_receive_sa(void *wpa_s, struct receive_sa *sa) - } - - --static int wpas_get_available_transmit_sc(void *wpa_s, u32 *channel) --{ -- return wpa_drv_get_available_transmit_sc(wpa_s, channel); --} -- -- - static int - wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc, - enum confidentiality_offset co) -@@ -205,13 +193,11 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) - kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn; - kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn; - kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn; -- kay_ctx->get_available_receive_sc = wpas_get_available_receive_sc; - kay_ctx->create_receive_sc = wpas_create_receive_sc; - kay_ctx->delete_receive_sc = wpas_delete_receive_sc; - kay_ctx->create_receive_sa = wpas_create_receive_sa; - kay_ctx->enable_receive_sa = wpas_enable_receive_sa; - kay_ctx->disable_receive_sa = wpas_disable_receive_sa; -- kay_ctx->get_available_transmit_sc = wpas_get_available_transmit_sc; - kay_ctx->create_transmit_sc = wpas_create_transmit_sc; - kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc; - kay_ctx->create_transmit_sa = wpas_create_transmit_sa; --- -2.7.4 - diff --git a/macsec-0009-mka-Sync-structs-definitions-with-IEEE-Std-802.1X-20.patch b/macsec-0009-mka-Sync-structs-definitions-with-IEEE-Std-802.1X-20.patch deleted file mode 100644 index 18a88b2c87e0bfbe76b5a54573a9482decd5936c..0000000000000000000000000000000000000000 --- a/macsec-0009-mka-Sync-structs-definitions-with-IEEE-Std-802.1X-20.patch +++ /dev/null @@ -1,180 +0,0 @@ -From 6b6175b788c5f44ff40f61003cbdb315dfabe0a2 Mon Sep 17 00:00:00 2001 -Message-Id: <6b6175b788c5f44ff40f61003cbdb315dfabe0a2.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Fri, 21 Oct 2016 14:45:27 +0200 -Subject: [PATCH] mka: Sync structs definitions with IEEE Std 802.1X-2010 - -Document some data structures from IEEE Std 802.1X-2010, and add the -(not used yet) struct ieee802_1x_mka_dist_cak_body. - -Signed-off-by: Sabrina Dubroca ---- - src/pae/ieee802_1x_kay.h | 8 +++- - src/pae/ieee802_1x_kay_i.h | 97 +++++++++++++++++++++++++++++++++++++++++++++- - 2 files changed, 103 insertions(+), 2 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index c6fa387..e2ba180 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -15,7 +15,7 @@ - - struct macsec_init_params; - --#define MI_LEN 12 -+#define MI_LEN 12 /* 96-bit Member Identifier */ - #define MAX_KEY_LEN 32 /* 32 bytes, 256 bits */ - #define MAX_CKN_LEN 32 /* 32 bytes, 256 bits */ - -@@ -24,6 +24,12 @@ struct macsec_init_params; - #define MKA_LIFE_TIME 6000 - #define MKA_SAK_RETIRE_TIME 3000 - -+/** -+ * struct ieee802_1x_mka_ki - Key Identifier (KI) -+ * @mi: Key Server's Member Identifier -+ * @kn: Key Number, assigned by the Key Server -+ * IEEE 802.1X-2010 9.8 SAK generation, distribution, and selection -+ */ - struct ieee802_1x_mka_ki { - u8 mi[MI_LEN]; - u32 kn; -diff --git a/src/pae/ieee802_1x_kay_i.h b/src/pae/ieee802_1x_kay_i.h -index e3d7db4..0c4bb8e 100644 ---- a/src/pae/ieee802_1x_kay_i.h -+++ b/src/pae/ieee802_1x_kay_i.h -@@ -168,6 +168,22 @@ struct ieee802_1x_mka_hdr { - - #define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr) - -+/** -+ * struct ieee802_1x_mka_basic_body - Basic Parameter Set (Figure 11-8) -+ * @version: MKA Version Identifier -+ * @priority: Key Server Priority -+ * @length: Parameter set body length -+ * @macsec_capability: MACsec capability, as defined in ieee802_1x_defs.h -+ * @macsec_desired: the participant wants MACsec to be used to protect frames -+ * (9.6.1) -+ * @key_server: the participant has not decided that another participant is or -+ * will be the key server (9.5.1) -+ * @length1: Parameter set body length (cont) -+ * @actor_mi: Actor's Member Identifier -+ * @actor_mn: Actor's Message Number -+ * @algo_agility: Algorithm Agility parameter -+ * @ckn: CAK Name -+ */ - struct ieee802_1x_mka_basic_body { - /* octet 1 */ - u8 version; -@@ -197,6 +213,14 @@ struct ieee802_1x_mka_basic_body { - u8 ckn[0]; - }; - -+/** -+ * struct ieee802_1x_mka_peer_body - Live Peer List and Potential Peer List -+ * parameter sets (Figure 11-9) -+ * @type: Parameter set type (1 or 2) -+ * @length: Parameter set body length -+ * @length1: Parameter set body length (cont) -+ * @peer: array of (MI, MN) pairs -+ */ - struct ieee802_1x_mka_peer_body { - /* octet 1 */ - u8 type; -@@ -217,6 +241,28 @@ struct ieee802_1x_mka_peer_body { - /* followed by Peers */ - }; - -+/** -+ * struct ieee802_1x_mka_sak_use_body - MACsec SAK Use parameter set (Figure -+ * 11-10) -+ * @type: MKA message type -+ * @lan: latest key AN -+ * @ltx: latest key TX -+ * @lrx: latest key RX -+ * @oan: old key AN -+ * @otx: old key TX -+ * @orx: old key RX -+ * @ptx: plain TX, ie protectFrames is False -+ * @prx: plain RX, ie validateFrames is not Strict -+ * @delay_protect: True if LPNs are being reported sufficiently frequently to -+ * allow the recipient to provide data delay protection. If False, the LPN -+ * can be reported as zero. -+ * @lsrv_mi: latest key server MI -+ * @lkn: latest key number (together with MI, form the KI) -+ * @llpn: latest lowest acceptable PN (LPN) -+ * @osrv_mi: old key server MI -+ * @okn: old key number (together with MI, form the KI) -+ * @olpn: old lowest acceptable PN (LPN) -+ */ - struct ieee802_1x_mka_sak_use_body { - /* octet 1 */ - u8 type; -@@ -270,7 +316,21 @@ struct ieee802_1x_mka_sak_use_body { - be32 olpn; - }; - -- -+/** -+ * struct ieee802_1x_mka_dist_sak_body - Distributed SAK parameter set -+ * (GCM-AES-128, Figure 11-11) -+ * @type: Parameter set type (4) -+ * @length: Parameter set body length -+ * @length1: Parameter set body length (cont) -+ * Total parameter body length values: -+ * - 0 for plain text -+ * - 28 for GCM-AES-128 -+ * - 36 or more for other cipher suites -+ * @confid_offset: confidentiality offset, as defined in ieee802_1x_defs.h -+ * @dan: distributed AN (0 for plain text) -+ * @kn: Key Number -+ * @sak: AES Key Wrap of SAK (see 9.8) -+ */ - struct ieee802_1x_mka_dist_sak_body { - /* octet 1 */ - u8 type; -@@ -303,6 +363,41 @@ struct ieee802_1x_mka_dist_sak_body { - u8 sak[0]; - }; - -+/** -+ * struct ieee802_1x_mka_dist_cak_body - Distributed CAK parameter set (Figure -+ * 11-13) -+ * @type: Parameter set type (5) -+ * @length: Parameter set body length -+ * @length1: Parameter set body length (cont) -+ * Total parameter body length values: -+ * - 0 for plain text -+ * - 28 for GCM-AES-128 -+ * - 36 or more for other cipher suites -+ * @cak: AES Key Wrap of CAK (see 9.8) -+ * @ckn: CAK Name -+ */ -+struct ieee802_1x_mka_dist_cak_body { -+ /* octet 1 */ -+ u8 type; -+ /* octet 2 */ -+ u8 reserve; -+ /* octet 3 */ -+#if __BYTE_ORDER == __LITTLE_ENDIAN -+ u8 length:4; -+ u8 reserve1:4; -+#elif __BYTE_ORDER == __BIG_ENDIAN -+ u8 reserve1:4; -+ u8 length:4; -+#endif -+ /* octet 4 */ -+ u8 length1; -+ -+ /* octet 5 - 28 */ -+ u8 cak[24]; -+ -+ /* followed by CAK Name, 29- */ -+ u8 ckn[0]; -+}; - - struct ieee802_1x_mka_icv_body { - /* octet 1 */ --- -2.7.4 - diff --git a/macsec-0010-mka-Add-support-for-removing-SAs.patch b/macsec-0010-mka-Add-support-for-removing-SAs.patch deleted file mode 100644 index c0fa74b80a5c64e8bd6627023437b67ea6e6367d..0000000000000000000000000000000000000000 --- a/macsec-0010-mka-Add-support-for-removing-SAs.patch +++ /dev/null @@ -1,388 +0,0 @@ -From 23c3528a8461681b23c94ed441cd94c8d528bebe Mon Sep 17 00:00:00 2001 -Message-Id: <23c3528a8461681b23c94ed441cd94c8d528bebe.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Fri, 21 Oct 2016 14:45:28 +0200 -Subject: [PATCH] mka: Add support for removing SAs - -So that the core can notify drivers that need to perform some operations -when an SA is deleted. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 16 +++++++++ - src/pae/ieee802_1x_kay.c | 81 +++++++++++++++++++++++++++++++++---------- - src/pae/ieee802_1x_kay.h | 2 ++ - src/pae/ieee802_1x_secy_ops.c | 41 ++++++++++++++++++++++ - src/pae/ieee802_1x_secy_ops.h | 3 ++ - wpa_supplicant/driver_i.h | 16 +++++++++ - wpa_supplicant/wpas_kay.c | 14 ++++++++ - 7 files changed, 154 insertions(+), 19 deletions(-) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index 54ae6b7..9a6db90 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -3419,6 +3419,14 @@ struct wpa_driver_ops { - int (*create_receive_sa)(void *priv, struct receive_sa *sa); - - /** -+ * delete_receive_sa - Delete secure association for receive -+ * @priv: Private driver interface data from init() -+ * @sa: Secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+ int (*delete_receive_sa)(void *priv, struct receive_sa *sa); -+ -+ /** - * enable_receive_sa - enable the SA for receive - * @priv: private driver interface data from init() - * @sa: secure association -@@ -3461,6 +3469,14 @@ struct wpa_driver_ops { - int (*create_transmit_sa)(void *priv, struct transmit_sa *sa); - - /** -+ * delete_transmit_sa - Delete secure association for transmit -+ * @priv: Private driver interface data from init() -+ * @sa: Secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+ int (*delete_transmit_sa)(void *priv, struct transmit_sa *sa); -+ -+ /** - * enable_transmit_sa - enable SA for transmit - * @priv: private driver interface data from init() - * @sa: secure association -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 38a8293..e312d04 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -491,6 +491,15 @@ ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci) - } - - -+static void ieee802_1x_delete_receive_sa(struct ieee802_1x_kay *kay, -+ struct receive_sa *sa) -+{ -+ secy_disable_receive_sa(kay, sa); -+ secy_delete_receive_sa(kay, sa); -+ ieee802_1x_kay_deinit_receive_sa(sa); -+} -+ -+ - /** - * ieee802_1x_kay_deinit_receive_sc - - **/ -@@ -502,10 +511,9 @@ ieee802_1x_kay_deinit_receive_sc( - - wpa_printf(MSG_DEBUG, "KaY: Delete receive SC"); - dl_list_for_each_safe(psa, pre_sa, &psc->sa_list, struct receive_sa, -- list) { -- secy_disable_receive_sa(participant->kay, psa); -- ieee802_1x_kay_deinit_receive_sa(psa); -- } -+ list) -+ ieee802_1x_delete_receive_sa(participant->kay, psa); -+ - dl_list_del(&psc->list); - os_free(psc); - } -@@ -2270,6 +2278,16 @@ ieee802_1x_participant_send_mkpdu( - - - static void ieee802_1x_kay_deinit_transmit_sa(struct transmit_sa *psa); -+ -+static void ieee802_1x_delete_transmit_sa(struct ieee802_1x_kay *kay, -+ struct transmit_sa *sa) -+{ -+ secy_disable_transmit_sa(kay, sa); -+ secy_delete_transmit_sa(kay, sa); -+ ieee802_1x_kay_deinit_transmit_sa(sa); -+} -+ -+ - /** - * ieee802_1x_participant_timer - - */ -@@ -2344,8 +2362,7 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx) - dl_list_for_each_safe(txsa, pre_txsa, - &participant->txsc->sa_list, - struct transmit_sa, list) { -- secy_disable_transmit_sa(kay, txsa); -- ieee802_1x_kay_deinit_transmit_sa(txsa); -+ ieee802_1x_delete_transmit_sa(kay, txsa); - } - - ieee802_1x_cp_connect_authenticated(kay->cp); -@@ -2487,11 +2504,8 @@ ieee802_1x_kay_deinit_transmit_sc( - struct transmit_sa *psa, *tmp; - - wpa_printf(MSG_DEBUG, "KaY: Delete transmit SC"); -- dl_list_for_each_safe(psa, tmp, &psc->sa_list, struct transmit_sa, -- list) { -- secy_disable_transmit_sa(participant->kay, psa); -- ieee802_1x_kay_deinit_transmit_sa(psa); -- } -+ dl_list_for_each_safe(psa, tmp, &psc->sa_list, struct transmit_sa, list) -+ ieee802_1x_delete_transmit_sa(participant->kay, psa); - - os_free(psc); - } -@@ -2569,6 +2583,32 @@ int ieee802_1x_kay_set_old_sa_attr(struct ieee802_1x_kay *kay, - } - - -+static struct transmit_sa * lookup_txsa_by_an(struct transmit_sc *txsc, u8 an) -+{ -+ struct transmit_sa *txsa; -+ -+ dl_list_for_each(txsa, &txsc->sa_list, struct transmit_sa, list) { -+ if (txsa->an == an) -+ return txsa; -+ } -+ -+ return NULL; -+} -+ -+ -+static struct receive_sa * lookup_rxsa_by_an(struct receive_sc *rxsc, u8 an) -+{ -+ struct receive_sa *rxsa; -+ -+ dl_list_for_each(rxsa, &rxsc->sa_list, struct receive_sa, list) { -+ if (rxsa->an == an) -+ return rxsa; -+ } -+ -+ return NULL; -+} -+ -+ - /** - * ieee802_1x_kay_create_sas - - */ -@@ -2603,6 +2643,9 @@ int ieee802_1x_kay_create_sas(struct ieee802_1x_kay *kay, - } - - dl_list_for_each(rxsc, &principal->rxsc_list, struct receive_sc, list) { -+ while ((rxsa = lookup_rxsa_by_an(rxsc, latest_sak->an)) != NULL) -+ ieee802_1x_delete_receive_sa(kay, rxsa); -+ - rxsa = ieee802_1x_kay_init_receive_sa(rxsc, latest_sak->an, 1, - latest_sak); - if (!rxsa) -@@ -2611,6 +2654,10 @@ int ieee802_1x_kay_create_sas(struct ieee802_1x_kay *kay, - secy_create_receive_sa(kay, rxsa); - } - -+ while ((txsa = lookup_txsa_by_an(principal->txsc, latest_sak->an)) != -+ NULL) -+ ieee802_1x_delete_transmit_sa(kay, txsa); -+ - txsa = ieee802_1x_kay_init_transmit_sa(principal->txsc, latest_sak->an, - 1, latest_sak); - if (!txsa) -@@ -2644,20 +2691,16 @@ int ieee802_1x_kay_delete_sas(struct ieee802_1x_kay *kay, - /* remove the transmit sa */ - dl_list_for_each_safe(txsa, pre_txsa, &principal->txsc->sa_list, - struct transmit_sa, list) { -- if (is_ki_equal(&txsa->pkey->key_identifier, ki)) { -- secy_disable_transmit_sa(kay, txsa); -- ieee802_1x_kay_deinit_transmit_sa(txsa); -- } -+ if (is_ki_equal(&txsa->pkey->key_identifier, ki)) -+ ieee802_1x_delete_transmit_sa(kay, txsa); - } - - /* remove the receive sa */ - dl_list_for_each(rxsc, &principal->rxsc_list, struct receive_sc, list) { - dl_list_for_each_safe(rxsa, pre_rxsa, &rxsc->sa_list, - struct receive_sa, list) { -- if (is_ki_equal(&rxsa->pkey->key_identifier, ki)) { -- secy_disable_receive_sa(kay, rxsa); -- ieee802_1x_kay_deinit_receive_sa(rxsa); -- } -+ if (is_ki_equal(&rxsa->pkey->key_identifier, ki)) -+ ieee802_1x_delete_receive_sa(kay, rxsa); - } - } - -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index e2ba180..5233cb2 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -153,12 +153,14 @@ struct ieee802_1x_kay_ctx { - enum confidentiality_offset co); - int (*delete_receive_sc)(void *ctx, struct receive_sc *sc); - int (*create_receive_sa)(void *ctx, struct receive_sa *sa); -+ int (*delete_receive_sa)(void *ctx, struct receive_sa *sa); - int (*enable_receive_sa)(void *ctx, struct receive_sa *sa); - int (*disable_receive_sa)(void *ctx, struct receive_sa *sa); - int (*create_transmit_sc)(void *ctx, struct transmit_sc *sc, - enum confidentiality_offset co); - int (*delete_transmit_sc)(void *ctx, struct transmit_sc *sc); - int (*create_transmit_sa)(void *ctx, struct transmit_sa *sa); -+ int (*delete_transmit_sa)(void *ctx, struct transmit_sa *sa); - int (*enable_transmit_sa)(void *ctx, struct transmit_sa *sa); - int (*disable_transmit_sa)(void *ctx, struct transmit_sa *sa); - }; -diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c -index b57c670..b1a9d22 100644 ---- a/src/pae/ieee802_1x_secy_ops.c -+++ b/src/pae/ieee802_1x_secy_ops.c -@@ -256,6 +256,26 @@ int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) - } - - -+int secy_delete_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) -+{ -+ struct ieee802_1x_kay_ctx *ops; -+ -+ if (!kay || !rxsa) { -+ wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); -+ return -1; -+ } -+ -+ ops = kay->ctx; -+ if (!ops || !ops->delete_receive_sa) { -+ wpa_printf(MSG_ERROR, -+ "KaY: secy delete_receive_sa operation not supported"); -+ return -1; -+ } -+ -+ return ops->delete_receive_sa(ops->ctx, rxsa); -+} -+ -+ - int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa) - { - struct ieee802_1x_kay_ctx *ops; -@@ -363,6 +383,27 @@ int secy_create_transmit_sa(struct ieee802_1x_kay *kay, - } - - -+int secy_delete_transmit_sa(struct ieee802_1x_kay *kay, -+ struct transmit_sa *txsa) -+{ -+ struct ieee802_1x_kay_ctx *ops; -+ -+ if (!kay || !txsa) { -+ wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); -+ return -1; -+ } -+ -+ ops = kay->ctx; -+ if (!ops || !ops->delete_transmit_sa) { -+ wpa_printf(MSG_ERROR, -+ "KaY: secy delete_transmit_sa operation not supported"); -+ return -1; -+ } -+ -+ return ops->delete_transmit_sa(ops->ctx, txsa); -+} -+ -+ - int secy_enable_transmit_sa(struct ieee802_1x_kay *kay, - struct transmit_sa *txsa) - { -diff --git a/src/pae/ieee802_1x_secy_ops.h b/src/pae/ieee802_1x_secy_ops.h -index 59f0baa..477120b 100644 ---- a/src/pae/ieee802_1x_secy_ops.h -+++ b/src/pae/ieee802_1x_secy_ops.h -@@ -38,6 +38,7 @@ int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay, - int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc); - int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc); - int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); -+int secy_delete_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); - int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); - int secy_disable_receive_sa(struct ieee802_1x_kay *kay, - struct receive_sa *rxsa); -@@ -48,6 +49,8 @@ int secy_delete_transmit_sc(struct ieee802_1x_kay *kay, - struct transmit_sc *txsc); - int secy_create_transmit_sa(struct ieee802_1x_kay *kay, - struct transmit_sa *txsa); -+int secy_delete_transmit_sa(struct ieee802_1x_kay *kay, -+ struct transmit_sa *txsa); - int secy_enable_transmit_sa(struct ieee802_1x_kay *kay, - struct transmit_sa *txsa); - int secy_disable_transmit_sa(struct ieee802_1x_kay *kay, -diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h -index 244e386..c9bb20d 100644 ---- a/wpa_supplicant/driver_i.h -+++ b/wpa_supplicant/driver_i.h -@@ -806,6 +806,14 @@ static inline int wpa_drv_create_receive_sa(struct wpa_supplicant *wpa_s, - return wpa_s->driver->create_receive_sa(wpa_s->drv_priv, sa); - } - -+static inline int wpa_drv_delete_receive_sa(struct wpa_supplicant *wpa_s, -+ struct receive_sa *sa) -+{ -+ if (!wpa_s->driver->delete_receive_sa) -+ return -1; -+ return wpa_s->driver->delete_receive_sa(wpa_s->drv_priv, sa); -+} -+ - static inline int wpa_drv_enable_receive_sa(struct wpa_supplicant *wpa_s, - struct receive_sa *sa) - { -@@ -848,6 +856,14 @@ static inline int wpa_drv_create_transmit_sa(struct wpa_supplicant *wpa_s, - return wpa_s->driver->create_transmit_sa(wpa_s->drv_priv, sa); - } - -+static inline int wpa_drv_delete_transmit_sa(struct wpa_supplicant *wpa_s, -+ struct transmit_sa *sa) -+{ -+ if (!wpa_s->driver->delete_transmit_sa) -+ return -1; -+ return wpa_s->driver->delete_transmit_sa(wpa_s->drv_priv, sa); -+} -+ - static inline int wpa_drv_enable_transmit_sa(struct wpa_supplicant *wpa_s, - struct transmit_sa *sa) - { -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index 64364f7..e032330 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -120,6 +120,12 @@ static int wpas_create_receive_sa(void *wpa_s, struct receive_sa *sa) - } - - -+static int wpas_delete_receive_sa(void *wpa_s, struct receive_sa *sa) -+{ -+ return wpa_drv_delete_receive_sa(wpa_s, sa); -+} -+ -+ - static int wpas_enable_receive_sa(void *wpa_s, struct receive_sa *sa) - { - return wpa_drv_enable_receive_sa(wpa_s, sa); -@@ -152,6 +158,12 @@ static int wpas_create_transmit_sa(void *wpa_s, struct transmit_sa *sa) - } - - -+static int wpas_delete_transmit_sa(void *wpa_s, struct transmit_sa *sa) -+{ -+ return wpa_drv_delete_transmit_sa(wpa_s, sa); -+} -+ -+ - static int wpas_enable_transmit_sa(void *wpa_s, struct transmit_sa *sa) - { - return wpa_drv_enable_transmit_sa(wpa_s, sa); -@@ -196,11 +208,13 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) - kay_ctx->create_receive_sc = wpas_create_receive_sc; - kay_ctx->delete_receive_sc = wpas_delete_receive_sc; - kay_ctx->create_receive_sa = wpas_create_receive_sa; -+ kay_ctx->delete_receive_sa = wpas_delete_receive_sa; - kay_ctx->enable_receive_sa = wpas_enable_receive_sa; - kay_ctx->disable_receive_sa = wpas_disable_receive_sa; - kay_ctx->create_transmit_sc = wpas_create_transmit_sc; - kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc; - kay_ctx->create_transmit_sa = wpas_create_transmit_sa; -+ kay_ctx->delete_transmit_sa = wpas_delete_transmit_sa; - kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa; - kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa; - --- -2.7.4 - diff --git a/macsec-0011-mka-Implement-reference-counting-on-data_key.patch b/macsec-0011-mka-Implement-reference-counting-on-data_key.patch deleted file mode 100644 index 770b7c0013057e9fafffad52302fc488ec27a218..0000000000000000000000000000000000000000 --- a/macsec-0011-mka-Implement-reference-counting-on-data_key.patch +++ /dev/null @@ -1,149 +0,0 @@ -From 99b82bf53792d48b5d0c3f9edcccc6e53c9510fe Mon Sep 17 00:00:00 2001 -Message-Id: <99b82bf53792d48b5d0c3f9edcccc6e53c9510fe.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Fri, 21 Oct 2016 14:45:29 +0200 -Subject: [PATCH] mka: Implement reference counting on data_key - -struct data_key already had a 'user' field for reference counting, but -it was basically unused. - -Add an ieee802_1x_kay_use_data_key() function to take a reference on a -key, and use ieee802_1x_kay_deinit_data_key() to release the reference. - -Signed-off-by: Sabrina Dubroca ---- - src/pae/ieee802_1x_kay.c | 28 ++++++++++++++++++++++++---- - src/pae/ieee802_1x_kay.h | 2 +- - 2 files changed, 25 insertions(+), 5 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index e312d04..63bbd13 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -411,6 +411,8 @@ ieee802_1x_kay_get_peer_sci(struct ieee802_1x_mka_participant *participant, - } - - -+static void ieee802_1x_kay_use_data_key(struct data_key *pkey); -+ - /** - * ieee802_1x_kay_init_receive_sa - - */ -@@ -429,6 +431,7 @@ ieee802_1x_kay_init_receive_sa(struct receive_sc *psc, u8 an, u32 lowest_pn, - return NULL; - } - -+ ieee802_1x_kay_use_data_key(key); - psa->pkey = key; - psa->lowest_pn = lowest_pn; - psa->next_pn = lowest_pn; -@@ -447,11 +450,14 @@ ieee802_1x_kay_init_receive_sa(struct receive_sc *psc, u8 an, u32 lowest_pn, - } - - -+static void ieee802_1x_kay_deinit_data_key(struct data_key *pkey); -+ - /** - * ieee802_1x_kay_deinit_receive_sa - - */ - static void ieee802_1x_kay_deinit_receive_sa(struct receive_sa *psa) - { -+ ieee802_1x_kay_deinit_data_key(psa->pkey); - psa->pkey = NULL; - wpa_printf(MSG_DEBUG, - "KaY: Delete receive SA(an: %hhu) of SC", -@@ -1612,6 +1618,7 @@ ieee802_1x_mka_decode_dist_sak_body( - sa_key->an = body->dan; - ieee802_1x_kay_init_data_key(sa_key); - -+ ieee802_1x_kay_use_data_key(sa_key); - dl_list_add(&participant->sak_list, &sa_key->list); - - ieee802_1x_cp_set_ciphersuite(kay->cp, cs->id); -@@ -1873,7 +1880,17 @@ static struct mka_param_body_handler mka_body_handler[] = { - - - /** -- * ieee802_1x_kay_deinit_data_key - -+ * ieee802_1x_kay_use_data_key - Take reference on a key -+ */ -+static void ieee802_1x_kay_use_data_key(struct data_key *pkey) -+{ -+ pkey->user++; -+} -+ -+ -+/** -+ * ieee802_1x_kay_deinit_data_key - Release reference on a key and -+ * free if there are no remaining users - */ - static void ieee802_1x_kay_deinit_data_key(struct data_key *pkey) - { -@@ -1884,7 +1901,6 @@ static void ieee802_1x_kay_deinit_data_key(struct data_key *pkey) - if (pkey->user > 1) - return; - -- dl_list_del(&pkey->list); - os_free(pkey->key); - os_free(pkey); - } -@@ -1994,7 +2010,9 @@ ieee802_1x_kay_generate_new_sak(struct ieee802_1x_mka_participant *participant) - - participant->new_key = sa_key; - -+ ieee802_1x_kay_use_data_key(sa_key); - dl_list_add(&participant->sak_list, &sa_key->list); -+ - ieee802_1x_cp_set_ciphersuite(kay->cp, cs->id); - ieee802_1x_cp_sm_step(kay->cp); - ieee802_1x_cp_set_offset(kay->cp, kay->macsec_confidentiality); -@@ -2436,6 +2454,7 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN, - psa->confidentiality = FALSE; - - psa->an = an; -+ ieee802_1x_kay_use_data_key(key); - psa->pkey = key; - psa->next_pn = next_PN; - psa->sc = psc; -@@ -2457,6 +2476,7 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN, - */ - static void ieee802_1x_kay_deinit_transmit_sa(struct transmit_sa *psa) - { -+ ieee802_1x_kay_deinit_data_key(psa->pkey); - psa->pkey = NULL; - wpa_printf(MSG_DEBUG, - "KaY: Delete transmit SA(an: %hhu) of SC", -@@ -2708,6 +2728,7 @@ int ieee802_1x_kay_delete_sas(struct ieee802_1x_kay *kay, - dl_list_for_each_safe(sa_key, pre_key, &principal->sak_list, - struct data_key, list) { - if (is_ki_equal(&sa_key->key_identifier, ki)) { -+ dl_list_del(&sa_key->list); - ieee802_1x_kay_deinit_data_key(sa_key); - break; - } -@@ -3375,8 +3396,7 @@ ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn) - sak = dl_list_entry(participant->sak_list.next, - struct data_key, list); - dl_list_del(&sak->list); -- os_free(sak->key); -- os_free(sak); -+ ieee802_1x_kay_deinit_data_key(sak); - } - while (!dl_list_empty(&participant->rxsc_list)) { - rxsc = dl_list_entry(participant->rxsc_list.next, -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index 5233cb2..576a8a0 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -70,7 +70,7 @@ struct data_key { - Boolean rx_latest; - Boolean tx_latest; - -- int user; /* FIXME: to indicate if it can be delete safely */ -+ int user; - - struct dl_list list; - }; --- -2.7.4 - diff --git a/macsec-0012-mka-Fix-getting-capabilities-from-the-driver.patch b/macsec-0012-mka-Fix-getting-capabilities-from-the-driver.patch deleted file mode 100644 index 3ea1d7fc39d72bf55fcaf8ccc9b0faccb07c83b6..0000000000000000000000000000000000000000 --- a/macsec-0012-mka-Fix-getting-capabilities-from-the-driver.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 088d53dd15b14a1868b70fd0b8d695ac6b68f642 Mon Sep 17 00:00:00 2001 -Message-Id: <088d53dd15b14a1868b70fd0b8d695ac6b68f642.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Tue, 15 Nov 2016 18:06:23 +0100 -Subject: [PATCH] mka: Fix getting capabilities from the driver - -In commit a25e4efc9e428d968e83398bd8c9c94698ba5851 ('mka: Add driver op -to get macsec capabilities') I added some code to check the driver's -capabilities. This commit has two problems: - - wrong enum type set in kay->macsec_confidentiality - - ignores that drivers could report MACSEC_CAP_NOT_IMPLEMENTED, in - which case the MKA would claim that MACsec is supported. - -Fix this by interpreting MACSEC_CAP_NOT_IMPLEMENTED in the same way as a -DO_NOT_SECURE policy, and set the correct value in -kay->macsec_confidentiality. - -Signed-off-by: Sabrina Dubroca ---- - src/pae/ieee802_1x_kay.c | 16 +++++++++------- - 1 file changed, 9 insertions(+), 7 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 63bbd13..2841b10 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -3111,7 +3111,14 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - - dl_list_init(&kay->participant_list); - -- if (policy == DO_NOT_SECURE) { -+ if (policy != DO_NOT_SECURE && -+ secy_get_capability(kay, &kay->macsec_capable) < 0) { -+ os_free(kay); -+ return NULL; -+ } -+ -+ if (policy == DO_NOT_SECURE || -+ kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) { - kay->macsec_capable = MACSEC_CAP_NOT_IMPLEMENTED; - kay->macsec_desired = FALSE; - kay->macsec_protect = FALSE; -@@ -3120,11 +3127,6 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - kay->macsec_replay_window = 0; - kay->macsec_confidentiality = CONFIDENTIALITY_NONE; - } else { -- if (secy_get_capability(kay, &kay->macsec_capable) < 0) { -- os_free(kay); -- return NULL; -- } -- - kay->macsec_desired = TRUE; - kay->macsec_protect = TRUE; - kay->macsec_validate = Strict; -@@ -3133,7 +3135,7 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - if (kay->macsec_capable >= MACSEC_CAP_INTEG_AND_CONF) - kay->macsec_confidentiality = CONFIDENTIALITY_OFFSET_0; - else -- kay->macsec_confidentiality = MACSEC_CAP_INTEGRITY; -+ kay->macsec_confidentiality = CONFIDENTIALITY_NONE; - } - - wpa_printf(MSG_DEBUG, "KaY: state machine created"); --- -2.7.4 - diff --git a/macsec-0013-wpa_supplicant-Allow-pre-shared-CAK-CKN-pair-for-MKA.patch b/macsec-0013-wpa_supplicant-Allow-pre-shared-CAK-CKN-pair-for-MKA.patch deleted file mode 100644 index 54ecbcd09ca8155187fbfbe712096b4c98d3cf12..0000000000000000000000000000000000000000 --- a/macsec-0013-wpa_supplicant-Allow-pre-shared-CAK-CKN-pair-for-MKA.patch +++ /dev/null @@ -1,317 +0,0 @@ -From ad51731abf06efb284d020578eb34e7b1daeb23e Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Wed, 2 Nov 2016 16:38:35 +0100 -Subject: [PATCH] wpa_supplicant: Allow pre-shared (CAK,CKN) pair for MKA - -This enables configuring key_mgmt=NONE + mka_ckn + mka_cak. -This allows wpa_supplicant to work in a peer-to-peer mode, where peers -are authenticated by the pre-shared (CAK,CKN) pair. In this mode, peers -can act as key server to distribute keys for the MACsec instances. - -This is what some MACsec switches support, and even without HW -support, it's a convenient way to setup a network. - -Signed-off-by: Sabrina Dubroca ---- - wpa_supplicant/config.c | 65 ++++++++++++++++++++++++++++++++++++++ - wpa_supplicant/config_file.c | 36 +++++++++++++++++++++ - wpa_supplicant/config_ssid.h | 20 ++++++++++++ - wpa_supplicant/wpa_supplicant.c | 7 +++- - wpa_supplicant/wpa_supplicant.conf | 8 +++++ - wpa_supplicant/wpas_kay.c | 48 ++++++++++++++++++++++++++++ - wpa_supplicant/wpas_kay.h | 10 ++++++ - 7 files changed, 193 insertions(+), 1 deletion(-) - -diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c -index a0b64b2..9011389 100644 ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -1828,6 +1828,69 @@ static char * wpa_config_write_mesh_basic_rates(const struct parse_data *data, - #endif /* CONFIG_MESH */ - - -+#ifdef CONFIG_MACSEC -+ -+static int wpa_config_parse_mka_cak(const struct parse_data *data, -+ struct wpa_ssid *ssid, int line, -+ const char *value) -+{ -+ if (hexstr2bin(value, ssid->mka_cak, MACSEC_CAK_LEN) || -+ value[MACSEC_CAK_LEN * 2] != '\0') { -+ wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CAK '%s'.", -+ line, value); -+ return -1; -+ } -+ -+ ssid->mka_psk_set |= MKA_PSK_SET_CAK; -+ -+ wpa_hexdump_key(MSG_MSGDUMP, "MKA-CAK", ssid->mka_cak, MACSEC_CAK_LEN); -+ return 0; -+} -+ -+ -+static int wpa_config_parse_mka_ckn(const struct parse_data *data, -+ struct wpa_ssid *ssid, int line, -+ const char *value) -+{ -+ if (hexstr2bin(value, ssid->mka_ckn, MACSEC_CKN_LEN) || -+ value[MACSEC_CKN_LEN * 2] != '\0') { -+ wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CKN '%s'.", -+ line, value); -+ return -1; -+ } -+ -+ ssid->mka_psk_set |= MKA_PSK_SET_CKN; -+ -+ wpa_hexdump_key(MSG_MSGDUMP, "MKA-CKN", ssid->mka_ckn, MACSEC_CKN_LEN); -+ return 0; -+} -+ -+ -+#ifndef NO_CONFIG_WRITE -+ -+static char * wpa_config_write_mka_cak(const struct parse_data *data, -+ struct wpa_ssid *ssid) -+{ -+ if (!(ssid->mka_psk_set & MKA_PSK_SET_CAK)) -+ return NULL; -+ -+ return wpa_config_write_string_hex(ssid->mka_cak, MACSEC_CAK_LEN); -+} -+ -+ -+static char * wpa_config_write_mka_ckn(const struct parse_data *data, -+ struct wpa_ssid *ssid) -+{ -+ if (!(ssid->mka_psk_set & MKA_PSK_SET_CKN)) -+ return NULL; -+ return wpa_config_write_string_hex(ssid->mka_ckn, MACSEC_CKN_LEN); -+} -+ -+#endif /* NO_CONFIG_WRITE */ -+ -+#endif /* CONFIG_MACSEC */ -+ -+ - /* Helper macros for network block parser */ - - #ifdef OFFSET -@@ -2062,6 +2125,8 @@ static const struct parse_data ssid_fields[] = { - { INT(beacon_int) }, - #ifdef CONFIG_MACSEC - { INT_RANGE(macsec_policy, 0, 1) }, -+ { FUNC_KEY(mka_cak) }, -+ { FUNC_KEY(mka_ckn) }, - #endif /* CONFIG_MACSEC */ - #ifdef CONFIG_HS20 - { INT(update_identifier) }, -diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c -index 7ae1654..172508e 100644 ---- a/wpa_supplicant/config_file.c -+++ b/wpa_supplicant/config_file.c -@@ -662,6 +662,40 @@ static void write_psk_list(FILE *f, struct wpa_ssid *ssid) - #endif /* CONFIG_P2P */ - - -+#ifdef CONFIG_MACSEC -+ -+static void write_mka_cak(FILE *f, struct wpa_ssid *ssid) -+{ -+ char *value; -+ -+ if (!(ssid->mka_psk_set & MKA_PSK_SET_CAK)) -+ return; -+ -+ value = wpa_config_get(ssid, "mka_cak"); -+ if (!value) -+ return; -+ fprintf(f, "\tmka_cak=%s\n", value); -+ os_free(value); -+} -+ -+ -+static void write_mka_ckn(FILE *f, struct wpa_ssid *ssid) -+{ -+ char *value; -+ -+ if (!(ssid->mka_psk_set & MKA_PSK_SET_CKN)) -+ return; -+ -+ value = wpa_config_get(ssid, "mka_ckn"); -+ if (!value) -+ return; -+ fprintf(f, "\tmka_ckn=%s\n", value); -+ os_free(value); -+} -+ -+#endif /* CONFIG_MACSEC */ -+ -+ - static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) - { - int i; -@@ -772,6 +806,8 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) - INT(beacon_int); - #ifdef CONFIG_MACSEC - INT(macsec_policy); -+ write_mka_cak(f, ssid); -+ write_mka_ckn(f, ssid); - #endif /* CONFIG_MACSEC */ - #ifdef CONFIG_HS20 - INT(update_identifier); -diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h -index 010b594..a530cda 100644 ---- a/wpa_supplicant/config_ssid.h -+++ b/wpa_supplicant/config_ssid.h -@@ -728,6 +728,26 @@ struct wpa_ssid { - * determine whether to use a secure session or not. - */ - int macsec_policy; -+ -+ /** -+ * mka_ckn - MKA pre-shared CKN -+ */ -+#define MACSEC_CKN_LEN 32 -+ u8 mka_ckn[MACSEC_CKN_LEN]; -+ -+ /** -+ * mka_cak - MKA pre-shared CAK -+ */ -+#define MACSEC_CAK_LEN 16 -+ u8 mka_cak[MACSEC_CAK_LEN]; -+ -+#define MKA_PSK_SET_CKN BIT(0) -+#define MKA_PSK_SET_CAK BIT(1) -+#define MKA_PSK_SET (MKA_PSK_SET_CKN | MKA_PSK_SET_CAK) -+ /** -+ * mka_psk_set - Whether mka_ckn and mka_cak are set -+ */ -+ u8 mka_psk_set; - #endif /* CONFIG_MACSEC */ - - #ifdef CONFIG_HS20 -diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c -index 5d6326a..0bfc39d 100644 ---- a/wpa_supplicant/wpa_supplicant.c -+++ b/wpa_supplicant/wpa_supplicant.c -@@ -329,7 +329,12 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) - - eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); - -- ieee802_1x_alloc_kay_sm(wpa_s, ssid); -+#ifdef CONFIG_MACSEC -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set) -+ ieee802_1x_create_preshared_mka(wpa_s, ssid); -+ else -+ ieee802_1x_alloc_kay_sm(wpa_s, ssid); -+#endif /* CONFIG_MACSEC */ - #endif /* IEEE8021X_EAPOL */ - } - -diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf -index 047ca90..8fa740b 100644 ---- a/wpa_supplicant/wpa_supplicant.conf -+++ b/wpa_supplicant/wpa_supplicant.conf -@@ -892,6 +892,14 @@ fast_reauth=1 - # 1: MACsec enabled - Should secure, accept key server's advice to - # determine whether to use a secure session or not. - # -+# mka_cak and mka_ckn: IEEE 802.1X/MACsec pre-shared authentication mode -+# This allows to configure MACsec with a pre-shared key using a (CAK,CKN) pair. -+# In this mode, instances of wpa_supplicant can act as peers, one of -+# which will become the key server and start distributing SAKs. -+# mka_cak (CAK = Secure Connectivity Association Key) takes a 16-bytes (128 bit) -+# hex-string (32 hex-digits) -+# mka_ckn (CKN = CAK Name) takes a 32-bytes (256 bit) hex-string (64 hex-digits) -+# - # mixed_cell: This option can be used to configure whether so called mixed - # cells, i.e., networks that use both plaintext and encryption in the same - # SSID, are allowed when selecting a BSS from scan results. -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index e032330..80b98d9 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -371,3 +371,51 @@ fail: - - return res; - } -+ -+ -+void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ struct mka_key *cak; -+ struct mka_key_name *ckn; -+ void *res; -+ -+ if ((ssid->mka_psk_set & MKA_PSK_SET) != MKA_PSK_SET) -+ return NULL; -+ -+ if (ieee802_1x_alloc_kay_sm(wpa_s, ssid) < 0) -+ return NULL; -+ -+ if (!wpa_s->kay || wpa_s->kay->policy == DO_NOT_SECURE) -+ return NULL; -+ -+ ckn = os_zalloc(sizeof(*ckn)); -+ if (!ckn) -+ goto dealloc; -+ -+ cak = os_zalloc(sizeof(*cak)); -+ if (!cak) -+ goto free_ckn; -+ -+ cak->len = MACSEC_CAK_LEN; -+ os_memcpy(cak->key, ssid->mka_cak, cak->len); -+ -+ ckn->len = MACSEC_CKN_LEN; -+ os_memcpy(ckn->name, ssid->mka_ckn, ckn->len); -+ -+ res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, PSK, FALSE); -+ if (res) -+ return res; -+ -+ /* Failed to create MKA */ -+ os_free(cak); -+ -+ /* fallthrough */ -+ -+free_ckn: -+ os_free(ckn); -+dealloc: -+ ieee802_1x_dealloc_kay_sm(wpa_s); -+ -+ return NULL; -+} -diff --git a/wpa_supplicant/wpas_kay.h b/wpa_supplicant/wpas_kay.h -index b7236d0..81f8e0c 100644 ---- a/wpa_supplicant/wpas_kay.h -+++ b/wpa_supplicant/wpas_kay.h -@@ -17,6 +17,9 @@ void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s, - const u8 *peer_addr); - void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s); - -+void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid); -+ - #else /* CONFIG_MACSEC */ - - static inline int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, -@@ -36,6 +39,13 @@ static inline void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s) - { - } - -+static inline void * -+ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ return 0; -+} -+ - #endif /* CONFIG_MACSEC */ - - #endif /* WPAS_KAY_H */ --- -2.7.4 - diff --git a/macsec-0014-mka-Disable-peer-detection-timeout-for-PSK-mode.patch b/macsec-0014-mka-Disable-peer-detection-timeout-for-PSK-mode.patch deleted file mode 100644 index 0dfdf645f8e981ead2cfd29d224af64f855b6781..0000000000000000000000000000000000000000 --- a/macsec-0014-mka-Disable-peer-detection-timeout-for-PSK-mode.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 008e224dbb518f44aac46b0c8e55448bd907e43d Mon Sep 17 00:00:00 2001 -Message-Id: <008e224dbb518f44aac46b0c8e55448bd907e43d.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Wed, 2 Nov 2016 16:38:36 +0100 -Subject: [PATCH] mka: Disable peer detection timeout for PSK mode - -The first peer may take a long time to come up. In PSK mode we are -basically in a p2p system, and we cannot know when a peer will join the -key exchange. Wait indefinitely, and let the administrator decide if -they want to abort. - -Signed-off-by: Sabrina Dubroca ---- - src/pae/ieee802_1x_kay.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 2841b10..19b2c2f 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -3339,8 +3339,16 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn, - usecs = os_random() % (MKA_HELLO_TIME * 1000); - eloop_register_timeout(0, usecs, ieee802_1x_participant_timer, - participant, NULL); -- participant->mka_life = MKA_LIFE_TIME / 1000 + time(NULL) + -- usecs / 1000000; -+ -+ /* Disable MKA lifetime for PSK mode. -+ * The peer(s) can take a long time to come up, because we -+ * create a "standby" MKA, and we need it to remain live until -+ * some peer appears. -+ */ -+ if (mode != PSK) { -+ participant->mka_life = MKA_LIFE_TIME / 1000 + time(NULL) + -+ usecs / 1000000; -+ } - - return participant; - --- -2.7.4 - diff --git a/macsec-0015-wpa_supplicant-Add-macsec_integ_only-setting-for-MKA.patch b/macsec-0015-wpa_supplicant-Add-macsec_integ_only-setting-for-MKA.patch deleted file mode 100644 index b9a620a1d3bfc9f0a3a10cdca7ef3d118fe7e370..0000000000000000000000000000000000000000 --- a/macsec-0015-wpa_supplicant-Add-macsec_integ_only-setting-for-MKA.patch +++ /dev/null @@ -1,165 +0,0 @@ -From 7b4d546e3dae57a39e50a91e47b8fcf3447b4978 Mon Sep 17 00:00:00 2001 -Message-Id: <7b4d546e3dae57a39e50a91e47b8fcf3447b4978.1488376601.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Wed, 2 Nov 2016 16:38:37 +0100 -Subject: [PATCH] wpa_supplicant: Add macsec_integ_only setting for MKA - -So that the user can turn encryption on (MACsec provides -confidentiality+integrity) or off (MACsec provides integrity only). This -commit adds the configuration parameter while the actual behavior change -to disable encryption in the driver is handled in the following commit. - -Signed-off-by: Sabrina Dubroca ---- - src/common/ieee802_1x_defs.h | 6 ++++++ - src/pae/ieee802_1x_kay.c | 1 + - src/pae/ieee802_1x_kay.h | 1 + - wpa_supplicant/config.c | 1 + - wpa_supplicant/config_file.c | 1 + - wpa_supplicant/config_ssid.h | 12 ++++++++++++ - wpa_supplicant/wpa_cli.c | 1 + - wpa_supplicant/wpa_supplicant.conf | 7 +++++++ - wpa_supplicant/wpas_kay.c | 9 ++++++++- - 9 files changed, 38 insertions(+), 1 deletion(-) - -diff --git a/src/common/ieee802_1x_defs.h b/src/common/ieee802_1x_defs.h -index a0c1d1b..280c439 100644 ---- a/src/common/ieee802_1x_defs.h -+++ b/src/common/ieee802_1x_defs.h -@@ -25,6 +25,12 @@ enum macsec_policy { - * Disabled MACsec - do not secure sessions. - */ - DO_NOT_SECURE, -+ -+ /** -+ * Should secure sessions, and try to use encryption. -+ * Like @SHOULD_SECURE, this follows the key server's decision. -+ */ -+ SHOULD_ENCRYPT, - }; - - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 19b2c2f..7664e2d 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -3129,6 +3129,7 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - } else { - kay->macsec_desired = TRUE; - kay->macsec_protect = TRUE; -+ kay->macsec_encrypt = policy == SHOULD_ENCRYPT; - kay->macsec_validate = Strict; - kay->macsec_replay_protect = FALSE; - kay->macsec_replay_window = 0; -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index 576a8a0..618e45b 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -181,6 +181,7 @@ struct ieee802_1x_kay { - enum macsec_cap macsec_capable; - Boolean macsec_desired; - Boolean macsec_protect; -+ Boolean macsec_encrypt; - Boolean macsec_replay_protect; - u32 macsec_replay_window; - enum validate_frames macsec_validate; -diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c -index 9011389..afb631e 100644 ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -2125,6 +2125,7 @@ static const struct parse_data ssid_fields[] = { - { INT(beacon_int) }, - #ifdef CONFIG_MACSEC - { INT_RANGE(macsec_policy, 0, 1) }, -+ { INT_RANGE(macsec_integ_only, 0, 1) }, - { FUNC_KEY(mka_cak) }, - { FUNC_KEY(mka_ckn) }, - #endif /* CONFIG_MACSEC */ -diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c -index 172508e..f605fa9 100644 ---- a/wpa_supplicant/config_file.c -+++ b/wpa_supplicant/config_file.c -@@ -808,6 +808,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) - INT(macsec_policy); - write_mka_cak(f, ssid); - write_mka_ckn(f, ssid); -+ INT(macsec_integ_only); - #endif /* CONFIG_MACSEC */ - #ifdef CONFIG_HS20 - INT(update_identifier); -diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h -index a530cda..b8c3192 100644 ---- a/wpa_supplicant/config_ssid.h -+++ b/wpa_supplicant/config_ssid.h -@@ -730,6 +730,18 @@ struct wpa_ssid { - int macsec_policy; - - /** -+ * macsec_integ_only - Determines how MACsec are transmitted -+ * -+ * This setting applies only when MACsec is in use, i.e., -+ * - macsec_policy is enabled -+ * - the key server has decided to enable MACsec -+ * -+ * 0: Encrypt traffic (default) -+ * 1: Integrity only -+ */ -+ int macsec_integ_only; -+ -+ /** - * mka_ckn - MKA pre-shared CKN - */ - #define MACSEC_CKN_LEN 32 -diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c -index 4877989..aed95e6 100644 ---- a/wpa_supplicant/wpa_cli.c -+++ b/wpa_supplicant/wpa_cli.c -@@ -1390,6 +1390,7 @@ static const char *network_fields[] = { - "ap_max_inactivity", "dtim_period", "beacon_int", - #ifdef CONFIG_MACSEC - "macsec_policy", -+ "macsec_integ_only", - #endif /* CONFIG_MACSEC */ - #ifdef CONFIG_HS20 - "update_identifier", -diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf -index 8fa740b..b23c5e6 100644 ---- a/wpa_supplicant/wpa_supplicant.conf -+++ b/wpa_supplicant/wpa_supplicant.conf -@@ -892,6 +892,13 @@ fast_reauth=1 - # 1: MACsec enabled - Should secure, accept key server's advice to - # determine whether to use a secure session or not. - # -+# macsec_integ_only: IEEE 802.1X/MACsec transmit mode -+# This setting applies only when MACsec is in use, i.e., -+# - macsec_policy is enabled -+# - the key server has decided to enable MACsec -+# 0: Encrypt traffic (default) -+# 1: Integrity only -+# - # mka_cak and mka_ckn: IEEE 802.1X/MACsec pre-shared authentication mode - # This allows to configure MACsec with a pre-shared key using a (CAK,CKN) pair. - # In this mode, instances of wpa_supplicant can act as peers, one of -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index 80b98d9..6343154 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -187,7 +187,14 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) - if (!ssid || ssid->macsec_policy == 0) - return 0; - -- policy = ssid->macsec_policy == 1 ? SHOULD_SECURE : DO_NOT_SECURE; -+ if (ssid->macsec_policy == 1) { -+ if (ssid->macsec_integ_only == 1) -+ policy = SHOULD_SECURE; -+ else -+ policy = SHOULD_ENCRYPT; -+ } else { -+ policy = DO_NOT_SECURE; -+ } - - kay_ctx = os_zalloc(sizeof(*kay_ctx)); - if (!kay_ctx) --- -2.7.4 - diff --git a/macsec-0016-mka-Add-enable_encrypt-op-and-call-it-from-CP-state-.patch b/macsec-0016-mka-Add-enable_encrypt-op-and-call-it-from-CP-state-.patch deleted file mode 100644 index 7dc92cad62a30f19f015f4211109e28e29ff19e9..0000000000000000000000000000000000000000 --- a/macsec-0016-mka-Add-enable_encrypt-op-and-call-it-from-CP-state-.patch +++ /dev/null @@ -1,177 +0,0 @@ -From 1d3d0666a6ed345da39886426c4416a4debfd094 Mon Sep 17 00:00:00 2001 -Message-Id: <1d3d0666a6ed345da39886426c4416a4debfd094.1488376602.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Wed, 2 Nov 2016 16:38:38 +0100 -Subject: [PATCH] mka: Add enable_encrypt op and call it from CP state machine - -This allows MKA to turn encryption on/off down to the driver. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 9 +++++++++ - src/pae/ieee802_1x_cp.c | 4 ++++ - src/pae/ieee802_1x_kay.h | 1 + - src/pae/ieee802_1x_secy_ops.c | 20 ++++++++++++++++++++ - src/pae/ieee802_1x_secy_ops.h | 1 + - wpa_supplicant/driver_i.h | 8 ++++++++ - wpa_supplicant/wpas_kay.c | 7 +++++++ - 7 files changed, 50 insertions(+) - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index 9a6db90..0cb68ba 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -3339,6 +3339,15 @@ struct wpa_driver_ops { - int (*enable_protect_frames)(void *priv, Boolean enabled); - - /** -+ * enable_encrypt - Set encryption status -+ * @priv: Private driver interface data -+ * @enabled: TRUE = encrypt outgoing traffic -+ * FALSE = integrity-only protection on outgoing traffic -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+ int (*enable_encrypt)(void *priv, Boolean enabled); -+ -+ /** - * set_replay_protect - Set replay protect status and window size - * @priv: Private driver interface data - * @enabled: TRUE = replay protect enabled -diff --git a/src/pae/ieee802_1x_cp.c b/src/pae/ieee802_1x_cp.c -index e294e64..360fcd3 100644 ---- a/src/pae/ieee802_1x_cp.c -+++ b/src/pae/ieee802_1x_cp.c -@@ -159,6 +159,7 @@ SM_STATE(CP, ALLOWED) - - secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled); - secy_cp_control_protect_frames(sm->kay, sm->protect_frames); -+ secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt); - secy_cp_control_validate_frames(sm->kay, sm->validate_frames); - secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window); - } -@@ -177,6 +178,7 @@ SM_STATE(CP, AUTHENTICATED) - - secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled); - secy_cp_control_protect_frames(sm->kay, sm->protect_frames); -+ secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt); - secy_cp_control_validate_frames(sm->kay, sm->validate_frames); - secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window); - } -@@ -203,6 +205,7 @@ SM_STATE(CP, SECURED) - secy_cp_control_confidentiality_offset(sm->kay, - sm->confidentiality_offset); - secy_cp_control_protect_frames(sm->kay, sm->protect_frames); -+ secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt); - secy_cp_control_validate_frames(sm->kay, sm->validate_frames); - secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window); - } -@@ -466,6 +469,7 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_sm_init(struct ieee802_1x_kay *kay) - wpa_printf(MSG_DEBUG, "CP: state machine created"); - - secy_cp_control_protect_frames(sm->kay, sm->protect_frames); -+ secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt); - secy_cp_control_validate_frames(sm->kay, sm->validate_frames); - secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window); - secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled); -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index 618e45b..fb49f62 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -142,6 +142,7 @@ struct ieee802_1x_kay_ctx { - int (*macsec_deinit)(void *ctx); - int (*macsec_get_capability)(void *priv, enum macsec_cap *cap); - int (*enable_protect_frames)(void *ctx, Boolean enabled); -+ int (*enable_encrypt)(void *ctx, Boolean enabled); - int (*set_replay_protect)(void *ctx, Boolean enabled, u32 window); - int (*set_current_cipher_suite)(void *ctx, u64 cs); - int (*enable_controlled_port)(void *ctx, Boolean enabled); -diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c -index b1a9d22..ab5339b 100644 ---- a/src/pae/ieee802_1x_secy_ops.c -+++ b/src/pae/ieee802_1x_secy_ops.c -@@ -45,6 +45,26 @@ int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, Boolean enabled) - } - - -+int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, Boolean enabled) -+{ -+ struct ieee802_1x_kay_ctx *ops; -+ -+ if (!kay) { -+ wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__); -+ return -1; -+ } -+ -+ ops = kay->ctx; -+ if (!ops || !ops->enable_encrypt) { -+ wpa_printf(MSG_ERROR, -+ "KaY: secy enable_encrypt operation not supported"); -+ return -1; -+ } -+ -+ return ops->enable_encrypt(ops->ctx, enabled); -+} -+ -+ - int secy_cp_control_replay(struct ieee802_1x_kay *kay, Boolean enabled, u32 win) - { - struct ieee802_1x_kay_ctx *ops; -diff --git a/src/pae/ieee802_1x_secy_ops.h b/src/pae/ieee802_1x_secy_ops.h -index 477120b..9fb29c3 100644 ---- a/src/pae/ieee802_1x_secy_ops.h -+++ b/src/pae/ieee802_1x_secy_ops.h -@@ -21,6 +21,7 @@ int secy_deinit_macsec(struct ieee802_1x_kay *kay); - int secy_cp_control_validate_frames(struct ieee802_1x_kay *kay, - enum validate_frames vf); - int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, Boolean flag); -+int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, Boolean enabled); - int secy_cp_control_replay(struct ieee802_1x_kay *kay, Boolean flag, u32 win); - int secy_cp_control_current_cipher_suite(struct ieee802_1x_kay *kay, u64 cs); - int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay, -diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h -index c9bb20d..cf08556 100644 ---- a/wpa_supplicant/driver_i.h -+++ b/wpa_supplicant/driver_i.h -@@ -731,6 +731,14 @@ static inline int wpa_drv_enable_protect_frames(struct wpa_supplicant *wpa_s, - return wpa_s->driver->enable_protect_frames(wpa_s->drv_priv, enabled); - } - -+static inline int wpa_drv_enable_encrypt(struct wpa_supplicant *wpa_s, -+ Boolean enabled) -+{ -+ if (!wpa_s->driver->enable_encrypt) -+ return -1; -+ return wpa_s->driver->enable_encrypt(wpa_s->drv_priv, enabled); -+} -+ - static inline int wpa_drv_set_replay_protect(struct wpa_supplicant *wpa_s, - Boolean enabled, u32 window) - { -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index 6343154..2ff4895 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -50,6 +50,12 @@ static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled) - } - - -+static int wpas_enable_encrypt(void *wpa_s, Boolean enabled) -+{ -+ return wpa_drv_enable_encrypt(wpa_s, enabled); -+} -+ -+ - static int wpas_set_replay_protect(void *wpa_s, Boolean enabled, u32 window) - { - return wpa_drv_set_replay_protect(wpa_s, enabled, window); -@@ -206,6 +212,7 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) - kay_ctx->macsec_deinit = wpas_macsec_deinit; - kay_ctx->macsec_get_capability = wpas_macsec_get_capability; - kay_ctx->enable_protect_frames = wpas_enable_protect_frames; -+ kay_ctx->enable_encrypt = wpas_enable_encrypt; - kay_ctx->set_replay_protect = wpas_set_replay_protect; - kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite; - kay_ctx->enable_controlled_port = wpas_enable_controlled_port; --- -2.7.4 - diff --git a/macsec-0017-wpa_supplicant-Allow-configuring-the-MACsec-port-for.patch b/macsec-0017-wpa_supplicant-Allow-configuring-the-MACsec-port-for.patch deleted file mode 100644 index d3a7dc0a487d02b64b8ee5b08b92fc60a0d091f9..0000000000000000000000000000000000000000 --- a/macsec-0017-wpa_supplicant-Allow-configuring-the-MACsec-port-for.patch +++ /dev/null @@ -1,145 +0,0 @@ -From e0d9fd344d20bb35efcd5c37ece0a5d67632439d Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Wed, 2 Nov 2016 16:38:39 +0100 -Subject: [PATCH] wpa_supplicant: Allow configuring the MACsec port for MKA - -Previously, wpa_supplicant only supported hardcoded port == 1 in the -SCI, but users may want to choose a different port. - -Signed-off-by: Sabrina Dubroca ---- - src/pae/ieee802_1x_kay.c | 4 ++-- - src/pae/ieee802_1x_kay.h | 2 +- - wpa_supplicant/config.c | 1 + - wpa_supplicant/config_file.c | 1 + - wpa_supplicant/config_ssid.h | 9 +++++++++ - wpa_supplicant/wpa_cli.c | 1 + - wpa_supplicant/wpa_supplicant.conf | 4 ++++ - wpa_supplicant/wpas_kay.c | 4 ++-- - 8 files changed, 21 insertions(+), 5 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 7664e2d..3a495ca 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -3071,7 +3071,7 @@ static void kay_l2_receive(void *ctx, const u8 *src_addr, const u8 *buf, - */ - struct ieee802_1x_kay * - ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, -- const char *ifname, const u8 *addr) -+ u16 port, const char *ifname, const u8 *addr) - { - struct ieee802_1x_kay *kay; - -@@ -3093,7 +3093,7 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - - os_strlcpy(kay->if_name, ifname, IFNAMSIZ); - os_memcpy(kay->actor_sci.addr, addr, ETH_ALEN); -- kay->actor_sci.port = host_to_be16(0x0001); -+ kay->actor_sci.port = host_to_be16(port ? port : 0x0001); - kay->actor_priority = DEFAULT_PRIO_NOT_KEY_SERVER; - - /* While actor acts as a key server, shall distribute sakey */ -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index fb49f62..ea5a0dd 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -233,7 +233,7 @@ struct ieee802_1x_kay { - - struct ieee802_1x_kay * - ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, -- const char *ifname, const u8 *addr); -+ u16 port, const char *ifname, const u8 *addr); - void ieee802_1x_kay_deinit(struct ieee802_1x_kay *kay); - - struct ieee802_1x_mka_participant * -diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c -index afb631e..2120a6e 100644 ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -2126,6 +2126,7 @@ static const struct parse_data ssid_fields[] = { - #ifdef CONFIG_MACSEC - { INT_RANGE(macsec_policy, 0, 1) }, - { INT_RANGE(macsec_integ_only, 0, 1) }, -+ { INT_RANGE(macsec_port, 1, 65534) }, - { FUNC_KEY(mka_cak) }, - { FUNC_KEY(mka_ckn) }, - #endif /* CONFIG_MACSEC */ -diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c -index f605fa9..2e3d57e 100644 ---- a/wpa_supplicant/config_file.c -+++ b/wpa_supplicant/config_file.c -@@ -809,6 +809,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) - write_mka_cak(f, ssid); - write_mka_ckn(f, ssid); - INT(macsec_integ_only); -+ INT(macsec_port); - #endif /* CONFIG_MACSEC */ - #ifdef CONFIG_HS20 - INT(update_identifier); -diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h -index b8c3192..fe0f7fa 100644 ---- a/wpa_supplicant/config_ssid.h -+++ b/wpa_supplicant/config_ssid.h -@@ -742,6 +742,15 @@ struct wpa_ssid { - int macsec_integ_only; - - /** -+ * macsec_port - MACsec port (in SCI) -+ * -+ * Port component of the SCI. -+ * -+ * Range: 1-65534 (default: 1) -+ */ -+ int macsec_port; -+ -+ /** - * mka_ckn - MKA pre-shared CKN - */ - #define MACSEC_CKN_LEN 32 -diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c -index aed95e6..f11028a 100644 ---- a/wpa_supplicant/wpa_cli.c -+++ b/wpa_supplicant/wpa_cli.c -@@ -1391,6 +1391,7 @@ static const char *network_fields[] = { - #ifdef CONFIG_MACSEC - "macsec_policy", - "macsec_integ_only", -+ "macsec_port", - #endif /* CONFIG_MACSEC */ - #ifdef CONFIG_HS20 - "update_identifier", -diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf -index b23c5e6..82aa24e 100644 ---- a/wpa_supplicant/wpa_supplicant.conf -+++ b/wpa_supplicant/wpa_supplicant.conf -@@ -899,6 +899,10 @@ fast_reauth=1 - # 0: Encrypt traffic (default) - # 1: Integrity only - # -+# macsec_port: IEEE 802.1X/MACsec port -+# Port component of the SCI -+# Range: 1-65534 (default: 1) -+# - # mka_cak and mka_ckn: IEEE 802.1X/MACsec pre-shared authentication mode - # This allows to configure MACsec with a pre-shared key using a (CAK,CKN) pair. - # In this mode, instances of wpa_supplicant can act as peers, one of -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index 2ff4895..d3fefda 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -232,8 +232,8 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) - kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa; - kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa; - -- res = ieee802_1x_kay_init(kay_ctx, policy, wpa_s->ifname, -- wpa_s->own_addr); -+ res = ieee802_1x_kay_init(kay_ctx, policy, ssid->macsec_port, -+ wpa_s->ifname, wpa_s->own_addr); - if (res == NULL) { - os_free(kay_ctx); - return -1; --- -2.7.4 - diff --git a/macsec-0018-drivers-Move-common-definitions-for-wired-drivers-ou.patch b/macsec-0018-drivers-Move-common-definitions-for-wired-drivers-ou.patch deleted file mode 100644 index da0d23c1d871333a20af930334038c3e1b5ef0f5..0000000000000000000000000000000000000000 --- a/macsec-0018-drivers-Move-common-definitions-for-wired-drivers-ou.patch +++ /dev/null @@ -1,459 +0,0 @@ -From 0abc8d10cc357d71fff74470c613442f9070ae93 Mon Sep 17 00:00:00 2001 -Message-Id: <0abc8d10cc357d71fff74470c613442f9070ae93.1488376602.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:44 +0100 -Subject: [PATCH] drivers: Move common definitions for wired drivers out - -Refactor the common parts of wired drivers code into a shared file, so -that they can be reused by other drivers. The macsec_qca driver already -contains a lot of code duplication from the wired driver, and the -macsec_linux driver would do the same. A structure to hold data common -to all wired drivers is added and used in all these drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 65 ++++++++++++------------- - src/drivers/driver_wired.c | 99 +++++++++++++++++++-------------------- - src/drivers/driver_wired_common.h | 25 ++++++++++ - 3 files changed, 103 insertions(+), 86 deletions(-) - create mode 100644 src/drivers/driver_wired_common.h - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 22d414c..6391e08 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -31,6 +31,7 @@ - #include "common/ieee802_1x_defs.h" - #include "pae/ieee802_1x_kay.h" - #include "driver.h" -+#include "driver_wired_common.h" - - #include "nss_macsec_secy.h" - #include "nss_macsec_secy_rx.h" -@@ -53,21 +54,14 @@ - #pragma pack(pop) - #endif /* _MSC_VER */ - --static const u8 pae_group_addr[ETH_ALEN] = --{ 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; -- - struct channel_map { - struct ieee802_1x_mka_sci sci; - }; - - struct macsec_qca_data { -- char ifname[IFNAMSIZ + 1]; -- u32 secy_id; -- void *ctx; -+ struct driver_wired_common_data common; - -- int sock; /* raw packet socket for driver access */ -- int pf_sock; -- int membership, multi, iff_allmulti, iff_up; -+ u32 secy_id; - - /* shadow */ - Boolean always_include_sci; -@@ -322,43 +316,43 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - drv = os_zalloc(sizeof(*drv)); - if (drv == NULL) - return NULL; -- os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); -- drv->ctx = ctx; -+ os_strlcpy(drv->common.ifname, ifname, sizeof(drv->common.ifname)); -+ drv->common.ctx = ctx; - - /* Board specific settings */ -- if (os_memcmp("eth2", drv->ifname, 4) == 0) -+ if (os_memcmp("eth2", drv->common.ifname, 4) == 0) - drv->secy_id = 1; -- else if (os_memcmp("eth3", drv->ifname, 4) == 0) -+ else if (os_memcmp("eth3", drv->common.ifname, 4) == 0) - drv->secy_id = 2; - else - drv->secy_id = -1; - - #ifdef __linux__ -- drv->pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); -- if (drv->pf_sock < 0) -+ drv->common.pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); -+ if (drv->common.pf_sock < 0) - wpa_printf(MSG_ERROR, "socket(PF_PACKET): %s", strerror(errno)); - #else /* __linux__ */ -- drv->pf_sock = -1; -+ drv->common.pf_sock = -1; - #endif /* __linux__ */ - - if (macsec_qca_get_ifflags(ifname, &flags) == 0 && - !(flags & IFF_UP) && - macsec_qca_set_ifflags(ifname, flags | IFF_UP) == 0) { -- drv->iff_up = 1; -+ drv->common.iff_up = 1; - } - -- if (macsec_qca_multicast_membership(drv->pf_sock, -- if_nametoindex(drv->ifname), -+ if (macsec_qca_multicast_membership(drv->common.pf_sock, -+ if_nametoindex(drv->common.ifname), - pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, - "%s: Added multicast membership with packet socket", - __func__); -- drv->membership = 1; -+ drv->common.membership = 1; - } else if (macsec_qca_multi(ifname, pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, - "%s: Added multicast membership with SIOCADDMULTI", - __func__); -- drv->multi = 1; -+ drv->common.multi = 1; - } else if (macsec_qca_get_ifflags(ifname, &flags) < 0) { - wpa_printf(MSG_INFO, "%s: Could not get interface flags", - __func__); -@@ -375,7 +369,7 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - return NULL; - } else { - wpa_printf(MSG_DEBUG, "%s: Enabled allmulti mode", __func__); -- drv->iff_allmulti = 1; -+ drv->common.iff_allmulti = 1; - } - #if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) - { -@@ -397,39 +391,40 @@ static void macsec_qca_deinit(void *priv) - struct macsec_qca_data *drv = priv; - int flags; - -- if (drv->membership && -- macsec_qca_multicast_membership(drv->pf_sock, -- if_nametoindex(drv->ifname), -+ if (drv->common.membership && -+ macsec_qca_multicast_membership(drv->common.pf_sock, -+ if_nametoindex(drv->common.ifname), - pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, - "%s: Failed to remove PAE multicast group (PACKET)", - __func__); - } - -- if (drv->multi && -- macsec_qca_multi(drv->ifname, pae_group_addr, 0) < 0) { -+ if (drv->common.multi && -+ macsec_qca_multi(drv->common.ifname, pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, - "%s: Failed to remove PAE multicast group (SIOCDELMULTI)", - __func__); - } - -- if (drv->iff_allmulti && -- (macsec_qca_get_ifflags(drv->ifname, &flags) < 0 || -- macsec_qca_set_ifflags(drv->ifname, flags & ~IFF_ALLMULTI) < 0)) { -+ if (drv->common.iff_allmulti && -+ (macsec_qca_get_ifflags(drv->common.ifname, &flags) < 0 || -+ macsec_qca_set_ifflags(drv->common.ifname, -+ flags & ~IFF_ALLMULTI) < 0)) { - wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", - __func__); - } - -- if (drv->iff_up && -- macsec_qca_get_ifflags(drv->ifname, &flags) == 0 && -+ if (drv->common.iff_up && -+ macsec_qca_get_ifflags(drv->common.ifname, &flags) == 0 && - (flags & IFF_UP) && -- macsec_qca_set_ifflags(drv->ifname, flags & ~IFF_UP) < 0) { -+ macsec_qca_set_ifflags(drv->common.ifname, flags & ~IFF_UP) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", - __func__); - } - -- if (drv->pf_sock != -1) -- close(drv->pf_sock); -+ if (drv->common.pf_sock != -1) -+ close(drv->common.pf_sock); - - os_free(drv); - } -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index 422a220..b6f79e3 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -12,6 +12,7 @@ - #include "common.h" - #include "eloop.h" - #include "driver.h" -+#include "driver_wired_common.h" - - #include - #undef IFNAMSIZ -@@ -42,20 +43,12 @@ struct ieee8023_hdr { - #pragma pack(pop) - #endif /* _MSC_VER */ - --static const u8 pae_group_addr[ETH_ALEN] = --{ 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; -- - - struct wpa_driver_wired_data { -- char ifname[IFNAMSIZ + 1]; -- void *ctx; -+ struct driver_wired_common_data common; - -- int sock; /* raw packet socket for driver access */ - int dhcp_sock; /* socket for dhcp packets */ - int use_pae_group_addr; -- -- int pf_sock; -- int membership, multi, iff_allmulti, iff_up; - }; - - -@@ -208,21 +201,22 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) - struct sockaddr_in addr2; - int n = 1; - -- drv->sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PAE)); -- if (drv->sock < 0) { -+ drv->common.sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PAE)); -+ if (drv->common.sock < 0) { - wpa_printf(MSG_ERROR, "socket[PF_PACKET,SOCK_RAW]: %s", - strerror(errno)); - return -1; - } - -- if (eloop_register_read_sock(drv->sock, handle_read, drv->ctx, NULL)) { -+ if (eloop_register_read_sock(drv->common.sock, handle_read, -+ drv->common.ctx, NULL)) { - wpa_printf(MSG_INFO, "Could not register read socket"); - return -1; - } - - os_memset(&ifr, 0, sizeof(ifr)); -- os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); -- if (ioctl(drv->sock, SIOCGIFINDEX, &ifr) != 0) { -+ os_strlcpy(ifr.ifr_name, drv->common.ifname, sizeof(ifr.ifr_name)); -+ if (ioctl(drv->common.sock, SIOCGIFINDEX, &ifr) != 0) { - wpa_printf(MSG_ERROR, "ioctl(SIOCGIFINDEX): %s", - strerror(errno)); - return -1; -@@ -234,13 +228,14 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) - wpa_printf(MSG_DEBUG, "Opening raw packet socket for ifindex %d", - addr.sll_ifindex); - -- if (bind(drv->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { -+ if (bind(drv->common.sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) -+ { - wpa_printf(MSG_ERROR, "bind: %s", strerror(errno)); - return -1; - } - - /* filter multicast address */ -- if (wired_multicast_membership(drv->sock, ifr.ifr_ifindex, -+ if (wired_multicast_membership(drv->common.sock, ifr.ifr_ifindex, - pae_group_addr, 1) < 0) { - wpa_printf(MSG_ERROR, "wired: Failed to add multicast group " - "membership"); -@@ -248,8 +243,8 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) - } - - os_memset(&ifr, 0, sizeof(ifr)); -- os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); -- if (ioctl(drv->sock, SIOCGIFHWADDR, &ifr) != 0) { -+ os_strlcpy(ifr.ifr_name, drv->common.ifname, sizeof(ifr.ifr_name)); -+ if (ioctl(drv->common.sock, SIOCGIFHWADDR, &ifr) != 0) { - wpa_printf(MSG_ERROR, "ioctl(SIOCGIFHWADDR): %s", - strerror(errno)); - return -1; -@@ -269,8 +264,8 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) - return -1; - } - -- if (eloop_register_read_sock(drv->dhcp_sock, handle_dhcp, drv->ctx, -- NULL)) { -+ if (eloop_register_read_sock(drv->dhcp_sock, handle_dhcp, -+ drv->common.ctx, NULL)) { - wpa_printf(MSG_INFO, "Could not register read socket"); - return -1; - } -@@ -294,7 +289,7 @@ static int wired_init_sockets(struct wpa_driver_wired_data *drv, u8 *own_addr) - } - - os_memset(&ifr, 0, sizeof(ifr)); -- os_strlcpy(ifr.ifr_ifrn.ifrn_name, drv->ifname, IFNAMSIZ); -+ os_strlcpy(ifr.ifr_ifrn.ifrn_name, drv->common.ifname, IFNAMSIZ); - if (setsockopt(drv->dhcp_sock, SOL_SOCKET, SO_BINDTODEVICE, - (char *) &ifr, sizeof(ifr)) < 0) { - wpa_printf(MSG_ERROR, -@@ -343,7 +338,7 @@ static int wired_send_eapol(void *priv, const u8 *addr, - pos = (u8 *) (hdr + 1); - os_memcpy(pos, data, data_len); - -- res = send(drv->sock, (u8 *) hdr, len, 0); -+ res = send(drv->common.sock, (u8 *) hdr, len, 0); - os_free(hdr); - - if (res < 0) { -@@ -368,8 +363,9 @@ static void * wired_driver_hapd_init(struct hostapd_data *hapd, - return NULL; - } - -- drv->ctx = hapd; -- os_strlcpy(drv->ifname, params->ifname, sizeof(drv->ifname)); -+ drv->common.ctx = hapd; -+ os_strlcpy(drv->common.ifname, params->ifname, -+ sizeof(drv->common.ifname)); - drv->use_pae_group_addr = params->use_pae_group_addr; - - if (wired_init_sockets(drv, params->own_addr)) { -@@ -385,9 +381,9 @@ static void wired_driver_hapd_deinit(void *priv) - { - struct wpa_driver_wired_data *drv = priv; - -- if (drv->sock >= 0) { -- eloop_unregister_read_sock(drv->sock); -- close(drv->sock); -+ if (drv->common.sock >= 0) { -+ eloop_unregister_read_sock(drv->common.sock); -+ close(drv->common.sock); - } - - if (drv->dhcp_sock >= 0) { -@@ -564,33 +560,33 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) - drv = os_zalloc(sizeof(*drv)); - if (drv == NULL) - return NULL; -- os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); -- drv->ctx = ctx; -+ os_strlcpy(drv->common.ifname, ifname, sizeof(drv->common.ifname)); -+ drv->common.ctx = ctx; - - #ifdef __linux__ -- drv->pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); -- if (drv->pf_sock < 0) -+ drv->common.pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); -+ if (drv->common.pf_sock < 0) - wpa_printf(MSG_ERROR, "socket(PF_PACKET): %s", strerror(errno)); - #else /* __linux__ */ -- drv->pf_sock = -1; -+ drv->common.pf_sock = -1; - #endif /* __linux__ */ - - if (wpa_driver_wired_get_ifflags(ifname, &flags) == 0 && - !(flags & IFF_UP) && - wpa_driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) { -- drv->iff_up = 1; -+ drv->common.iff_up = 1; - } - -- if (wired_multicast_membership(drv->pf_sock, -- if_nametoindex(drv->ifname), -+ if (wired_multicast_membership(drv->common.pf_sock, -+ if_nametoindex(drv->common.ifname), - pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, "%s: Added multicast membership with " - "packet socket", __func__); -- drv->membership = 1; -+ drv->common.membership = 1; - } else if (wpa_driver_wired_multi(ifname, pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, "%s: Added multicast membership with " - "SIOCADDMULTI", __func__); -- drv->multi = 1; -+ drv->common.multi = 1; - } else if (wpa_driver_wired_get_ifflags(ifname, &flags) < 0) { - wpa_printf(MSG_INFO, "%s: Could not get interface " - "flags", __func__); -@@ -608,7 +604,7 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) - } else { - wpa_printf(MSG_DEBUG, "%s: Enabled allmulti mode", - __func__); -- drv->iff_allmulti = 1; -+ drv->common.iff_allmulti = 1; - } - #if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) - { -@@ -630,38 +626,39 @@ static void wpa_driver_wired_deinit(void *priv) - struct wpa_driver_wired_data *drv = priv; - int flags; - -- if (drv->membership && -- wired_multicast_membership(drv->pf_sock, -- if_nametoindex(drv->ifname), -+ if (drv->common.membership && -+ wired_multicast_membership(drv->common.pf_sock, -+ if_nametoindex(drv->common.ifname), - pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to remove PAE multicast " - "group (PACKET)", __func__); - } - -- if (drv->multi && -- wpa_driver_wired_multi(drv->ifname, pae_group_addr, 0) < 0) { -+ if (drv->common.multi && -+ wpa_driver_wired_multi(drv->common.ifname, pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to remove PAE multicast " - "group (SIOCDELMULTI)", __func__); - } - -- if (drv->iff_allmulti && -- (wpa_driver_wired_get_ifflags(drv->ifname, &flags) < 0 || -- wpa_driver_wired_set_ifflags(drv->ifname, -+ if (drv->common.iff_allmulti && -+ (wpa_driver_wired_get_ifflags(drv->common.ifname, &flags) < 0 || -+ wpa_driver_wired_set_ifflags(drv->common.ifname, - flags & ~IFF_ALLMULTI) < 0)) { - wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", - __func__); - } - -- if (drv->iff_up && -- wpa_driver_wired_get_ifflags(drv->ifname, &flags) == 0 && -+ if (drv->common.iff_up && -+ wpa_driver_wired_get_ifflags(drv->common.ifname, &flags) == 0 && - (flags & IFF_UP) && -- wpa_driver_wired_set_ifflags(drv->ifname, flags & ~IFF_UP) < 0) { -+ wpa_driver_wired_set_ifflags(drv->common.ifname, -+ flags & ~IFF_UP) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", - __func__); - } - -- if (drv->pf_sock != -1) -- close(drv->pf_sock); -+ if (drv->common.pf_sock != -1) -+ close(drv->common.pf_sock); - - os_free(drv); - } -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -new file mode 100644 -index 0000000..8d9dd37 ---- /dev/null -+++ b/src/drivers/driver_wired_common.h -@@ -0,0 +1,25 @@ -+/* -+ * Common definitions for Wired Ethernet driver interfaces -+ * Copyright (c) 2005-2009, Jouni Malinen -+ * Copyright (c) 2004, Gunter Burchardt -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ */ -+ -+#ifndef DRIVER_WIRED_COMMON_H -+#define DRIVER_WIRED_COMMON_H -+ -+struct driver_wired_common_data { -+ char ifname[IFNAMSIZ + 1]; -+ void *ctx; -+ -+ int sock; /* raw packet socket for driver access */ -+ int pf_sock; -+ int membership, multi, iff_allmulti, iff_up; -+}; -+ -+static const u8 pae_group_addr[ETH_ALEN] = -+{ 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; -+ -+#endif /* DRIVER_WIRED_COMMON_H */ --- -2.7.4 - diff --git a/macsec-0019-drivers-Move-wired_multicast_membership-to-a-common-.patch b/macsec-0019-drivers-Move-wired_multicast_membership-to-a-common-.patch deleted file mode 100644 index 299a7e24e14f34f528aaeef4a0fd74683ee89087..0000000000000000000000000000000000000000 --- a/macsec-0019-drivers-Move-wired_multicast_membership-to-a-common-.patch +++ /dev/null @@ -1,239 +0,0 @@ -From b0906ef770ec5a74221bcb4e63dbbc8682f49d5a Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:45 +0100 -Subject: [PATCH] drivers: Move wired_multicast_membership() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 40 +++++---------------------- - src/drivers/driver_wired.c | 28 ------------------- - src/drivers/driver_wired_common.c | 57 +++++++++++++++++++++++++++++++++++++++ - src/drivers/driver_wired_common.h | 2 ++ - src/drivers/drivers.mak | 6 +++++ - src/drivers/drivers.mk | 5 ++++ - 6 files changed, 76 insertions(+), 62 deletions(-) - create mode 100644 src/drivers/driver_wired_common.c - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 6391e08..e04fb0f 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -76,34 +76,6 @@ struct macsec_qca_data { - }; - - --static int macsec_qca_multicast_membership(int sock, int ifindex, -- const u8 *addr, int add) --{ --#ifdef __linux__ -- struct packet_mreq mreq; -- -- if (sock < 0) -- return -1; -- -- os_memset(&mreq, 0, sizeof(mreq)); -- mreq.mr_ifindex = ifindex; -- mreq.mr_type = PACKET_MR_MULTICAST; -- mreq.mr_alen = ETH_ALEN; -- os_memcpy(mreq.mr_address, addr, ETH_ALEN); -- -- if (setsockopt(sock, SOL_PACKET, -- add ? PACKET_ADD_MEMBERSHIP : PACKET_DROP_MEMBERSHIP, -- &mreq, sizeof(mreq)) < 0) { -- wpa_printf(MSG_ERROR, "setsockopt: %s", strerror(errno)); -- return -1; -- } -- return 0; --#else /* __linux__ */ -- return -1; --#endif /* __linux__ */ --} -- -- - static int macsec_qca_get_ssid(void *priv, u8 *ssid) - { - ssid[0] = 0; -@@ -341,9 +313,9 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - drv->common.iff_up = 1; - } - -- if (macsec_qca_multicast_membership(drv->common.pf_sock, -- if_nametoindex(drv->common.ifname), -- pae_group_addr, 1) == 0) { -+ if (wired_multicast_membership(drv->common.pf_sock, -+ if_nametoindex(drv->common.ifname), -+ pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, - "%s: Added multicast membership with packet socket", - __func__); -@@ -392,9 +364,9 @@ static void macsec_qca_deinit(void *priv) - int flags; - - if (drv->common.membership && -- macsec_qca_multicast_membership(drv->common.pf_sock, -- if_nametoindex(drv->common.ifname), -- pae_group_addr, 0) < 0) { -+ wired_multicast_membership(drv->common.pf_sock, -+ if_nametoindex(drv->common.ifname), -+ pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, - "%s: Failed to remove PAE multicast group (PACKET)", - __func__); -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index b6f79e3..68c55fd 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -76,34 +76,6 @@ struct dhcp_message { - }; - - --static int wired_multicast_membership(int sock, int ifindex, -- const u8 *addr, int add) --{ --#ifdef __linux__ -- struct packet_mreq mreq; -- -- if (sock < 0) -- return -1; -- -- os_memset(&mreq, 0, sizeof(mreq)); -- mreq.mr_ifindex = ifindex; -- mreq.mr_type = PACKET_MR_MULTICAST; -- mreq.mr_alen = ETH_ALEN; -- os_memcpy(mreq.mr_address, addr, ETH_ALEN); -- -- if (setsockopt(sock, SOL_PACKET, -- add ? PACKET_ADD_MEMBERSHIP : PACKET_DROP_MEMBERSHIP, -- &mreq, sizeof(mreq)) < 0) { -- wpa_printf(MSG_ERROR, "setsockopt: %s", strerror(errno)); -- return -1; -- } -- return 0; --#else /* __linux__ */ -- return -1; --#endif /* __linux__ */ --} -- -- - #ifdef __linux__ - static void handle_data(void *ctx, unsigned char *buf, size_t len) - { -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -new file mode 100644 -index 0000000..3969880 ---- /dev/null -+++ b/src/drivers/driver_wired_common.c -@@ -0,0 +1,57 @@ -+/* -+ * Common functions for Wired Ethernet driver interfaces -+ * Copyright (c) 2005-2009, Jouni Malinen -+ * Copyright (c) 2004, Gunter Burchardt -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ */ -+ -+#include "includes.h" -+ -+#include "common.h" -+#include "eloop.h" -+#include "driver.h" -+#include "driver_wired_common.h" -+ -+#include -+#include -+#ifdef __linux__ -+#include -+#include -+#include -+#endif /* __linux__ */ -+#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -+#include -+#include -+#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) */ -+#ifdef __sun__ -+#include -+#endif /* __sun__ */ -+ -+ -+int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add) -+{ -+#ifdef __linux__ -+ struct packet_mreq mreq; -+ -+ if (sock < 0) -+ return -1; -+ -+ os_memset(&mreq, 0, sizeof(mreq)); -+ mreq.mr_ifindex = ifindex; -+ mreq.mr_type = PACKET_MR_MULTICAST; -+ mreq.mr_alen = ETH_ALEN; -+ os_memcpy(mreq.mr_address, addr, ETH_ALEN); -+ -+ if (setsockopt(sock, SOL_PACKET, -+ add ? PACKET_ADD_MEMBERSHIP : PACKET_DROP_MEMBERSHIP, -+ &mreq, sizeof(mreq)) < 0) { -+ wpa_printf(MSG_ERROR, "setsockopt: %s", strerror(errno)); -+ return -1; -+ } -+ return 0; -+#else /* __linux__ */ -+ return -1; -+#endif /* __linux__ */ -+} -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index 8d9dd37..39a57a6 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -22,4 +22,6 @@ struct driver_wired_common_data { - static const u8 pae_group_addr[ETH_ALEN] = - { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; - -+int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); -+ - #endif /* DRIVER_WIRED_COMMON_H */ -diff --git a/src/drivers/drivers.mak b/src/drivers/drivers.mak -index c6d3f81..282da50 100644 ---- a/src/drivers/drivers.mak -+++ b/src/drivers/drivers.mak -@@ -15,11 +15,17 @@ DRV_AP_LIBS = - ifdef CONFIG_DRIVER_WIRED - DRV_CFLAGS += -DCONFIG_DRIVER_WIRED - DRV_OBJS += ../src/drivers/driver_wired.o -+NEED_DRV_WIRED_COMMON=1 - endif - - ifdef CONFIG_DRIVER_MACSEC_QCA - DRV_CFLAGS += -DCONFIG_DRIVER_MACSEC_QCA - DRV_OBJS += ../src/drivers/driver_macsec_qca.o -+NEED_DRV_WIRED_COMMON=1 -+endif -+ -+ifdef NEED_DRV_WIRED_COMMON -+DRV_OBJS += ../src/drivers/driver_wired_common.o - endif - - ifdef CONFIG_DRIVER_NL80211 -diff --git a/src/drivers/drivers.mk b/src/drivers/drivers.mk -index c6fe4c2..508f834 100644 ---- a/src/drivers/drivers.mk -+++ b/src/drivers/drivers.mk -@@ -15,6 +15,11 @@ DRV_AP_LIBS = - ifdef CONFIG_DRIVER_WIRED - DRV_CFLAGS += -DCONFIG_DRIVER_WIRED - DRV_OBJS += src/drivers/driver_wired.c -+NEED_DRV_WIRED_COMMON=1 -+endif -+ -+ifdef NEED_DRV_WIRED_COMMON -+DRV_OBJS += src/drivers/driver_wired_common.c - endif - - ifdef CONFIG_DRIVER_NL80211 --- -2.7.4 - diff --git a/macsec-0020-drivers-Move-driver_wired_multi-to-a-common-file.patch b/macsec-0020-drivers-Move-driver_wired_multi-to-a-common-file.patch deleted file mode 100644 index 04ae0565e3edd8063f3c16a2648c3b209737f3c0..0000000000000000000000000000000000000000 --- a/macsec-0020-drivers-Move-driver_wired_multi-to-a-common-file.patch +++ /dev/null @@ -1,268 +0,0 @@ -From 693124a1e4f1c2be5ee67f412eb511c3b5b808bd Mon Sep 17 00:00:00 2001 -Message-Id: <693124a1e4f1c2be5ee67f412eb511c3b5b808bd.1488376602.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:46 +0100 -Subject: [PATCH] drivers: Move driver_wired_multi() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 59 ++------------------------------------- - src/drivers/driver_wired.c | 59 ++------------------------------------- - src/drivers/driver_wired_common.c | 57 +++++++++++++++++++++++++++++++++++++ - src/drivers/driver_wired_common.h | 1 + - 4 files changed, 62 insertions(+), 114 deletions(-) - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index e04fb0f..6c07e01 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -178,61 +178,6 @@ static int macsec_qca_get_ifstatus(const char *ifname, int *status) - #endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ - - --static int macsec_qca_multi(const char *ifname, const u8 *addr, int add) --{ -- struct ifreq ifr; -- int s; -- --#ifdef __sun__ -- return -1; --#endif /* __sun__ */ -- -- s = socket(PF_INET, SOCK_DGRAM, 0); -- if (s < 0) { -- wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -- return -1; -- } -- -- os_memset(&ifr, 0, sizeof(ifr)); -- os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); --#ifdef __linux__ -- ifr.ifr_hwaddr.sa_family = AF_UNSPEC; -- os_memcpy(ifr.ifr_hwaddr.sa_data, addr, ETH_ALEN); --#endif /* __linux__ */ --#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -- { -- struct sockaddr_dl *dlp; -- dlp = (struct sockaddr_dl *) &ifr.ifr_addr; -- dlp->sdl_len = sizeof(struct sockaddr_dl); -- dlp->sdl_family = AF_LINK; -- dlp->sdl_index = 0; -- dlp->sdl_nlen = 0; -- dlp->sdl_alen = ETH_ALEN; -- dlp->sdl_slen = 0; -- os_memcpy(LLADDR(dlp), addr, ETH_ALEN); -- } --#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ --#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) -- { -- struct sockaddr *sap; -- sap = (struct sockaddr *) &ifr.ifr_addr; -- sap->sa_len = sizeof(struct sockaddr); -- sap->sa_family = AF_UNSPEC; -- os_memcpy(sap->sa_data, addr, ETH_ALEN); -- } --#endif /* defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) */ -- -- if (ioctl(s, add ? SIOCADDMULTI : SIOCDELMULTI, (caddr_t) &ifr) < 0) { -- wpa_printf(MSG_ERROR, "ioctl[SIOC{ADD/DEL}MULTI]: %s", -- strerror(errno)); -- close(s); -- return -1; -- } -- close(s); -- return 0; --} -- -- - static void __macsec_drv_init(struct macsec_qca_data *drv) - { - int ret = 0; -@@ -320,7 +265,7 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - "%s: Added multicast membership with packet socket", - __func__); - drv->common.membership = 1; -- } else if (macsec_qca_multi(ifname, pae_group_addr, 1) == 0) { -+ } else if (driver_wired_multi(ifname, pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, - "%s: Added multicast membership with SIOCADDMULTI", - __func__); -@@ -373,7 +318,7 @@ static void macsec_qca_deinit(void *priv) - } - - if (drv->common.multi && -- macsec_qca_multi(drv->common.ifname, pae_group_addr, 0) < 0) { -+ driver_wired_multi(drv->common.ifname, pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, - "%s: Failed to remove PAE multicast group (SIOCDELMULTI)", - __func__); -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index 68c55fd..20c66e3 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -469,61 +469,6 @@ static int wpa_driver_wired_get_ifstatus(const char *ifname, int *status) - #endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ - - --static int wpa_driver_wired_multi(const char *ifname, const u8 *addr, int add) --{ -- struct ifreq ifr; -- int s; -- --#ifdef __sun__ -- return -1; --#endif /* __sun__ */ -- -- s = socket(PF_INET, SOCK_DGRAM, 0); -- if (s < 0) { -- wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -- return -1; -- } -- -- os_memset(&ifr, 0, sizeof(ifr)); -- os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); --#ifdef __linux__ -- ifr.ifr_hwaddr.sa_family = AF_UNSPEC; -- os_memcpy(ifr.ifr_hwaddr.sa_data, addr, ETH_ALEN); --#endif /* __linux__ */ --#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -- { -- struct sockaddr_dl *dlp; -- dlp = (struct sockaddr_dl *) &ifr.ifr_addr; -- dlp->sdl_len = sizeof(struct sockaddr_dl); -- dlp->sdl_family = AF_LINK; -- dlp->sdl_index = 0; -- dlp->sdl_nlen = 0; -- dlp->sdl_alen = ETH_ALEN; -- dlp->sdl_slen = 0; -- os_memcpy(LLADDR(dlp), addr, ETH_ALEN); -- } --#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ --#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) -- { -- struct sockaddr *sap; -- sap = (struct sockaddr *) &ifr.ifr_addr; -- sap->sa_len = sizeof(struct sockaddr); -- sap->sa_family = AF_UNSPEC; -- os_memcpy(sap->sa_data, addr, ETH_ALEN); -- } --#endif /* defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) */ -- -- if (ioctl(s, add ? SIOCADDMULTI : SIOCDELMULTI, (caddr_t) &ifr) < 0) { -- wpa_printf(MSG_ERROR, "ioctl[SIOC{ADD/DEL}MULTI]: %s", -- strerror(errno)); -- close(s); -- return -1; -- } -- close(s); -- return 0; --} -- -- - static void * wpa_driver_wired_init(void *ctx, const char *ifname) - { - struct wpa_driver_wired_data *drv; -@@ -555,7 +500,7 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) - wpa_printf(MSG_DEBUG, "%s: Added multicast membership with " - "packet socket", __func__); - drv->common.membership = 1; -- } else if (wpa_driver_wired_multi(ifname, pae_group_addr, 1) == 0) { -+ } else if (driver_wired_multi(ifname, pae_group_addr, 1) == 0) { - wpa_printf(MSG_DEBUG, "%s: Added multicast membership with " - "SIOCADDMULTI", __func__); - drv->common.multi = 1; -@@ -607,7 +552,7 @@ static void wpa_driver_wired_deinit(void *priv) - } - - if (drv->common.multi && -- wpa_driver_wired_multi(drv->common.ifname, pae_group_addr, 0) < 0) { -+ driver_wired_multi(drv->common.ifname, pae_group_addr, 0) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to remove PAE multicast " - "group (SIOCDELMULTI)", __func__); - } -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -index 3969880..4cb04da 100644 ---- a/src/drivers/driver_wired_common.c -+++ b/src/drivers/driver_wired_common.c -@@ -30,6 +30,63 @@ - #endif /* __sun__ */ - - -+int driver_wired_multi(const char *ifname, const u8 *addr, int add) -+{ -+ struct ifreq ifr; -+ int s; -+ -+#ifdef __sun__ -+ return -1; -+#endif /* __sun__ */ -+ -+ s = socket(PF_INET, SOCK_DGRAM, 0); -+ if (s < 0) { -+ wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -+ return -1; -+ } -+ -+ os_memset(&ifr, 0, sizeof(ifr)); -+ os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); -+#ifdef __linux__ -+ ifr.ifr_hwaddr.sa_family = AF_UNSPEC; -+ os_memcpy(ifr.ifr_hwaddr.sa_data, addr, ETH_ALEN); -+#endif /* __linux__ */ -+#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -+ { -+ struct sockaddr_dl *dlp; -+ -+ dlp = (struct sockaddr_dl *) &ifr.ifr_addr; -+ dlp->sdl_len = sizeof(struct sockaddr_dl); -+ dlp->sdl_family = AF_LINK; -+ dlp->sdl_index = 0; -+ dlp->sdl_nlen = 0; -+ dlp->sdl_alen = ETH_ALEN; -+ dlp->sdl_slen = 0; -+ os_memcpy(LLADDR(dlp), addr, ETH_ALEN); -+ } -+#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ -+#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) -+ { -+ struct sockaddr *sap; -+ -+ sap = (struct sockaddr *) &ifr.ifr_addr; -+ sap->sa_len = sizeof(struct sockaddr); -+ sap->sa_family = AF_UNSPEC; -+ os_memcpy(sap->sa_data, addr, ETH_ALEN); -+ } -+#endif /* defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) */ -+ -+ if (ioctl(s, add ? SIOCADDMULTI : SIOCDELMULTI, (caddr_t) &ifr) < 0) { -+ wpa_printf(MSG_ERROR, "ioctl[SIOC{ADD/DEL}MULTI]: %s", -+ strerror(errno)); -+ close(s); -+ return -1; -+ } -+ close(s); -+ return 0; -+} -+ -+ - int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add) - { - #ifdef __linux__ -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index 39a57a6..9bbe94f 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -22,6 +22,7 @@ struct driver_wired_common_data { - static const u8 pae_group_addr[ETH_ALEN] = - { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; - -+int driver_wired_multi(const char *ifname, const u8 *addr, int add); - int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); - - #endif /* DRIVER_WIRED_COMMON_H */ --- -2.7.4 - diff --git a/macsec-0021-drivers-Move-driver_wired_get_ifflags-to-a-common-fi.patch b/macsec-0021-drivers-Move-driver_wired_get_ifflags-to-a-common-fi.patch deleted file mode 100644 index a4ecec6201fe0c4dbf4f328808f7f9519e187f61..0000000000000000000000000000000000000000 --- a/macsec-0021-drivers-Move-driver_wired_get_ifflags-to-a-common-fi.patch +++ /dev/null @@ -1,212 +0,0 @@ -From 567b7d4ec29cd5b97b00703b5afb03d023abb532 Mon Sep 17 00:00:00 2001 -Message-Id: <567b7d4ec29cd5b97b00703b5afb03d023abb532.1488376602.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:47 +0100 -Subject: [PATCH] drivers: Move driver_wired_get_ifflags() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 33 ++++----------------------------- - src/drivers/driver_wired.c | 33 ++++----------------------------- - src/drivers/driver_wired_common.c | 25 +++++++++++++++++++++++++ - src/drivers/driver_wired_common.h | 1 + - 4 files changed, 34 insertions(+), 58 deletions(-) - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 6c07e01..d0d4611 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -99,31 +99,6 @@ static int macsec_qca_get_capa(void *priv, struct wpa_driver_capa *capa) - } - - --static int macsec_qca_get_ifflags(const char *ifname, int *flags) --{ -- struct ifreq ifr; -- int s; -- -- s = socket(PF_INET, SOCK_DGRAM, 0); -- if (s < 0) { -- wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -- return -1; -- } -- -- os_memset(&ifr, 0, sizeof(ifr)); -- os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); -- if (ioctl(s, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) { -- wpa_printf(MSG_ERROR, "ioctl[SIOCGIFFLAGS]: %s", -- strerror(errno)); -- close(s); -- return -1; -- } -- close(s); -- *flags = ifr.ifr_flags & 0xffff; -- return 0; --} -- -- - static int macsec_qca_set_ifflags(const char *ifname, int flags) - { - struct ifreq ifr; -@@ -252,7 +227,7 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - drv->common.pf_sock = -1; - #endif /* __linux__ */ - -- if (macsec_qca_get_ifflags(ifname, &flags) == 0 && -+ if (driver_wired_get_ifflags(ifname, &flags) == 0 && - !(flags & IFF_UP) && - macsec_qca_set_ifflags(ifname, flags | IFF_UP) == 0) { - drv->common.iff_up = 1; -@@ -270,7 +245,7 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - "%s: Added multicast membership with SIOCADDMULTI", - __func__); - drv->common.multi = 1; -- } else if (macsec_qca_get_ifflags(ifname, &flags) < 0) { -+ } else if (driver_wired_get_ifflags(ifname, &flags) < 0) { - wpa_printf(MSG_INFO, "%s: Could not get interface flags", - __func__); - os_free(drv); -@@ -325,7 +300,7 @@ static void macsec_qca_deinit(void *priv) - } - - if (drv->common.iff_allmulti && -- (macsec_qca_get_ifflags(drv->common.ifname, &flags) < 0 || -+ (driver_wired_get_ifflags(drv->common.ifname, &flags) < 0 || - macsec_qca_set_ifflags(drv->common.ifname, - flags & ~IFF_ALLMULTI) < 0)) { - wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", -@@ -333,7 +308,7 @@ static void macsec_qca_deinit(void *priv) - } - - if (drv->common.iff_up && -- macsec_qca_get_ifflags(drv->common.ifname, &flags) == 0 && -+ driver_wired_get_ifflags(drv->common.ifname, &flags) == 0 && - (flags & IFF_UP) && - macsec_qca_set_ifflags(drv->common.ifname, flags & ~IFF_UP) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index 20c66e3..ad49eaf 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -390,31 +390,6 @@ static int wpa_driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa) - } - - --static int wpa_driver_wired_get_ifflags(const char *ifname, int *flags) --{ -- struct ifreq ifr; -- int s; -- -- s = socket(PF_INET, SOCK_DGRAM, 0); -- if (s < 0) { -- wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -- return -1; -- } -- -- os_memset(&ifr, 0, sizeof(ifr)); -- os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); -- if (ioctl(s, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) { -- wpa_printf(MSG_ERROR, "ioctl[SIOCGIFFLAGS]: %s", -- strerror(errno)); -- close(s); -- return -1; -- } -- close(s); -- *flags = ifr.ifr_flags & 0xffff; -- return 0; --} -- -- - static int wpa_driver_wired_set_ifflags(const char *ifname, int flags) - { - struct ifreq ifr; -@@ -488,7 +463,7 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) - drv->common.pf_sock = -1; - #endif /* __linux__ */ - -- if (wpa_driver_wired_get_ifflags(ifname, &flags) == 0 && -+ if (driver_wired_get_ifflags(ifname, &flags) == 0 && - !(flags & IFF_UP) && - wpa_driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) { - drv->common.iff_up = 1; -@@ -504,7 +479,7 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) - wpa_printf(MSG_DEBUG, "%s: Added multicast membership with " - "SIOCADDMULTI", __func__); - drv->common.multi = 1; -- } else if (wpa_driver_wired_get_ifflags(ifname, &flags) < 0) { -+ } else if (driver_wired_get_ifflags(ifname, &flags) < 0) { - wpa_printf(MSG_INFO, "%s: Could not get interface " - "flags", __func__); - os_free(drv); -@@ -558,7 +533,7 @@ static void wpa_driver_wired_deinit(void *priv) - } - - if (drv->common.iff_allmulti && -- (wpa_driver_wired_get_ifflags(drv->common.ifname, &flags) < 0 || -+ (driver_wired_get_ifflags(drv->common.ifname, &flags) < 0 || - wpa_driver_wired_set_ifflags(drv->common.ifname, - flags & ~IFF_ALLMULTI) < 0)) { - wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", -@@ -566,7 +541,7 @@ static void wpa_driver_wired_deinit(void *priv) - } - - if (drv->common.iff_up && -- wpa_driver_wired_get_ifflags(drv->common.ifname, &flags) == 0 && -+ driver_wired_get_ifflags(drv->common.ifname, &flags) == 0 && - (flags & IFF_UP) && - wpa_driver_wired_set_ifflags(drv->common.ifname, - flags & ~IFF_UP) < 0) { -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -index 4cb04da..a84dcc7 100644 ---- a/src/drivers/driver_wired_common.c -+++ b/src/drivers/driver_wired_common.c -@@ -30,6 +30,31 @@ - #endif /* __sun__ */ - - -+int driver_wired_get_ifflags(const char *ifname, int *flags) -+{ -+ struct ifreq ifr; -+ int s; -+ -+ s = socket(PF_INET, SOCK_DGRAM, 0); -+ if (s < 0) { -+ wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -+ return -1; -+ } -+ -+ os_memset(&ifr, 0, sizeof(ifr)); -+ os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); -+ if (ioctl(s, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) { -+ wpa_printf(MSG_ERROR, "ioctl[SIOCGIFFLAGS]: %s", -+ strerror(errno)); -+ close(s); -+ return -1; -+ } -+ close(s); -+ *flags = ifr.ifr_flags & 0xffff; -+ return 0; -+} -+ -+ - int driver_wired_multi(const char *ifname, const u8 *addr, int add) - { - struct ifreq ifr; -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index 9bbe94f..b8ed0e0 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -22,6 +22,7 @@ struct driver_wired_common_data { - static const u8 pae_group_addr[ETH_ALEN] = - { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; - -+int driver_wired_get_ifflags(const char *ifname, int *flags); - int driver_wired_multi(const char *ifname, const u8 *addr, int add); - int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); - --- -2.7.4 - diff --git a/macsec-0022-drivers-Move-driver_wired_set_ifflags-to-a-common-fi.patch b/macsec-0022-drivers-Move-driver_wired_set_ifflags-to-a-common-fi.patch deleted file mode 100644 index ef6bd1d638be440b7dbbd3fb2dc491eefe46c08b..0000000000000000000000000000000000000000 --- a/macsec-0022-drivers-Move-driver_wired_set_ifflags-to-a-common-fi.patch +++ /dev/null @@ -1,218 +0,0 @@ -From d718a5d975de2309dc4478a62f3475cb0726f2a1 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:48 +0100 -Subject: [PATCH] drivers: Move driver_wired_set_ifflags() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 35 +++++------------------------------ - src/drivers/driver_wired.c | 37 +++++-------------------------------- - src/drivers/driver_wired_common.c | 25 +++++++++++++++++++++++++ - src/drivers/driver_wired_common.h | 1 + - 4 files changed, 36 insertions(+), 62 deletions(-) - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index d0d4611..31cb0dc 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -99,31 +99,6 @@ static int macsec_qca_get_capa(void *priv, struct wpa_driver_capa *capa) - } - - --static int macsec_qca_set_ifflags(const char *ifname, int flags) --{ -- struct ifreq ifr; -- int s; -- -- s = socket(PF_INET, SOCK_DGRAM, 0); -- if (s < 0) { -- wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -- return -1; -- } -- -- os_memset(&ifr, 0, sizeof(ifr)); -- os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); -- ifr.ifr_flags = flags & 0xffff; -- if (ioctl(s, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) { -- wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s", -- strerror(errno)); -- close(s); -- return -1; -- } -- close(s); -- return 0; --} -- -- - #if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) - static int macsec_qca_get_ifstatus(const char *ifname, int *status) - { -@@ -229,7 +204,7 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - - if (driver_wired_get_ifflags(ifname, &flags) == 0 && - !(flags & IFF_UP) && -- macsec_qca_set_ifflags(ifname, flags | IFF_UP) == 0) { -+ driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) { - drv->common.iff_up = 1; - } - -@@ -254,7 +229,7 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - wpa_printf(MSG_DEBUG, - "%s: Interface is already configured for multicast", - __func__); -- } else if (macsec_qca_set_ifflags(ifname, flags | IFF_ALLMULTI) < 0) { -+ } else if (driver_wired_set_ifflags(ifname, flags | IFF_ALLMULTI) < 0) { - wpa_printf(MSG_INFO, "%s: Failed to enable allmulti", - __func__); - os_free(drv); -@@ -301,8 +276,8 @@ static void macsec_qca_deinit(void *priv) - - if (drv->common.iff_allmulti && - (driver_wired_get_ifflags(drv->common.ifname, &flags) < 0 || -- macsec_qca_set_ifflags(drv->common.ifname, -- flags & ~IFF_ALLMULTI) < 0)) { -+ driver_wired_set_ifflags(drv->common.ifname, -+ flags & ~IFF_ALLMULTI) < 0)) { - wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", - __func__); - } -@@ -310,7 +285,7 @@ static void macsec_qca_deinit(void *priv) - if (drv->common.iff_up && - driver_wired_get_ifflags(drv->common.ifname, &flags) == 0 && - (flags & IFF_UP) && -- macsec_qca_set_ifflags(drv->common.ifname, flags & ~IFF_UP) < 0) { -+ driver_wired_set_ifflags(drv->common.ifname, flags & ~IFF_UP) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", - __func__); - } -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index ad49eaf..953fa3d 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -390,31 +390,6 @@ static int wpa_driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa) - } - - --static int wpa_driver_wired_set_ifflags(const char *ifname, int flags) --{ -- struct ifreq ifr; -- int s; -- -- s = socket(PF_INET, SOCK_DGRAM, 0); -- if (s < 0) { -- wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -- return -1; -- } -- -- os_memset(&ifr, 0, sizeof(ifr)); -- os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); -- ifr.ifr_flags = flags & 0xffff; -- if (ioctl(s, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) { -- wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s", -- strerror(errno)); -- close(s); -- return -1; -- } -- close(s); -- return 0; --} -- -- - #if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) - static int wpa_driver_wired_get_ifstatus(const char *ifname, int *status) - { -@@ -465,7 +440,7 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) - - if (driver_wired_get_ifflags(ifname, &flags) == 0 && - !(flags & IFF_UP) && -- wpa_driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) { -+ driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) { - drv->common.iff_up = 1; - } - -@@ -487,8 +462,7 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) - } else if (flags & IFF_ALLMULTI) { - wpa_printf(MSG_DEBUG, "%s: Interface is already configured " - "for multicast", __func__); -- } else if (wpa_driver_wired_set_ifflags(ifname, -- flags | IFF_ALLMULTI) < 0) { -+ } else if (driver_wired_set_ifflags(ifname, flags | IFF_ALLMULTI) < 0) { - wpa_printf(MSG_INFO, "%s: Failed to enable allmulti", - __func__); - os_free(drv); -@@ -534,8 +508,8 @@ static void wpa_driver_wired_deinit(void *priv) - - if (drv->common.iff_allmulti && - (driver_wired_get_ifflags(drv->common.ifname, &flags) < 0 || -- wpa_driver_wired_set_ifflags(drv->common.ifname, -- flags & ~IFF_ALLMULTI) < 0)) { -+ driver_wired_set_ifflags(drv->common.ifname, -+ flags & ~IFF_ALLMULTI) < 0)) { - wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", - __func__); - } -@@ -543,8 +517,7 @@ static void wpa_driver_wired_deinit(void *priv) - if (drv->common.iff_up && - driver_wired_get_ifflags(drv->common.ifname, &flags) == 0 && - (flags & IFF_UP) && -- wpa_driver_wired_set_ifflags(drv->common.ifname, -- flags & ~IFF_UP) < 0) { -+ driver_wired_set_ifflags(drv->common.ifname, flags & ~IFF_UP) < 0) { - wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", - __func__); - } -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -index a84dcc7..52f22de 100644 ---- a/src/drivers/driver_wired_common.c -+++ b/src/drivers/driver_wired_common.c -@@ -55,6 +55,31 @@ int driver_wired_get_ifflags(const char *ifname, int *flags) - } - - -+int driver_wired_set_ifflags(const char *ifname, int flags) -+{ -+ struct ifreq ifr; -+ int s; -+ -+ s = socket(PF_INET, SOCK_DGRAM, 0); -+ if (s < 0) { -+ wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -+ return -1; -+ } -+ -+ os_memset(&ifr, 0, sizeof(ifr)); -+ os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); -+ ifr.ifr_flags = flags & 0xffff; -+ if (ioctl(s, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) { -+ wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s", -+ strerror(errno)); -+ close(s); -+ return -1; -+ } -+ close(s); -+ return 0; -+} -+ -+ - int driver_wired_multi(const char *ifname, const u8 *addr, int add) - { - struct ifreq ifr; -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index b8ed0e0..e2d8bbe 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -23,6 +23,7 @@ static const u8 pae_group_addr[ETH_ALEN] = - { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; - - int driver_wired_get_ifflags(const char *ifname, int *flags); -+int driver_wired_set_ifflags(const char *ifname, int flags); - int driver_wired_multi(const char *ifname, const u8 *addr, int add); - int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); - --- -2.7.4 - diff --git a/macsec-0023-drivers-Move-driver_wired_get_ifstatus-to-a-common-f.patch b/macsec-0023-drivers-Move-driver_wired_get_ifstatus-to-a-common-f.patch deleted file mode 100644 index e7d3cc3912bdf52386ada4b474ebfd07b87e2c8b..0000000000000000000000000000000000000000 --- a/macsec-0023-drivers-Move-driver_wired_get_ifstatus-to-a-common-f.patch +++ /dev/null @@ -1,166 +0,0 @@ -From 5a55ec38edd875fc6dc54c0483e1f96ad9cf8cf9 Mon Sep 17 00:00:00 2001 -Message-Id: <5a55ec38edd875fc6dc54c0483e1f96ad9cf8cf9.1488376602.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:49 +0100 -Subject: [PATCH] drivers: Move driver_wired_get_ifstatus() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 31 +------------------------------ - src/drivers/driver_wired.c | 31 +------------------------------ - src/drivers/driver_wired_common.c | 29 +++++++++++++++++++++++++++++ - src/drivers/driver_wired_common.h | 1 + - 4 files changed, 32 insertions(+), 60 deletions(-) - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 31cb0dc..786e2e8 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -99,35 +99,6 @@ static int macsec_qca_get_capa(void *priv, struct wpa_driver_capa *capa) - } - - --#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) --static int macsec_qca_get_ifstatus(const char *ifname, int *status) --{ -- struct ifmediareq ifmr; -- int s; -- -- s = socket(PF_INET, SOCK_DGRAM, 0); -- if (s < 0) { -- wpa_print(MSG_ERROR, "socket: %s", strerror(errno)); -- return -1; -- } -- -- os_memset(&ifmr, 0, sizeof(ifmr)); -- os_strlcpy(ifmr.ifm_name, ifname, IFNAMSIZ); -- if (ioctl(s, SIOCGIFMEDIA, (caddr_t) &ifmr) < 0) { -- wpa_printf(MSG_ERROR, "ioctl[SIOCGIFMEDIA]: %s", -- strerror(errno)); -- close(s); -- return -1; -- } -- close(s); -- *status = (ifmr.ifm_status & (IFM_ACTIVE | IFM_AVALID)) == -- (IFM_ACTIVE | IFM_AVALID); -- -- return 0; --} --#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ -- -- - static void __macsec_drv_init(struct macsec_qca_data *drv) - { - int ret = 0; -@@ -243,7 +214,7 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - int status; - wpa_printf(MSG_DEBUG, "%s: waiting for link to become active", - __func__); -- while (macsec_qca_get_ifstatus(ifname, &status) == 0 && -+ while (driver_wired_get_ifstatus(ifname, &status) == 0 && - status == 0) - sleep(1); - } -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index 953fa3d..db83683 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -390,35 +390,6 @@ static int wpa_driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa) - } - - --#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) --static int wpa_driver_wired_get_ifstatus(const char *ifname, int *status) --{ -- struct ifmediareq ifmr; -- int s; -- -- s = socket(PF_INET, SOCK_DGRAM, 0); -- if (s < 0) { -- wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -- return -1; -- } -- -- os_memset(&ifmr, 0, sizeof(ifmr)); -- os_strlcpy(ifmr.ifm_name, ifname, IFNAMSIZ); -- if (ioctl(s, SIOCGIFMEDIA, (caddr_t) &ifmr) < 0) { -- wpa_printf(MSG_ERROR, "ioctl[SIOCGIFMEDIA]: %s", -- strerror(errno)); -- close(s); -- return -1; -- } -- close(s); -- *status = (ifmr.ifm_status & (IFM_ACTIVE | IFM_AVALID)) == -- (IFM_ACTIVE | IFM_AVALID); -- -- return 0; --} --#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ -- -- - static void * wpa_driver_wired_init(void *ctx, const char *ifname) - { - struct wpa_driver_wired_data *drv; -@@ -477,7 +448,7 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) - int status; - wpa_printf(MSG_DEBUG, "%s: waiting for link to become active", - __func__); -- while (wpa_driver_wired_get_ifstatus(ifname, &status) == 0 && -+ while (driver_wired_get_ifstatus(ifname, &status) == 0 && - status == 0) - sleep(1); - } -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -index 52f22de..e55e2c7 100644 ---- a/src/drivers/driver_wired_common.c -+++ b/src/drivers/driver_wired_common.c -@@ -162,3 +162,32 @@ int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add) - return -1; - #endif /* __linux__ */ - } -+ -+ -+#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -+int driver_wired_get_ifstatus(const char *ifname, int *status) -+{ -+ struct ifmediareq ifmr; -+ int s; -+ -+ s = socket(PF_INET, SOCK_DGRAM, 0); -+ if (s < 0) { -+ wpa_printf(MSG_ERROR, "socket: %s", strerror(errno)); -+ return -1; -+ } -+ -+ os_memset(&ifmr, 0, sizeof(ifmr)); -+ os_strlcpy(ifmr.ifm_name, ifname, IFNAMSIZ); -+ if (ioctl(s, SIOCGIFMEDIA, (caddr_t) &ifmr) < 0) { -+ wpa_printf(MSG_ERROR, "ioctl[SIOCGIFMEDIA]: %s", -+ strerror(errno)); -+ close(s); -+ return -1; -+ } -+ close(s); -+ *status = (ifmr.ifm_status & (IFM_ACTIVE | IFM_AVALID)) == -+ (IFM_ACTIVE | IFM_AVALID); -+ -+ return 0; -+} -+#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index e2d8bbe..c8e347a 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -26,5 +26,6 @@ int driver_wired_get_ifflags(const char *ifname, int *flags); - int driver_wired_set_ifflags(const char *ifname, int flags); - int driver_wired_multi(const char *ifname, const u8 *addr, int add); - int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); -+int driver_wired_get_ifstatus(const char *ifname, int *status); - - #endif /* DRIVER_WIRED_COMMON_H */ --- -2.7.4 - diff --git a/macsec-0024-drivers-Move-driver_wired_init_common-to-a-common-fi.patch b/macsec-0024-drivers-Move-driver_wired_init_common-to-a-common-fi.patch deleted file mode 100644 index bacda4eeac8a0616ee812f06fe3ba4530998ecb9..0000000000000000000000000000000000000000 --- a/macsec-0024-drivers-Move-driver_wired_init_common-to-a-common-fi.patch +++ /dev/null @@ -1,261 +0,0 @@ -From ed5ae6119307b981eb9d0eaff3fa2ca53e79e629 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:50 +0100 -Subject: [PATCH] drivers: Move driver_wired_init_common() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 59 ++--------------------------------- - src/drivers/driver_wired.c | 53 +------------------------------ - src/drivers/driver_wired_common.c | 65 +++++++++++++++++++++++++++++++++++++++ - src/drivers/driver_wired_common.h | 3 ++ - 4 files changed, 72 insertions(+), 108 deletions(-) - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 786e2e8..26003b0 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -149,76 +149,23 @@ static void __macsec_drv_deinit(struct macsec_qca_data *drv) - static void * macsec_qca_init(void *ctx, const char *ifname) - { - struct macsec_qca_data *drv; -- int flags; - - drv = os_zalloc(sizeof(*drv)); - if (drv == NULL) - return NULL; -- os_strlcpy(drv->common.ifname, ifname, sizeof(drv->common.ifname)); -- drv->common.ctx = ctx; - - /* Board specific settings */ -- if (os_memcmp("eth2", drv->common.ifname, 4) == 0) -+ if (os_memcmp("eth2", ifname, 4) == 0) - drv->secy_id = 1; -- else if (os_memcmp("eth3", drv->common.ifname, 4) == 0) -+ else if (os_memcmp("eth3", ifname, 4) == 0) - drv->secy_id = 2; - else - drv->secy_id = -1; - --#ifdef __linux__ -- drv->common.pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); -- if (drv->common.pf_sock < 0) -- wpa_printf(MSG_ERROR, "socket(PF_PACKET): %s", strerror(errno)); --#else /* __linux__ */ -- drv->common.pf_sock = -1; --#endif /* __linux__ */ -- -- if (driver_wired_get_ifflags(ifname, &flags) == 0 && -- !(flags & IFF_UP) && -- driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) { -- drv->common.iff_up = 1; -- } -- -- if (wired_multicast_membership(drv->common.pf_sock, -- if_nametoindex(drv->common.ifname), -- pae_group_addr, 1) == 0) { -- wpa_printf(MSG_DEBUG, -- "%s: Added multicast membership with packet socket", -- __func__); -- drv->common.membership = 1; -- } else if (driver_wired_multi(ifname, pae_group_addr, 1) == 0) { -- wpa_printf(MSG_DEBUG, -- "%s: Added multicast membership with SIOCADDMULTI", -- __func__); -- drv->common.multi = 1; -- } else if (driver_wired_get_ifflags(ifname, &flags) < 0) { -- wpa_printf(MSG_INFO, "%s: Could not get interface flags", -- __func__); -- os_free(drv); -- return NULL; -- } else if (flags & IFF_ALLMULTI) { -- wpa_printf(MSG_DEBUG, -- "%s: Interface is already configured for multicast", -- __func__); -- } else if (driver_wired_set_ifflags(ifname, flags | IFF_ALLMULTI) < 0) { -- wpa_printf(MSG_INFO, "%s: Failed to enable allmulti", -- __func__); -+ if (driver_wired_init_common(&drv->common, ifname, ctx) < 0) { - os_free(drv); - return NULL; -- } else { -- wpa_printf(MSG_DEBUG, "%s: Enabled allmulti mode", __func__); -- drv->common.iff_allmulti = 1; -- } --#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -- { -- int status; -- wpa_printf(MSG_DEBUG, "%s: waiting for link to become active", -- __func__); -- while (driver_wired_get_ifstatus(ifname, &status) == 0 && -- status == 0) -- sleep(1); - } --#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ - - return drv; - } -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index db83683..38476af 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -393,66 +393,15 @@ static int wpa_driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa) - static void * wpa_driver_wired_init(void *ctx, const char *ifname) - { - struct wpa_driver_wired_data *drv; -- int flags; - - drv = os_zalloc(sizeof(*drv)); - if (drv == NULL) - return NULL; -- os_strlcpy(drv->common.ifname, ifname, sizeof(drv->common.ifname)); -- drv->common.ctx = ctx; -- --#ifdef __linux__ -- drv->common.pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); -- if (drv->common.pf_sock < 0) -- wpa_printf(MSG_ERROR, "socket(PF_PACKET): %s", strerror(errno)); --#else /* __linux__ */ -- drv->common.pf_sock = -1; --#endif /* __linux__ */ -- -- if (driver_wired_get_ifflags(ifname, &flags) == 0 && -- !(flags & IFF_UP) && -- driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) { -- drv->common.iff_up = 1; -- } - -- if (wired_multicast_membership(drv->common.pf_sock, -- if_nametoindex(drv->common.ifname), -- pae_group_addr, 1) == 0) { -- wpa_printf(MSG_DEBUG, "%s: Added multicast membership with " -- "packet socket", __func__); -- drv->common.membership = 1; -- } else if (driver_wired_multi(ifname, pae_group_addr, 1) == 0) { -- wpa_printf(MSG_DEBUG, "%s: Added multicast membership with " -- "SIOCADDMULTI", __func__); -- drv->common.multi = 1; -- } else if (driver_wired_get_ifflags(ifname, &flags) < 0) { -- wpa_printf(MSG_INFO, "%s: Could not get interface " -- "flags", __func__); -+ if (driver_wired_init_common(&drv->common, ifname, ctx) < 0) { - os_free(drv); - return NULL; -- } else if (flags & IFF_ALLMULTI) { -- wpa_printf(MSG_DEBUG, "%s: Interface is already configured " -- "for multicast", __func__); -- } else if (driver_wired_set_ifflags(ifname, flags | IFF_ALLMULTI) < 0) { -- wpa_printf(MSG_INFO, "%s: Failed to enable allmulti", -- __func__); -- os_free(drv); -- return NULL; -- } else { -- wpa_printf(MSG_DEBUG, "%s: Enabled allmulti mode", -- __func__); -- drv->common.iff_allmulti = 1; -- } --#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -- { -- int status; -- wpa_printf(MSG_DEBUG, "%s: waiting for link to become active", -- __func__); -- while (driver_wired_get_ifstatus(ifname, &status) == 0 && -- status == 0) -- sleep(1); - } --#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ - - return drv; - } -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -index e55e2c7..6f782c2 100644 ---- a/src/drivers/driver_wired_common.c -+++ b/src/drivers/driver_wired_common.c -@@ -191,3 +191,68 @@ int driver_wired_get_ifstatus(const char *ifname, int *status) - return 0; - } - #endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ -+ -+ -+int driver_wired_init_common(struct driver_wired_common_data *common, -+ const char *ifname, void *ctx) -+{ -+ int flags; -+ -+ os_strlcpy(common->ifname, ifname, sizeof(common->ifname)); -+ common->ctx = ctx; -+ -+#ifdef __linux__ -+ common->pf_sock = socket(PF_PACKET, SOCK_DGRAM, 0); -+ if (common->pf_sock < 0) -+ wpa_printf(MSG_ERROR, "socket(PF_PACKET): %s", strerror(errno)); -+#else /* __linux__ */ -+ common->pf_sock = -1; -+#endif /* __linux__ */ -+ -+ if (driver_wired_get_ifflags(ifname, &flags) == 0 && -+ !(flags & IFF_UP) && -+ driver_wired_set_ifflags(ifname, flags | IFF_UP) == 0) -+ common->iff_up = 1; -+ -+ if (wired_multicast_membership(common->pf_sock, -+ if_nametoindex(common->ifname), -+ pae_group_addr, 1) == 0) { -+ wpa_printf(MSG_DEBUG, -+ "%s: Added multicast membership with packet socket", -+ __func__); -+ common->membership = 1; -+ } else if (driver_wired_multi(ifname, pae_group_addr, 1) == 0) { -+ wpa_printf(MSG_DEBUG, -+ "%s: Added multicast membership with SIOCADDMULTI", -+ __func__); -+ common->multi = 1; -+ } else if (driver_wired_get_ifflags(ifname, &flags) < 0) { -+ wpa_printf(MSG_INFO, "%s: Could not get interface flags", -+ __func__); -+ return -1; -+ } else if (flags & IFF_ALLMULTI) { -+ wpa_printf(MSG_DEBUG, -+ "%s: Interface is already configured for multicast", -+ __func__); -+ } else if (driver_wired_set_ifflags(ifname, -+ flags | IFF_ALLMULTI) < 0) { -+ wpa_printf(MSG_INFO, "%s: Failed to enable allmulti", __func__); -+ return -1; -+ } else { -+ wpa_printf(MSG_DEBUG, "%s: Enabled allmulti mode", __func__); -+ common->iff_allmulti = 1; -+ } -+#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) -+ { -+ int status; -+ -+ wpa_printf(MSG_DEBUG, "%s: waiting for link to become active", -+ __func__); -+ while (driver_wired_get_ifstatus(ifname, &status) == 0 && -+ status == 0) -+ sleep(1); -+ } -+#endif /* defined(__FreeBSD__) || defined(__DragonFly__) || defined(FreeBSD_kernel__) */ -+ -+ return 0; -+} -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index c8e347a..e4f54b9 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -28,4 +28,7 @@ int driver_wired_multi(const char *ifname, const u8 *addr, int add); - int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); - int driver_wired_get_ifstatus(const char *ifname, int *status); - -+int driver_wired_init_common(struct driver_wired_common_data *common, -+ const char *ifname, void *ctx); -+ - #endif /* DRIVER_WIRED_COMMON_H */ --- -2.7.4 - diff --git a/macsec-0025-drivers-Move-driver_wired_deinit_common-to-a-common-.patch b/macsec-0025-drivers-Move-driver_wired_deinit_common-to-a-common-.patch deleted file mode 100644 index 731d5e979329b8b3ac42969106e0570513d458dc..0000000000000000000000000000000000000000 --- a/macsec-0025-drivers-Move-driver_wired_deinit_common-to-a-common-.patch +++ /dev/null @@ -1,176 +0,0 @@ -From ec9cfb96c2db746f26ceaa577953cfc2dc9d0f49 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:51 +0100 -Subject: [PATCH] drivers: Move driver_wired_deinit_common() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 37 +---------------------------------- - src/drivers/driver_wired.c | 35 +-------------------------------- - src/drivers/driver_wired_common.c | 41 +++++++++++++++++++++++++++++++++++++++ - src/drivers/driver_wired_common.h | 1 + - 4 files changed, 44 insertions(+), 70 deletions(-) - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 26003b0..30bf31c 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -174,43 +174,8 @@ static void * macsec_qca_init(void *ctx, const char *ifname) - static void macsec_qca_deinit(void *priv) - { - struct macsec_qca_data *drv = priv; -- int flags; -- -- if (drv->common.membership && -- wired_multicast_membership(drv->common.pf_sock, -- if_nametoindex(drv->common.ifname), -- pae_group_addr, 0) < 0) { -- wpa_printf(MSG_DEBUG, -- "%s: Failed to remove PAE multicast group (PACKET)", -- __func__); -- } -- -- if (drv->common.multi && -- driver_wired_multi(drv->common.ifname, pae_group_addr, 0) < 0) { -- wpa_printf(MSG_DEBUG, -- "%s: Failed to remove PAE multicast group (SIOCDELMULTI)", -- __func__); -- } -- -- if (drv->common.iff_allmulti && -- (driver_wired_get_ifflags(drv->common.ifname, &flags) < 0 || -- driver_wired_set_ifflags(drv->common.ifname, -- flags & ~IFF_ALLMULTI) < 0)) { -- wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", -- __func__); -- } -- -- if (drv->common.iff_up && -- driver_wired_get_ifflags(drv->common.ifname, &flags) == 0 && -- (flags & IFF_UP) && -- driver_wired_set_ifflags(drv->common.ifname, flags & ~IFF_UP) < 0) { -- wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", -- __func__); -- } -- -- if (drv->common.pf_sock != -1) -- close(drv->common.pf_sock); - -+ driver_wired_deinit_common(&drv->common); - os_free(drv); - } - -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index 38476af..54217bc 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -410,41 +410,8 @@ static void * wpa_driver_wired_init(void *ctx, const char *ifname) - static void wpa_driver_wired_deinit(void *priv) - { - struct wpa_driver_wired_data *drv = priv; -- int flags; -- -- if (drv->common.membership && -- wired_multicast_membership(drv->common.pf_sock, -- if_nametoindex(drv->common.ifname), -- pae_group_addr, 0) < 0) { -- wpa_printf(MSG_DEBUG, "%s: Failed to remove PAE multicast " -- "group (PACKET)", __func__); -- } -- -- if (drv->common.multi && -- driver_wired_multi(drv->common.ifname, pae_group_addr, 0) < 0) { -- wpa_printf(MSG_DEBUG, "%s: Failed to remove PAE multicast " -- "group (SIOCDELMULTI)", __func__); -- } -- -- if (drv->common.iff_allmulti && -- (driver_wired_get_ifflags(drv->common.ifname, &flags) < 0 || -- driver_wired_set_ifflags(drv->common.ifname, -- flags & ~IFF_ALLMULTI) < 0)) { -- wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", -- __func__); -- } -- -- if (drv->common.iff_up && -- driver_wired_get_ifflags(drv->common.ifname, &flags) == 0 && -- (flags & IFF_UP) && -- driver_wired_set_ifflags(drv->common.ifname, flags & ~IFF_UP) < 0) { -- wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", -- __func__); -- } -- -- if (drv->common.pf_sock != -1) -- close(drv->common.pf_sock); - -+ driver_wired_deinit_common(&drv->common); - os_free(drv); - } - -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -index 6f782c2..73c2b1b 100644 ---- a/src/drivers/driver_wired_common.c -+++ b/src/drivers/driver_wired_common.c -@@ -256,3 +256,44 @@ int driver_wired_init_common(struct driver_wired_common_data *common, - - return 0; - } -+ -+ -+void driver_wired_deinit_common(struct driver_wired_common_data *common) -+{ -+ int flags; -+ -+ if (common->membership && -+ wired_multicast_membership(common->pf_sock, -+ if_nametoindex(common->ifname), -+ pae_group_addr, 0) < 0) { -+ wpa_printf(MSG_DEBUG, -+ "%s: Failed to remove PAE multicast group (PACKET)", -+ __func__); -+ } -+ -+ if (common->multi && -+ driver_wired_multi(common->ifname, pae_group_addr, 0) < 0) { -+ wpa_printf(MSG_DEBUG, -+ "%s: Failed to remove PAE multicast group (SIOCDELMULTI)", -+ __func__); -+ } -+ -+ if (common->iff_allmulti && -+ (driver_wired_get_ifflags(common->ifname, &flags) < 0 || -+ driver_wired_set_ifflags(common->ifname, -+ flags & ~IFF_ALLMULTI) < 0)) { -+ wpa_printf(MSG_DEBUG, "%s: Failed to disable allmulti mode", -+ __func__); -+ } -+ -+ if (common->iff_up && -+ driver_wired_get_ifflags(common->ifname, &flags) == 0 && -+ (flags & IFF_UP) && -+ driver_wired_set_ifflags(common->ifname, flags & ~IFF_UP) < 0) { -+ wpa_printf(MSG_DEBUG, "%s: Failed to set the interface down", -+ __func__); -+ } -+ -+ if (common->pf_sock != -1) -+ close(common->pf_sock); -+} -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index e4f54b9..f362dbd 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -30,5 +30,6 @@ int driver_wired_get_ifstatus(const char *ifname, int *status); - - int driver_wired_init_common(struct driver_wired_common_data *common, - const char *ifname, void *ctx); -+void driver_wired_deinit_common(struct driver_wired_common_data *common); - - #endif /* DRIVER_WIRED_COMMON_H */ --- -2.7.4 - diff --git a/macsec-0026-drivers-Move-driver_wired_get_capa-to-a-common-file.patch b/macsec-0026-drivers-Move-driver_wired_get_capa-to-a-common-file.patch deleted file mode 100644 index 6435f5044cfd499046064cc10323cca8f7ee4c16..0000000000000000000000000000000000000000 --- a/macsec-0026-drivers-Move-driver_wired_get_capa-to-a-common-file.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 9281e5c5ce83648d344808e08f213f4e11a44573 Mon Sep 17 00:00:00 2001 -Message-Id: <9281e5c5ce83648d344808e08f213f4e11a44573.1488376602.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:52 +0100 -Subject: [PATCH] drivers: Move driver_wired_get_capa() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 10 +--------- - src/drivers/driver_wired.c | 10 +--------- - src/drivers/driver_wired_common.c | 8 ++++++++ - src/drivers/driver_wired_common.h | 1 + - 4 files changed, 11 insertions(+), 18 deletions(-) - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 30bf31c..15ea4bd 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -91,14 +91,6 @@ static int macsec_qca_get_bssid(void *priv, u8 *bssid) - } - - --static int macsec_qca_get_capa(void *priv, struct wpa_driver_capa *capa) --{ -- os_memset(capa, 0, sizeof(*capa)); -- capa->flags = WPA_DRIVER_FLAGS_WIRED; -- return 0; --} -- -- - static void __macsec_drv_init(struct macsec_qca_data *drv) - { - int ret = 0; -@@ -758,7 +750,7 @@ const struct wpa_driver_ops wpa_driver_macsec_qca_ops = { - .desc = "QCA MACsec Ethernet driver", - .get_ssid = macsec_qca_get_ssid, - .get_bssid = macsec_qca_get_bssid, -- .get_capa = macsec_qca_get_capa, -+ .get_capa = driver_wired_get_capa, - .init = macsec_qca_init, - .deinit = macsec_qca_deinit, - -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index 54217bc..fd8a7e3 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -382,14 +382,6 @@ static int wpa_driver_wired_get_bssid(void *priv, u8 *bssid) - } - - --static int wpa_driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa) --{ -- os_memset(capa, 0, sizeof(*capa)); -- capa->flags = WPA_DRIVER_FLAGS_WIRED; -- return 0; --} -- -- - static void * wpa_driver_wired_init(void *ctx, const char *ifname) - { - struct wpa_driver_wired_data *drv; -@@ -424,7 +416,7 @@ const struct wpa_driver_ops wpa_driver_wired_ops = { - .hapd_send_eapol = wired_send_eapol, - .get_ssid = wpa_driver_wired_get_ssid, - .get_bssid = wpa_driver_wired_get_bssid, -- .get_capa = wpa_driver_wired_get_capa, -+ .get_capa = driver_wired_get_capa, - .init = wpa_driver_wired_init, - .deinit = wpa_driver_wired_deinit, - }; -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -index 73c2b1b..b31474d 100644 ---- a/src/drivers/driver_wired_common.c -+++ b/src/drivers/driver_wired_common.c -@@ -164,6 +164,14 @@ int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add) - } - - -+int driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa) -+{ -+ os_memset(capa, 0, sizeof(*capa)); -+ capa->flags = WPA_DRIVER_FLAGS_WIRED; -+ return 0; -+} -+ -+ - #if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) - int driver_wired_get_ifstatus(const char *ifname, int *status) - { -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index f362dbd..b926d83 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -26,6 +26,7 @@ int driver_wired_get_ifflags(const char *ifname, int *flags); - int driver_wired_set_ifflags(const char *ifname, int flags); - int driver_wired_multi(const char *ifname, const u8 *addr, int add); - int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); -+int driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa); - int driver_wired_get_ifstatus(const char *ifname, int *status); - - int driver_wired_init_common(struct driver_wired_common_data *common, --- -2.7.4 - diff --git a/macsec-0027-drivers-Move-driver_wired_get_bssid-to-a-common-file.patch b/macsec-0027-drivers-Move-driver_wired_get_bssid-to-a-common-file.patch deleted file mode 100644 index cd05ca46b719e507fce8c4580f8b06fa5f3ff6d4..0000000000000000000000000000000000000000 --- a/macsec-0027-drivers-Move-driver_wired_get_bssid-to-a-common-file.patch +++ /dev/null @@ -1,107 +0,0 @@ -From d27c42baea5d52f3f4fdc36ed98c7d10289ad973 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:53 +0100 -Subject: [PATCH] drivers: Move driver_wired_get_bssid() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 10 +--------- - src/drivers/driver_wired.c | 10 +--------- - src/drivers/driver_wired_common.c | 8 ++++++++ - src/drivers/driver_wired_common.h | 1 + - 4 files changed, 11 insertions(+), 18 deletions(-) - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 15ea4bd..4bbc59f 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -83,14 +83,6 @@ static int macsec_qca_get_ssid(void *priv, u8 *ssid) - } - - --static int macsec_qca_get_bssid(void *priv, u8 *bssid) --{ -- /* Report PAE group address as the "BSSID" for macsec connection. */ -- os_memcpy(bssid, pae_group_addr, ETH_ALEN); -- return 0; --} -- -- - static void __macsec_drv_init(struct macsec_qca_data *drv) - { - int ret = 0; -@@ -749,7 +741,7 @@ const struct wpa_driver_ops wpa_driver_macsec_qca_ops = { - .name = "macsec_qca", - .desc = "QCA MACsec Ethernet driver", - .get_ssid = macsec_qca_get_ssid, -- .get_bssid = macsec_qca_get_bssid, -+ .get_bssid = driver_wired_get_bssid, - .get_capa = driver_wired_get_capa, - .init = macsec_qca_init, - .deinit = macsec_qca_deinit, -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index fd8a7e3..ad34627 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -374,14 +374,6 @@ static int wpa_driver_wired_get_ssid(void *priv, u8 *ssid) - } - - --static int wpa_driver_wired_get_bssid(void *priv, u8 *bssid) --{ -- /* Report PAE group address as the "BSSID" for wired connection. */ -- os_memcpy(bssid, pae_group_addr, ETH_ALEN); -- return 0; --} -- -- - static void * wpa_driver_wired_init(void *ctx, const char *ifname) - { - struct wpa_driver_wired_data *drv; -@@ -415,7 +407,7 @@ const struct wpa_driver_ops wpa_driver_wired_ops = { - .hapd_deinit = wired_driver_hapd_deinit, - .hapd_send_eapol = wired_send_eapol, - .get_ssid = wpa_driver_wired_get_ssid, -- .get_bssid = wpa_driver_wired_get_bssid, -+ .get_bssid = driver_wired_get_bssid, - .get_capa = driver_wired_get_capa, - .init = wpa_driver_wired_init, - .deinit = wpa_driver_wired_deinit, -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -index b31474d..d30d3a4 100644 ---- a/src/drivers/driver_wired_common.c -+++ b/src/drivers/driver_wired_common.c -@@ -164,6 +164,14 @@ int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add) - } - - -+int driver_wired_get_bssid(void *priv, u8 *bssid) -+{ -+ /* Report PAE group address as the "BSSID" for wired connection. */ -+ os_memcpy(bssid, pae_group_addr, ETH_ALEN); -+ return 0; -+} -+ -+ - int driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa) - { - os_memset(capa, 0, sizeof(*capa)); -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index b926d83..493987a 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -26,6 +26,7 @@ int driver_wired_get_ifflags(const char *ifname, int *flags); - int driver_wired_set_ifflags(const char *ifname, int flags); - int driver_wired_multi(const char *ifname, const u8 *addr, int add); - int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); -+int driver_wired_get_bssid(void *priv, u8 *bssid); - int driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa); - int driver_wired_get_ifstatus(const char *ifname, int *status); - --- -2.7.4 - diff --git a/macsec-0028-drivers-Move-driver_wired_get_ssid-to-a-common-file.patch b/macsec-0028-drivers-Move-driver_wired_get_ssid-to-a-common-file.patch deleted file mode 100644 index dd9a91410f5658a753b6b9d9c00ececf0a7f9f3f..0000000000000000000000000000000000000000 --- a/macsec-0028-drivers-Move-driver_wired_get_ssid-to-a-common-file.patch +++ /dev/null @@ -1,104 +0,0 @@ -From 8618313b6ef1c40002836ffc56d70466ea80d44e Mon Sep 17 00:00:00 2001 -Message-Id: <8618313b6ef1c40002836ffc56d70466ea80d44e.1488376602.git.dcaratti@redhat.com> -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:54 +0100 -Subject: [PATCH] drivers: Move driver_wired_get_ssid() to a common file - -This continues refactoring of the common parts of wired drivers code -into a shared file, so that they can be reused by other drivers. - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver_macsec_qca.c | 9 +-------- - src/drivers/driver_wired.c | 9 +-------- - src/drivers/driver_wired_common.c | 7 +++++++ - src/drivers/driver_wired_common.h | 1 + - 4 files changed, 10 insertions(+), 16 deletions(-) - -diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c -index 4bbc59f..d3be19c 100644 ---- a/src/drivers/driver_macsec_qca.c -+++ b/src/drivers/driver_macsec_qca.c -@@ -76,13 +76,6 @@ struct macsec_qca_data { - }; - - --static int macsec_qca_get_ssid(void *priv, u8 *ssid) --{ -- ssid[0] = 0; -- return 0; --} -- -- - static void __macsec_drv_init(struct macsec_qca_data *drv) - { - int ret = 0; -@@ -740,7 +733,7 @@ static int macsec_qca_disable_transmit_sa(void *priv, struct transmit_sa *sa) - const struct wpa_driver_ops wpa_driver_macsec_qca_ops = { - .name = "macsec_qca", - .desc = "QCA MACsec Ethernet driver", -- .get_ssid = macsec_qca_get_ssid, -+ .get_ssid = driver_wired_get_ssid, - .get_bssid = driver_wired_get_bssid, - .get_capa = driver_wired_get_capa, - .init = macsec_qca_init, -diff --git a/src/drivers/driver_wired.c b/src/drivers/driver_wired.c -index ad34627..7e09dcf 100644 ---- a/src/drivers/driver_wired.c -+++ b/src/drivers/driver_wired.c -@@ -367,13 +367,6 @@ static void wired_driver_hapd_deinit(void *priv) - } - - --static int wpa_driver_wired_get_ssid(void *priv, u8 *ssid) --{ -- ssid[0] = 0; -- return 0; --} -- -- - static void * wpa_driver_wired_init(void *ctx, const char *ifname) - { - struct wpa_driver_wired_data *drv; -@@ -406,7 +399,7 @@ const struct wpa_driver_ops wpa_driver_wired_ops = { - .hapd_init = wired_driver_hapd_init, - .hapd_deinit = wired_driver_hapd_deinit, - .hapd_send_eapol = wired_send_eapol, -- .get_ssid = wpa_driver_wired_get_ssid, -+ .get_ssid = driver_wired_get_ssid, - .get_bssid = driver_wired_get_bssid, - .get_capa = driver_wired_get_capa, - .init = wpa_driver_wired_init, -diff --git a/src/drivers/driver_wired_common.c b/src/drivers/driver_wired_common.c -index d30d3a4..2e169d7 100644 ---- a/src/drivers/driver_wired_common.c -+++ b/src/drivers/driver_wired_common.c -@@ -164,6 +164,13 @@ int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add) - } - - -+int driver_wired_get_ssid(void *priv, u8 *ssid) -+{ -+ ssid[0] = 0; -+ return 0; -+} -+ -+ - int driver_wired_get_bssid(void *priv, u8 *bssid) - { - /* Report PAE group address as the "BSSID" for wired connection. */ -diff --git a/src/drivers/driver_wired_common.h b/src/drivers/driver_wired_common.h -index 493987a..7e1a4ae 100644 ---- a/src/drivers/driver_wired_common.h -+++ b/src/drivers/driver_wired_common.h -@@ -26,6 +26,7 @@ int driver_wired_get_ifflags(const char *ifname, int *flags); - int driver_wired_set_ifflags(const char *ifname, int flags); - int driver_wired_multi(const char *ifname, const u8 *addr, int add); - int wired_multicast_membership(int sock, int ifindex, const u8 *addr, int add); -+int driver_wired_get_ssid(void *priv, u8 *ssid); - int driver_wired_get_bssid(void *priv, u8 *bssid); - int driver_wired_get_capa(void *priv, struct wpa_driver_capa *capa); - int driver_wired_get_ifstatus(const char *ifname, int *status); --- -2.7.4 - diff --git a/macsec-0029-macsec_linux-Add-a-driver-for-macsec-on-Linux-kernel.patch b/macsec-0029-macsec_linux-Add-a-driver-for-macsec-on-Linux-kernel.patch deleted file mode 100644 index 04438a7bd83b98c137dbda4fe942e5549fb8ff24..0000000000000000000000000000000000000000 --- a/macsec-0029-macsec_linux-Add-a-driver-for-macsec-on-Linux-kernel.patch +++ /dev/null @@ -1,1397 +0,0 @@ -From f014d9dbf04d0637429f7eb85c915def87f2f7d8 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:55 +0100 -Subject: [PATCH] macsec_linux: Add a driver for macsec on Linux kernels - -This uses libnl3 to communicate with the macsec module available on -Linux. A recent enough version of libnl is needed for the macsec.h file -(which is not yet available in a formal libnl release at the time of -this commit). - -Signed-off-by: Sabrina Dubroca ---- - src/drivers/driver.h | 4 + - src/drivers/driver_macsec_linux.c | 1265 +++++++++++++++++++++++++++++++++++++ - src/drivers/drivers.c | 3 + - src/drivers/drivers.mak | 7 + - src/drivers/drivers.mk | 7 + - src/pae/ieee802_1x_kay.c | 11 + - src/pae/ieee802_1x_kay.h | 2 + - 7 files changed, 1299 insertions(+) - create mode 100644 src/drivers/driver_macsec_linux.c - -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index ffe5560..71ad006 100644 ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -5050,6 +5050,10 @@ extern const struct wpa_driver_ops wpa_driver_wired_ops; /* driver_wired.c */ - /* driver_macsec_qca.c */ - extern const struct wpa_driver_ops wpa_driver_macsec_qca_ops; - #endif /* CONFIG_DRIVER_MACSEC_QCA */ -+#ifdef CONFIG_DRIVER_MACSEC_LINUX -+/* driver_macsec_linux.c */ -+extern const struct wpa_driver_ops wpa_driver_macsec_linux_ops; -+#endif /* CONFIG_DRIVER_MACSEC_LINUX */ - #ifdef CONFIG_DRIVER_ROBOSWITCH - /* driver_roboswitch.c */ - extern const struct wpa_driver_ops wpa_driver_roboswitch_ops; -diff --git a/src/drivers/driver_macsec_linux.c b/src/drivers/driver_macsec_linux.c -new file mode 100644 -index 0000000..5dab77a ---- /dev/null -+++ b/src/drivers/driver_macsec_linux.c -@@ -0,0 +1,1265 @@ -+/* -+ * Driver interaction with Linux MACsec kernel module -+ * Copyright (c) 2016, Sabrina Dubroca and Red Hat, Inc. -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ */ -+ -+#include "includes.h" -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "utils/common.h" -+#include "utils/eloop.h" -+#include "pae/ieee802_1x_kay.h" -+#include "driver.h" -+#include "driver_wired_common.h" -+ -+#define DRV_PREFIX "macsec_linux: " -+ -+#define UNUSED_SCI 0xffffffffffffffff -+ -+struct cb_arg { -+ struct macsec_drv_data *drv; -+ u32 *pn; -+ int ifindex; -+ u8 txsa; -+ u8 rxsa; -+ u64 rxsci; -+}; -+ -+struct macsec_genl_ctx { -+ struct nl_sock *sk; -+ int macsec_genl_id; -+ struct cb_arg cb_arg; -+}; -+ -+struct macsec_drv_data { -+ struct driver_wired_common_data common; -+ struct rtnl_link *link; -+ struct nl_cache *link_cache; -+ struct nl_sock *sk; -+ struct macsec_genl_ctx ctx; -+ -+ struct netlink_data *netlink; -+ struct nl_handle *nl; -+ char ifname[IFNAMSIZ + 1]; -+ int ifi; -+ int parent_ifi; -+ -+ Boolean created_link; -+ -+ Boolean controlled_port_enabled; -+ Boolean controlled_port_enabled_set; -+ -+ Boolean protect_frames; -+ Boolean protect_frames_set; -+ -+ Boolean encrypt; -+ Boolean encrypt_set; -+ -+ Boolean replay_protect; -+ Boolean replay_protect_set; -+ -+ u32 replay_window; -+ -+ u8 encoding_sa; -+ Boolean encoding_sa_set; -+}; -+ -+ -+static int dump_callback(struct nl_msg *msg, void *argp); -+ -+ -+static struct nl_msg * msg_prepare(enum macsec_nl_commands cmd, -+ const struct macsec_genl_ctx *ctx, -+ unsigned int ifindex) -+{ -+ struct nl_msg *msg; -+ -+ msg = nlmsg_alloc(); -+ if (!msg) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "failed to alloc message"); -+ return NULL; -+ } -+ -+ if (!genlmsg_put(msg, 0, 0, ctx->macsec_genl_id, 0, 0, cmd, 0)) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "failed to put header"); -+ goto nla_put_failure; -+ } -+ -+ NLA_PUT_U32(msg, MACSEC_ATTR_IFINDEX, ifindex); -+ -+ return msg; -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return NULL; -+} -+ -+ -+static int nla_put_rxsc_config(struct nl_msg *msg, u64 sci) -+{ -+ struct nlattr *nest = nla_nest_start(msg, MACSEC_ATTR_RXSC_CONFIG); -+ -+ if (!nest) -+ return -1; -+ -+ NLA_PUT_U64(msg, MACSEC_RXSC_ATTR_SCI, sci); -+ -+ nla_nest_end(msg, nest); -+ -+ return 0; -+ -+nla_put_failure: -+ return -1; -+} -+ -+ -+static int init_genl_ctx(struct macsec_drv_data *drv) -+{ -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ -+ ctx->sk = nl_socket_alloc(); -+ if (!ctx->sk) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "failed to alloc genl socket"); -+ return -1; -+ } -+ -+ if (genl_connect(ctx->sk) < 0) { -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "connection to genl socket failed"); -+ goto out_free; -+ } -+ -+ ctx->macsec_genl_id = genl_ctrl_resolve(ctx->sk, "macsec"); -+ if (ctx->macsec_genl_id < 0) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "genl resolve failed"); -+ goto out_free; -+ } -+ -+ memset(&ctx->cb_arg, 0, sizeof(ctx->cb_arg)); -+ ctx->cb_arg.drv = drv; -+ -+ nl_socket_modify_cb(ctx->sk, NL_CB_VALID, NL_CB_CUSTOM, dump_callback, -+ &ctx->cb_arg); -+ -+ return 0; -+ -+out_free: -+ nl_socket_free(ctx->sk); -+ ctx->sk = NULL; -+ return -1; -+} -+ -+ -+static int try_commit(struct macsec_drv_data *drv) -+{ -+ int err; -+ -+ if (!drv->link) -+ return 0; -+ -+ if (drv->controlled_port_enabled_set) { -+ struct rtnl_link *change = rtnl_link_alloc(); -+ -+ if (!change) -+ return -1; -+ -+ rtnl_link_set_name(change, drv->ifname); -+ -+ if (drv->controlled_port_enabled) -+ rtnl_link_set_flags(change, IFF_UP); -+ else -+ rtnl_link_unset_flags(change, IFF_UP); -+ -+ err = rtnl_link_change(drv->sk, change, change, 0); -+ if (err < 0) -+ return err; -+ -+ rtnl_link_put(change); -+ -+ drv->controlled_port_enabled_set = FALSE; -+ } -+ -+ if (drv->protect_frames_set) -+ rtnl_link_macsec_set_protect(drv->link, drv->protect_frames); -+ -+ if (drv->encrypt_set) -+ rtnl_link_macsec_set_encrypt(drv->link, drv->encrypt); -+ -+ if (drv->replay_protect_set) { -+ rtnl_link_macsec_set_replay_protect(drv->link, -+ drv->replay_protect); -+ if (drv->replay_protect) -+ rtnl_link_macsec_set_window(drv->link, -+ drv->replay_window); -+ } -+ -+ if (drv->encoding_sa_set) -+ rtnl_link_macsec_set_encoding_sa(drv->link, drv->encoding_sa); -+ -+ err = rtnl_link_add(drv->sk, drv->link, 0); -+ if (err < 0) -+ return err; -+ -+ drv->protect_frames_set = FALSE; -+ drv->encrypt_set = FALSE; -+ drv->replay_protect_set = FALSE; -+ -+ return 0; -+} -+ -+ -+static void macsec_drv_wpa_deinit(void *priv) -+{ -+ struct macsec_drv_data *drv = priv; -+ -+ driver_wired_deinit_common(&drv->common); -+ os_free(drv); -+} -+ -+ -+static void * macsec_drv_wpa_init(void *ctx, const char *ifname) -+{ -+ struct macsec_drv_data *drv; -+ -+ drv = os_zalloc(sizeof(*drv)); -+ if (!drv) -+ return NULL; -+ -+ if (driver_wired_init_common(&drv->common, ifname, ctx) < 0) { -+ os_free(drv); -+ return NULL; -+ } -+ -+ return drv; -+} -+ -+ -+static int macsec_drv_macsec_init(void *priv, struct macsec_init_params *params) -+{ -+ struct macsec_drv_data *drv = priv; -+ int err; -+ -+ wpa_printf(MSG_DEBUG, "%s", __func__); -+ -+ drv->sk = nl_socket_alloc(); -+ if (!drv->sk) -+ return -1; -+ -+ err = nl_connect(drv->sk, NETLINK_ROUTE); -+ if (err < 0) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX -+ "Unable to connect NETLINK_ROUTE socket: %s", -+ strerror(errno)); -+ goto sock; -+ } -+ -+ err = rtnl_link_alloc_cache(drv->sk, AF_UNSPEC, &drv->link_cache); -+ if (err < 0) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "Unable to get link cache: %s", -+ strerror(errno)); -+ goto sock; -+ } -+ -+ drv->parent_ifi = rtnl_link_name2i(drv->link_cache, drv->common.ifname); -+ if (drv->parent_ifi == 0) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX -+ "couldn't find ifindex for interface %s", -+ drv->common.ifname); -+ goto cache; -+ } -+ -+ err = init_genl_ctx(drv); -+ if (err < 0) -+ goto cache; -+ -+ return 0; -+ -+cache: -+ nl_cache_free(drv->link_cache); -+ drv->link_cache = NULL; -+sock: -+ nl_socket_free(drv->sk); -+ drv->sk = NULL; -+ return -1; -+} -+ -+ -+static int macsec_drv_macsec_deinit(void *priv) -+{ -+ struct macsec_drv_data *drv = priv; -+ -+ wpa_printf(MSG_DEBUG, "%s", __func__); -+ -+ if (drv->sk) -+ nl_socket_free(drv->sk); -+ drv->sk = NULL; -+ -+ if (drv->link_cache) -+ nl_cache_free(drv->link_cache); -+ drv->link_cache = NULL; -+ -+ if (drv->ctx.sk) -+ nl_socket_free(drv->ctx.sk); -+ -+ return 0; -+} -+ -+ -+static int macsec_drv_get_capability(void *priv, enum macsec_cap *cap) -+{ -+ wpa_printf(MSG_DEBUG, "%s", __func__); -+ -+ *cap = MACSEC_CAP_INTEG_AND_CONF; -+ -+ return 0; -+} -+ -+ -+/** -+ * macsec_drv_enable_protect_frames - Set protect frames status -+ * @priv: Private driver interface data -+ * @enabled: TRUE = protect frames enabled -+ * FALSE = protect frames disabled -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+static int macsec_drv_enable_protect_frames(void *priv, Boolean enabled) -+{ -+ struct macsec_drv_data *drv = priv; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE"); -+ -+ drv->protect_frames_set = TRUE; -+ drv->protect_frames = enabled; -+ -+ return try_commit(drv); -+} -+ -+ -+/** -+ * macsec_drv_enable_encrypt - Set protect frames status -+ * @priv: Private driver interface data -+ * @enabled: TRUE = protect frames enabled -+ * FALSE = protect frames disabled -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+static int macsec_drv_enable_encrypt(void *priv, Boolean enabled) -+{ -+ struct macsec_drv_data *drv = priv; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE"); -+ -+ drv->encrypt_set = TRUE; -+ drv->encrypt = enabled; -+ -+ return try_commit(drv); -+} -+ -+ -+/** -+ * macsec_drv_set_replay_protect - Set replay protect status and window size -+ * @priv: Private driver interface data -+ * @enabled: TRUE = replay protect enabled -+ * FALSE = replay protect disabled -+ * @window: replay window size, valid only when replay protect enabled -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+static int macsec_drv_set_replay_protect(void *priv, Boolean enabled, -+ u32 window) -+{ -+ struct macsec_drv_data *drv = priv; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %s, %u", __func__, -+ enabled ? "TRUE" : "FALSE", window); -+ -+ drv->replay_protect_set = TRUE; -+ drv->replay_protect = enabled; -+ if (enabled) -+ drv->replay_window = window; -+ -+ return try_commit(drv); -+} -+ -+ -+/** -+ * macsec_drv_set_current_cipher_suite - Set current cipher suite -+ * @priv: Private driver interface data -+ * @cs: EUI64 identifier -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+static int macsec_drv_set_current_cipher_suite(void *priv, u64 cs) -+{ -+ wpa_printf(MSG_DEBUG, "%s -> %016" PRIx64, __func__, cs); -+ return 0; -+} -+ -+ -+/** -+ * macsec_drv_enable_controlled_port - Set controlled port status -+ * @priv: Private driver interface data -+ * @enabled: TRUE = controlled port enabled -+ * FALSE = controlled port disabled -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+static int macsec_drv_enable_controlled_port(void *priv, Boolean enabled) -+{ -+ struct macsec_drv_data *drv = priv; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE"); -+ -+ drv->controlled_port_enabled = enabled; -+ drv->controlled_port_enabled_set = TRUE; -+ -+ return try_commit(drv); -+} -+ -+ -+static struct nla_policy sa_policy[MACSEC_SA_ATTR_MAX + 1] = { -+ [MACSEC_SA_ATTR_AN] = { .type = NLA_U8 }, -+ [MACSEC_SA_ATTR_ACTIVE] = { .type = NLA_U8 }, -+ [MACSEC_SA_ATTR_PN] = { .type = NLA_U32 }, -+ [MACSEC_SA_ATTR_KEYID] = { .type = NLA_BINARY }, -+}; -+ -+static struct nla_policy sc_policy[MACSEC_RXSC_ATTR_MAX + 1] = { -+ [MACSEC_RXSC_ATTR_SCI] = { .type = NLA_U64 }, -+ [MACSEC_RXSC_ATTR_ACTIVE] = { .type = NLA_U8 }, -+ [MACSEC_RXSC_ATTR_SA_LIST] = { .type = NLA_NESTED }, -+}; -+ -+static struct nla_policy main_policy[MACSEC_ATTR_MAX + 1] = { -+ [MACSEC_ATTR_IFINDEX] = { .type = NLA_U32 }, -+ [MACSEC_ATTR_SECY] = { .type = NLA_NESTED }, -+ [MACSEC_ATTR_TXSA_LIST] = { .type = NLA_NESTED }, -+ [MACSEC_ATTR_RXSC_LIST] = { .type = NLA_NESTED }, -+}; -+ -+static int dump_callback(struct nl_msg *msg, void *argp) -+{ -+ struct nlmsghdr *ret_hdr = nlmsg_hdr(msg); -+ struct nlattr *tb_msg[MACSEC_ATTR_MAX + 1]; -+ struct cb_arg *arg = (struct cb_arg *) argp; -+ struct genlmsghdr *gnlh = (struct genlmsghdr *) nlmsg_data(ret_hdr); -+ int err; -+ -+ if (ret_hdr->nlmsg_type != arg->drv->ctx.macsec_genl_id) -+ return 0; -+ -+ err = nla_parse(tb_msg, MACSEC_ATTR_MAX, genlmsg_attrdata(gnlh, 0), -+ genlmsg_attrlen(gnlh, 0), main_policy); -+ if (err < 0) -+ return 0; -+ -+ if (!tb_msg[MACSEC_ATTR_IFINDEX]) -+ return 0; -+ -+ if (nla_get_u32(tb_msg[MACSEC_ATTR_IFINDEX]) != (u32) arg->ifindex) -+ return 0; -+ -+ if (arg->txsa < 4 && !tb_msg[MACSEC_ATTR_TXSA_LIST]) { -+ return 0; -+ } else if (arg->txsa < 4) { -+ struct nlattr *nla; -+ int rem; -+ -+ nla_for_each_nested(nla, tb_msg[MACSEC_ATTR_TXSA_LIST], rem) { -+ struct nlattr *tb[MACSEC_SA_ATTR_MAX + 1]; -+ -+ err = nla_parse_nested(tb, MACSEC_SA_ATTR_MAX, nla, -+ sa_policy); -+ if (err < 0) -+ continue; -+ if (!tb[MACSEC_SA_ATTR_AN]) -+ continue; -+ if (nla_get_u8(tb[MACSEC_SA_ATTR_AN]) != arg->txsa) -+ continue; -+ if (!tb[MACSEC_SA_ATTR_PN]) -+ return 0; -+ *arg->pn = nla_get_u32(tb[MACSEC_SA_ATTR_PN]); -+ return 0; -+ } -+ -+ return 0; -+ } -+ -+ if (arg->rxsci == UNUSED_SCI) -+ return 0; -+ -+ if (tb_msg[MACSEC_ATTR_RXSC_LIST]) { -+ struct nlattr *nla; -+ int rem; -+ -+ nla_for_each_nested(nla, tb_msg[MACSEC_ATTR_RXSC_LIST], rem) { -+ struct nlattr *tb[MACSEC_RXSC_ATTR_MAX + 1]; -+ -+ err = nla_parse_nested(tb, MACSEC_RXSC_ATTR_MAX, nla, -+ sc_policy); -+ if (err < 0) -+ return 0; -+ if (!tb[MACSEC_RXSC_ATTR_SCI]) -+ continue; -+ if (nla_get_u64(tb[MACSEC_RXSC_ATTR_SCI]) != arg->rxsci) -+ continue; -+ if (!tb[MACSEC_RXSC_ATTR_SA_LIST]) -+ return 0; -+ -+ nla_for_each_nested(nla, tb[MACSEC_RXSC_ATTR_SA_LIST], -+ rem) { -+ struct nlattr *tb_sa[MACSEC_SA_ATTR_MAX + 1]; -+ -+ err = nla_parse_nested(tb_sa, -+ MACSEC_SA_ATTR_MAX, nla, -+ sa_policy); -+ if (err < 0) -+ continue; -+ if (!tb_sa[MACSEC_SA_ATTR_AN]) -+ continue; -+ if (nla_get_u8(tb_sa[MACSEC_SA_ATTR_AN]) != -+ arg->rxsa) -+ continue; -+ if (!tb_sa[MACSEC_SA_ATTR_PN]) -+ return 0; -+ *arg->pn = -+ nla_get_u32(tb_sa[MACSEC_SA_ATTR_PN]); -+ -+ return 0; -+ } -+ -+ return 0; -+ } -+ -+ return 0; -+ } -+ -+ return 0; -+} -+ -+ -+static int nl_send_recv(struct nl_sock *sk, struct nl_msg *msg) -+{ -+ int ret; -+ -+ ret = nl_send_auto_complete(sk, msg); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "%s: failed to send: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ return ret; -+ } -+ -+ ret = nl_recvmsgs_default(sk); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "%s: failed to recv: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ } -+ -+ return ret; -+} -+ -+ -+static int do_dump(struct macsec_drv_data *drv, u8 txsa, u64 rxsci, u8 rxsa, -+ u32 *pn) -+{ -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ struct nl_msg *msg; -+ int ret = 1; -+ -+ ctx->cb_arg.ifindex = drv->ifi; -+ ctx->cb_arg.rxsci = rxsci; -+ ctx->cb_arg.rxsa = rxsa; -+ ctx->cb_arg.txsa = txsa; -+ ctx->cb_arg.pn = pn; -+ -+ msg = nlmsg_alloc(); -+ if (!msg) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "%s: failed to alloc message", -+ __func__); -+ return 1; -+ } -+ -+ if (!genlmsg_put(msg, NL_AUTO_PORT, NL_AUTO_SEQ, ctx->macsec_genl_id, 0, -+ NLM_F_DUMP, MACSEC_CMD_GET_TXSC, 0)) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "%s: failed to put header", -+ __func__); -+ goto out_free_msg; -+ } -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "failed to communicate: %d (%s)", -+ ret, nl_geterror(-ret)); -+ -+ ctx->cb_arg.pn = 0; -+ -+out_free_msg: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+/** -+ * macsec_drv_get_receive_lowest_pn - Get receive lowest PN -+ * @priv: Private driver interface data -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+static int macsec_drv_get_receive_lowest_pn(void *priv, struct receive_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ int err; -+ -+ wpa_printf(MSG_DEBUG, DRV_PREFIX "%s", __func__); -+ -+ err = do_dump(drv, 0xff, mka_sci_u64(&sa->sc->sci), sa->an, -+ &sa->lowest_pn); -+ wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: result %d", __func__, -+ sa->lowest_pn); -+ -+ return err; -+} -+ -+ -+/** -+ * macsec_drv_get_transmit_next_pn - Get transmit next PN -+ * @priv: Private driver interface data -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+static int macsec_drv_get_transmit_next_pn(void *priv, struct transmit_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ int err; -+ -+ wpa_printf(MSG_DEBUG, "%s", __func__); -+ -+ err = do_dump(drv, sa->an, UNUSED_SCI, 0xff, &sa->next_pn); -+ wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: err %d result %d", __func__, err, -+ sa->next_pn); -+ return err; -+} -+ -+ -+/** -+ * macsec_drv_set_transmit_next_pn - Set transmit next pn -+ * @priv: Private driver interface data -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+static int macsec_drv_set_transmit_next_pn(void *priv, struct transmit_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ struct nl_msg *msg; -+ struct nlattr *nest; -+ int ret = -1; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %d: %d", __func__, sa->an, sa->next_pn); -+ -+ msg = msg_prepare(MACSEC_CMD_UPD_TXSA, ctx, drv->ifi); -+ if (!msg) -+ return ret; -+ -+ nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); -+ if (!nest) -+ goto nla_put_failure; -+ -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); -+ NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); -+ -+ nla_nest_end(msg, nest); -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "failed to communicate: %d (%s)", -+ ret, nl_geterror(-ret)); -+ } -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+#define SCISTR MACSTR "::%hx" -+#define SCI2STR(addr, port) MAC2STR(addr), htons(port) -+ -+/** -+ * macsec_drv_create_receive_sc - Create secure channel for receiving -+ * @priv: Private driver interface data -+ * @sc: secure channel -+ * @sci_addr: secure channel identifier - address -+ * @sci_port: secure channel identifier - port -+ * @conf_offset: confidentiality offset (0, 30, or 50) -+ * @validation: frame validation policy (0 = Disabled, 1 = Checked, -+ * 2 = Strict) -+ * Returns: 0 on success, -1 on failure (or if not supported) -+ */ -+static int macsec_drv_create_receive_sc(void *priv, struct receive_sc *sc, -+ unsigned int conf_offset, -+ int validation) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ struct nl_msg *msg; -+ int ret = -1; -+ -+ wpa_printf(MSG_DEBUG, "%s -> " SCISTR, __func__, -+ SCI2STR(sc->sci.addr, sc->sci.port)); -+ -+ msg = msg_prepare(MACSEC_CMD_ADD_RXSC, ctx, drv->ifi); -+ if (!msg) -+ return ret; -+ -+ if (nla_put_rxsc_config(msg, mka_sci_u64(&sc->sci))) -+ goto nla_put_failure; -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "%s: failed to communicate: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ } -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+/** -+ * macsec_drv_delete_receive_sc - Delete secure connection for receiving -+ * @priv: private driver interface data from init() -+ * @sc: secure channel -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_delete_receive_sc(void *priv, struct receive_sc *sc) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ struct nl_msg *msg; -+ int ret = -1; -+ -+ wpa_printf(MSG_DEBUG, "%s -> " SCISTR, __func__, -+ SCI2STR(sc->sci.addr, sc->sci.port)); -+ -+ msg = msg_prepare(MACSEC_CMD_DEL_RXSC, ctx, drv->ifi); -+ if (!msg) -+ return ret; -+ -+ if (nla_put_rxsc_config(msg, mka_sci_u64(&sc->sci))) -+ goto nla_put_failure; -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "%s: failed to communicate: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ } -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+/** -+ * macsec_drv_create_receive_sa - Create secure association for receive -+ * @priv: private driver interface data from init() -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_create_receive_sa(void *priv, struct receive_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ struct nl_msg *msg; -+ struct nlattr *nest; -+ int ret = -1; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %d on " SCISTR, __func__, sa->an, -+ SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); -+ -+ msg = msg_prepare(MACSEC_CMD_ADD_RXSA, ctx, drv->ifi); -+ if (!msg) -+ return ret; -+ -+ if (nla_put_rxsc_config(msg, mka_sci_u64(&sa->sc->sci))) -+ goto nla_put_failure; -+ -+ nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); -+ if (!nest) -+ goto nla_put_failure; -+ -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, sa->enable_receive); -+ NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); -+ NLA_PUT(msg, MACSEC_SA_ATTR_KEYID, sizeof(sa->pkey->key_identifier), -+ &sa->pkey->key_identifier); -+ NLA_PUT(msg, MACSEC_SA_ATTR_KEY, sa->pkey->key_len, sa->pkey->key); -+ -+ nla_nest_end(msg, nest); -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "%s: failed to communicate: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ } -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+/** -+ * macsec_drv_delete_receive_sa - Delete secure association for receive -+ * @priv: private driver interface data from init() -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_delete_receive_sa(void *priv, struct receive_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ struct nl_msg *msg; -+ struct nlattr *nest; -+ int ret = -1; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %d on " SCISTR, __func__, sa->an, -+ SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); -+ -+ msg = msg_prepare(MACSEC_CMD_DEL_RXSA, ctx, drv->ifi); -+ if (!msg) -+ return ret; -+ -+ if (nla_put_rxsc_config(msg, mka_sci_u64(&sa->sc->sci))) -+ goto nla_put_failure; -+ -+ nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); -+ if (!nest) -+ goto nla_put_failure; -+ -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); -+ -+ nla_nest_end(msg, nest); -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "%s: failed to communicate: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ } -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+static int set_active_rx_sa(const struct macsec_genl_ctx *ctx, int ifindex, -+ u64 sci, unsigned char an, Boolean state) -+{ -+ struct nl_msg *msg; -+ struct nlattr *nest; -+ int ret = -1; -+ -+ msg = msg_prepare(MACSEC_CMD_UPD_RXSA, ctx, ifindex); -+ if (!msg) -+ return ret; -+ -+ if (nla_put_rxsc_config(msg, sci)) -+ goto nla_put_failure; -+ -+ nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); -+ if (!nest) -+ goto nla_put_failure; -+ -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, an); -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, !!state); -+ -+ nla_nest_end(msg, nest); -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "%s: failed to communicate: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+/** -+ * macsec_drv_enable_receive_sa - Enable the SA for receive -+ * @priv: private driver interface data from init() -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_enable_receive_sa(void *priv, struct receive_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %d on " SCISTR, __func__, sa->an, -+ SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); -+ -+ return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci), -+ sa->an, TRUE); -+} -+ -+ -+/** -+ * macsec_drv_disable_receive_sa - Disable SA for receive -+ * @priv: private driver interface data from init() -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_disable_receive_sa(void *priv, struct receive_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %d on " SCISTR, __func__, sa->an, -+ SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); -+ -+ return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci), -+ sa->an, FALSE); -+} -+ -+ -+static struct rtnl_link * lookup_sc(struct nl_cache *cache, int parent, u64 sci) -+{ -+ struct rtnl_link *needle; -+ void *match; -+ -+ needle = rtnl_link_macsec_alloc(); -+ if (!needle) -+ return NULL; -+ -+ rtnl_link_set_link(needle, parent); -+ rtnl_link_macsec_set_sci(needle, sci); -+ -+ match = nl_cache_find(cache, (struct nl_object *) needle); -+ rtnl_link_put(needle); -+ -+ return (struct rtnl_link *) match; -+} -+ -+ -+/** -+ * macsec_drv_create_transmit_sc - Create secure connection for transmit -+ * @priv: private driver interface data from init() -+ * @sc: secure channel -+ * @conf_offset: confidentiality offset -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_create_transmit_sc( -+ void *priv, struct transmit_sc *sc, -+ enum confidentiality_offset conf_offset) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct rtnl_link *link; -+ char *ifname; -+ u64 sci; -+ int err; -+ -+ wpa_printf(MSG_DEBUG, "%s", __func__); -+ -+ link = rtnl_link_macsec_alloc(); -+ if (!link) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't allocate link"); -+ return -1; -+ } -+ -+ rtnl_link_set_link(link, drv->parent_ifi); -+ -+ sci = mka_sci_u64(&sc->sci); -+ rtnl_link_macsec_set_sci(link, sci); -+ -+ drv->created_link = TRUE; -+ -+ err = rtnl_link_add(drv->sk, link, NLM_F_CREATE); -+ if (err == -NLE_BUSY) { -+ wpa_printf(MSG_INFO, -+ DRV_PREFIX "link already exists, using it"); -+ drv->created_link = FALSE; -+ } else if (err < 0) { -+ rtnl_link_put(link); -+ wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't create link: err %d", -+ err); -+ return err; -+ } -+ -+ rtnl_link_put(link); -+ -+ nl_cache_refill(drv->sk, drv->link_cache); -+ link = lookup_sc(drv->link_cache, drv->parent_ifi, sci); -+ if (!link) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't find link"); -+ return -1; -+ } -+ -+ drv->ifi = rtnl_link_get_ifindex(link); -+ ifname = rtnl_link_get_name(link); -+ os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); -+ rtnl_link_put(link); -+ -+ drv->link = rtnl_link_macsec_alloc(); -+ if (!drv->link) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't allocate link"); -+ return -1; -+ } -+ -+ rtnl_link_set_name(drv->link, drv->ifname); -+ -+ /* In case some settings have already been done but we couldn't apply -+ * them. */ -+ return try_commit(drv); -+} -+ -+ -+/** -+ * macsec_drv_delete_transmit_sc - Delete secure connection for transmit -+ * @priv: private driver interface data from init() -+ * @sc: secure channel -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_delete_transmit_sc(void *priv, struct transmit_sc *sc) -+{ -+ struct macsec_drv_data *drv = priv; -+ int err; -+ -+ wpa_printf(MSG_DEBUG, "%s", __func__); -+ -+ if (!drv->created_link) { -+ rtnl_link_put(drv->link); -+ drv->link = NULL; -+ wpa_printf(MSG_DEBUG, DRV_PREFIX -+ "we didn't create the link, leave it alone"); -+ return 0; -+ } -+ -+ err = rtnl_link_delete(drv->sk, drv->link); -+ if (err < 0) -+ wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't delete link"); -+ rtnl_link_put(drv->link); -+ drv->link = NULL; -+ -+ return err; -+} -+ -+ -+/** -+ * macsec_drv_create_transmit_sa - Create secure association for transmit -+ * @priv: private driver interface data from init() -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_create_transmit_sa(void *priv, struct transmit_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ struct nl_msg *msg; -+ struct nlattr *nest; -+ int ret = -1; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %d", __func__, sa->an); -+ -+ msg = msg_prepare(MACSEC_CMD_ADD_TXSA, ctx, drv->ifi); -+ if (!msg) -+ return ret; -+ -+ nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); -+ if (!nest) -+ goto nla_put_failure; -+ -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); -+ NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); -+ NLA_PUT(msg, MACSEC_SA_ATTR_KEYID, sizeof(sa->pkey->key_identifier), -+ &sa->pkey->key_identifier); -+ NLA_PUT(msg, MACSEC_SA_ATTR_KEY, sa->pkey->key_len, sa->pkey->key); -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, sa->enable_transmit); -+ -+ nla_nest_end(msg, nest); -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "%s: failed to communicate: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ } -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+/** -+ * macsec_drv_delete_transmit_sa - Delete secure association for transmit -+ * @priv: private driver interface data from init() -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_delete_transmit_sa(void *priv, struct transmit_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ struct nl_msg *msg; -+ struct nlattr *nest; -+ int ret = -1; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %d", __func__, sa->an); -+ -+ msg = msg_prepare(MACSEC_CMD_DEL_TXSA, ctx, drv->ifi); -+ if (!msg) -+ return ret; -+ -+ nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); -+ if (!nest) -+ goto nla_put_failure; -+ -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); -+ -+ nla_nest_end(msg, nest); -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "%s: failed to communicate: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ } -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+static int set_active_tx_sa(const struct macsec_genl_ctx *ctx, int ifindex, -+ unsigned char an, Boolean state) -+{ -+ struct nl_msg *msg; -+ struct nlattr *nest; -+ int ret = -1; -+ -+ msg = msg_prepare(MACSEC_CMD_UPD_TXSA, ctx, ifindex); -+ if (!msg) -+ return ret; -+ -+ nest = nla_nest_start(msg, MACSEC_ATTR_SA_CONFIG); -+ if (!nest) -+ goto nla_put_failure; -+ -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, an); -+ NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, !!state); -+ -+ nla_nest_end(msg, nest); -+ -+ ret = nl_send_recv(ctx->sk, msg); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, -+ DRV_PREFIX "%s: failed to communicate: %d (%s)", -+ __func__, ret, nl_geterror(-ret)); -+ } -+ -+nla_put_failure: -+ nlmsg_free(msg); -+ return ret; -+} -+ -+ -+/** -+ * macsec_drv_enable_transmit_sa - Enable SA for transmit -+ * @priv: private driver interface data from init() -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_enable_transmit_sa(void *priv, struct transmit_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ int ret; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %d", __func__, sa->an); -+ -+ ret = set_active_tx_sa(ctx, drv->ifi, sa->an, TRUE); -+ if (ret < 0) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "failed to enable txsa"); -+ return ret; -+ } -+ -+ drv->encoding_sa_set = TRUE; -+ drv->encoding_sa = sa->an; -+ -+ return try_commit(drv); -+} -+ -+ -+/** -+ * macsec_drv_disable_transmit_sa - Disable SA for transmit -+ * @priv: private driver interface data from init() -+ * @sa: secure association -+ * Returns: 0 on success, -1 on failure -+ */ -+static int macsec_drv_disable_transmit_sa(void *priv, struct transmit_sa *sa) -+{ -+ struct macsec_drv_data *drv = priv; -+ struct macsec_genl_ctx *ctx = &drv->ctx; -+ -+ wpa_printf(MSG_DEBUG, "%s -> %d", __func__, sa->an); -+ -+ return set_active_tx_sa(ctx, drv->ifi, sa->an, FALSE); -+} -+ -+ -+const struct wpa_driver_ops wpa_driver_macsec_linux_ops = { -+ .name = "macsec_linux", -+ .desc = "MACsec Ethernet driver for Linux", -+ .get_ssid = driver_wired_get_ssid, -+ .get_bssid = driver_wired_get_bssid, -+ .get_capa = driver_wired_get_capa, -+ .init = macsec_drv_wpa_init, -+ .deinit = macsec_drv_wpa_deinit, -+ -+ .macsec_init = macsec_drv_macsec_init, -+ .macsec_deinit = macsec_drv_macsec_deinit, -+ .macsec_get_capability = macsec_drv_get_capability, -+ .enable_protect_frames = macsec_drv_enable_protect_frames, -+ .enable_encrypt = macsec_drv_enable_encrypt, -+ .set_replay_protect = macsec_drv_set_replay_protect, -+ .set_current_cipher_suite = macsec_drv_set_current_cipher_suite, -+ .enable_controlled_port = macsec_drv_enable_controlled_port, -+ .get_receive_lowest_pn = macsec_drv_get_receive_lowest_pn, -+ .get_transmit_next_pn = macsec_drv_get_transmit_next_pn, -+ .set_transmit_next_pn = macsec_drv_set_transmit_next_pn, -+ .create_receive_sc = macsec_drv_create_receive_sc, -+ .delete_receive_sc = macsec_drv_delete_receive_sc, -+ .create_receive_sa = macsec_drv_create_receive_sa, -+ .delete_receive_sa = macsec_drv_delete_receive_sa, -+ .enable_receive_sa = macsec_drv_enable_receive_sa, -+ .disable_receive_sa = macsec_drv_disable_receive_sa, -+ .create_transmit_sc = macsec_drv_create_transmit_sc, -+ .delete_transmit_sc = macsec_drv_delete_transmit_sc, -+ .create_transmit_sa = macsec_drv_create_transmit_sa, -+ .delete_transmit_sa = macsec_drv_delete_transmit_sa, -+ .enable_transmit_sa = macsec_drv_enable_transmit_sa, -+ .disable_transmit_sa = macsec_drv_disable_transmit_sa, -+}; -diff --git a/src/drivers/drivers.c b/src/drivers/drivers.c -index 00773a7..e95df6d 100644 ---- a/src/drivers/drivers.c -+++ b/src/drivers/drivers.c -@@ -34,6 +34,9 @@ const struct wpa_driver_ops *const wpa_drivers[] = - #ifdef CONFIG_DRIVER_WIRED - &wpa_driver_wired_ops, - #endif /* CONFIG_DRIVER_WIRED */ -+#ifdef CONFIG_DRIVER_MACSEC_LINUX -+ &wpa_driver_macsec_linux_ops, -+#endif /* CONFIG_DRIVER_MACSEC_LINUX */ - #ifdef CONFIG_DRIVER_MACSEC_QCA - &wpa_driver_macsec_qca_ops, - #endif /* CONFIG_DRIVER_MACSEC_QCA */ -diff --git a/src/drivers/drivers.mak b/src/drivers/drivers.mak -index 282da50..1496b47 100644 ---- a/src/drivers/drivers.mak -+++ b/src/drivers/drivers.mak -@@ -18,6 +18,13 @@ DRV_OBJS += ../src/drivers/driver_wired.o - NEED_DRV_WIRED_COMMON=1 - endif - -+ifdef CONFIG_DRIVER_MACSEC_LINUX -+DRV_CFLAGS += -DCONFIG_DRIVER_MACSEC_LINUX -+DRV_OBJS += ../src/drivers/driver_macsec_linux.o -+NEED_DRV_WIRED_COMMON=1 -+CONFIG_LIBNL3_ROUTE=y -+endif -+ - ifdef CONFIG_DRIVER_MACSEC_QCA - DRV_CFLAGS += -DCONFIG_DRIVER_MACSEC_QCA - DRV_OBJS += ../src/drivers/driver_macsec_qca.o -diff --git a/src/drivers/drivers.mk b/src/drivers/drivers.mk -index 508f834..cd25133 100644 ---- a/src/drivers/drivers.mk -+++ b/src/drivers/drivers.mk -@@ -18,6 +18,13 @@ DRV_OBJS += src/drivers/driver_wired.c - NEED_DRV_WIRED_COMMON=1 - endif - -+ifdef CONFIG_DRIVER_MACSEC_LINUX -+DRV_CFLAGS += -DCONFIG_DRIVER_MACSEC_LINUX -+DRV_OBJS += src/drivers/driver_macsec_linux.c -+NEED_DRV_WIRED_COMMON=1 -+CONFIG_LIBNL3_ROUTE=y -+endif -+ - ifdef NEED_DRV_WIRED_COMMON - DRV_OBJS += src/drivers/driver_wired_common.c - endif -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 3a495ca..1d6d9a9 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -379,6 +379,17 @@ ieee802_1x_kay_get_cipher_suite(struct ieee802_1x_mka_participant *participant, - } - - -+u64 mka_sci_u64(struct ieee802_1x_mka_sci *sci) -+{ -+ struct ieee802_1x_mka_sci tmp; -+ -+ os_memcpy(tmp.addr, sci->addr, ETH_ALEN); -+ tmp.port = sci->port; -+ -+ return *((u64 *) &tmp); -+} -+ -+ - static Boolean sci_equal(const struct ieee802_1x_mka_sci *a, - const struct ieee802_1x_mka_sci *b) - { -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index ea5a0dd..9a92d1c 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -231,6 +231,8 @@ struct ieee802_1x_kay { - }; - - -+u64 mka_sci_u64(struct ieee802_1x_mka_sci *sci); -+ - struct ieee802_1x_kay * - ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - u16 port, const char *ifname, const u8 *addr); --- -2.7.4 - diff --git a/macsec-0030-mka-Remove-references-to-macsec_qca-from-wpa_supplic.patch b/macsec-0030-mka-Remove-references-to-macsec_qca-from-wpa_supplic.patch deleted file mode 100644 index 88226028794d9e76553ab480c3860d214f9de012..0000000000000000000000000000000000000000 --- a/macsec-0030-mka-Remove-references-to-macsec_qca-from-wpa_supplic.patch +++ /dev/null @@ -1,49 +0,0 @@ -From ba5ea116873a2f4046e4d3f37ab8215a3846f614 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Sabrina Dubroca -Date: Sun, 27 Nov 2016 20:08:56 +0100 -Subject: [PATCH] mka: Remove references to macsec_qca from wpa_supplicant.conf - -Make the documentation generic, as this is no longer the only macsec -driver. - -Signed-off-by: Sabrina Dubroca ---- - wpa_supplicant/wpa_supplicant.conf | 10 ++++------ - 1 file changed, 4 insertions(+), 6 deletions(-) - -diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf -index 82aa24e..edb230d 100644 ---- a/wpa_supplicant/wpa_supplicant.conf -+++ b/wpa_supplicant/wpa_supplicant.conf -@@ -98,9 +98,7 @@ eapol_version=1 - # parameters (e.g., WPA IE generation); this mode can also be used with - # non-WPA drivers when using IEEE 802.1X mode; do not try to associate with - # APs (i.e., external program needs to control association). This mode must --# also be used when using wired Ethernet drivers. --# Note: macsec_qca driver is one type of Ethernet driver which implements --# macsec feature. -+# also be used when using wired Ethernet drivers (including MACsec). - # 2: like 0, but associate with APs using security policy and SSID (but not - # BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to - # enable operation with hidden SSIDs and optimized roaming; in this mode, -@@ -881,13 +879,13 @@ fast_reauth=1 - # bit0 (1): require dynamically generated unicast WEP key - # bit1 (2): require dynamically generated broadcast WEP key - # (3 = require both keys; default) --# Note: When using wired authentication (including macsec_qca driver), -+# Note: When using wired authentication (including MACsec drivers), - # eapol_flags must be set to 0 for the authentication to be completed - # successfully. - # - # macsec_policy: IEEE 802.1X/MACsec options --# This determines how sessions are secured with MACsec. It is currently --# applicable only when using the macsec_qca driver interface. -+# This determines how sessions are secured with MACsec (only for MACsec -+# drivers). - # 0: MACsec not in use (default) - # 1: MACsec enabled - Should secure, accept key server's advice to - # determine whether to use a secure session or not. --- -2.7.4 - diff --git a/macsec-0031-PAE-Make-KaY-specific-details-available-via-control-.patch b/macsec-0031-PAE-Make-KaY-specific-details-available-via-control-.patch deleted file mode 100644 index 22633153b5d5a62e9bbc743dc001261623fbc3dc..0000000000000000000000000000000000000000 --- a/macsec-0031-PAE-Make-KaY-specific-details-available-via-control-.patch +++ /dev/null @@ -1,120 +0,0 @@ -From 7508c2ad99cef6d0691190063ec7735b7759f836 Mon Sep 17 00:00:00 2001 -Message-Id: <7508c2ad99cef6d0691190063ec7735b7759f836.1488376602.git.dcaratti@redhat.com> -From: Badrish Adiga H R -Date: Fri, 16 Dec 2016 01:40:53 +0530 -Subject: [PATCH] PAE: Make KaY specific details available via control - interface - -Add KaY details to the STATUS command output. - -Signed-off-by: Badrish Adiga H R ---- - src/pae/ieee802_1x_kay.c | 49 +++++++++++++++++++++++++++++++++++++++++++++ - src/pae/ieee802_1x_kay.h | 3 +++ - wpa_supplicant/ctrl_iface.c | 6 ++++++ - 3 files changed, 58 insertions(+) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 1d6d9a9..cf5782a 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -1641,6 +1641,7 @@ ieee802_1x_mka_decode_dist_sak_body( - ieee802_1x_cp_signal_newsak(kay->cp); - ieee802_1x_cp_sm_step(kay->cp); - -+ kay->rcvd_keys++; - participant->to_use_sak = TRUE; - - return 0; -@@ -3519,3 +3520,51 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay, - - return 0; - } -+ -+ -+#ifdef CONFIG_CTRL_IFACE -+/** -+ * ieee802_1x_kay_get_status - Get IEEE 802.1X KaY status details -+ * @sm: Pointer to KaY allocated with ieee802_1x_kay_init() -+ * @buf: Buffer for status information -+ * @buflen: Maximum buffer length -+ * @verbose: Whether to include verbose status information -+ * Returns: Number of bytes written to buf. -+ * -+ * Query KAY status information. This function fills in a text area with current -+ * status information. If the buffer (buf) is not large enough, status -+ * information will be truncated to fit the buffer. -+ */ -+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf, -+ size_t buflen) -+{ -+ int len; -+ -+ if (!kay) -+ return 0; -+ -+ len = os_snprintf(buf, buflen, -+ "PAE KaY status=%s\n" -+ "Authenticated=%s\n" -+ "Secured=%s\n" -+ "Failed=%s\n" -+ "Actor Priority=%u\n" -+ "Key Server Priority=%u\n" -+ "Is Key Server=%s\n" -+ "Number of Keys Distributed=%u\n" -+ "Number of Keys Received=%u\n", -+ kay->active ? "Active" : "Not-Active", -+ kay->authenticated ? "Yes" : "No", -+ kay->secured ? "Yes" : "No", -+ kay->failed ? "Yes" : "No", -+ kay->actor_priority, -+ kay->key_server_priority, -+ kay->is_key_server ? "Yes" : "No", -+ kay->dist_kn - 1, -+ kay->rcvd_keys); -+ if (os_snprintf_error(buflen, len)) -+ return 0; -+ -+ return len; -+} -+#endif /* CONFIG_CTRL_IFACE */ -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index 9a92d1c..b38e814 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -208,6 +208,7 @@ struct ieee802_1x_kay { - int mka_algindex; /* MKA alg table index */ - - u32 dist_kn; -+ u32 rcvd_keys; - u8 dist_an; - time_t dist_time; - -@@ -267,5 +268,7 @@ int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay, - int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay, - struct ieee802_1x_mka_ki *lki); - int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay); -+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf, -+ size_t buflen); - - #endif /* IEEE802_1X_KAY_H */ -diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c -index c943dee..624e894 100644 ---- a/wpa_supplicant/ctrl_iface.c -+++ b/wpa_supplicant/ctrl_iface.c -@@ -2050,6 +2050,12 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s, - pos += res; - } - -+#ifdef CONFIG_MACSEC -+ res = ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos); -+ if (res > 0) -+ pos += res; -+#endif /* CONFIG_MACSEC */ -+ - sess_id = eapol_sm_get_session_id(wpa_s->eapol, &sess_id_len); - if (sess_id) { - char *start = pos; --- -2.7.4 - diff --git a/macsec-0032-mka-Make-MKA-actor-priority-configurable.patch b/macsec-0032-mka-Make-MKA-actor-priority-configurable.patch deleted file mode 100644 index 5c22764f44032604fa9e3e7df86c9e88e47c918b..0000000000000000000000000000000000000000 --- a/macsec-0032-mka-Make-MKA-actor-priority-configurable.patch +++ /dev/null @@ -1,176 +0,0 @@ -From 65dfa872862641c17e4f6276c56fad0a6c18d219 Mon Sep 17 00:00:00 2001 -Message-Id: <65dfa872862641c17e4f6276c56fad0a6c18d219.1488376602.git.dcaratti@redhat.com> -From: Badrish Adiga H R -Date: Mon, 5 Dec 2016 06:53:55 -0800 -Subject: [PATCH] mka: Make MKA actor priority configurable - -This adds a new wpa_supplicant network profile parameter -mka_priority=0..255 to set the priority of the MKA Actor. - -Signed-off-by: Badrish Adiga H R ---- - src/pae/ieee802_1x_kay.c | 4 ++-- - src/pae/ieee802_1x_kay.h | 2 +- - wpa_supplicant/config.c | 5 +++++ - wpa_supplicant/config_file.c | 2 ++ - wpa_supplicant/config_ssid.h | 7 +++++++ - wpa_supplicant/wpa_cli.c | 1 + - wpa_supplicant/wpa_supplicant.conf | 8 +++++--- - wpa_supplicant/wpas_kay.c | 3 ++- - 8 files changed, 25 insertions(+), 7 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index cf5782a..1004b32 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -3083,7 +3083,7 @@ static void kay_l2_receive(void *ctx, const u8 *src_addr, const u8 *buf, - */ - struct ieee802_1x_kay * - ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, -- u16 port, const char *ifname, const u8 *addr) -+ u16 port, u8 priority, const char *ifname, const u8 *addr) - { - struct ieee802_1x_kay *kay; - -@@ -3106,7 +3106,7 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - os_strlcpy(kay->if_name, ifname, IFNAMSIZ); - os_memcpy(kay->actor_sci.addr, addr, ETH_ALEN); - kay->actor_sci.port = host_to_be16(port ? port : 0x0001); -- kay->actor_priority = DEFAULT_PRIO_NOT_KEY_SERVER; -+ kay->actor_priority = priority; - - /* While actor acts as a key server, shall distribute sakey */ - kay->dist_kn = 1; -diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h -index b38e814..8f394fd 100644 ---- a/src/pae/ieee802_1x_kay.h -+++ b/src/pae/ieee802_1x_kay.h -@@ -236,7 +236,7 @@ u64 mka_sci_u64(struct ieee802_1x_mka_sci *sci); - - struct ieee802_1x_kay * - ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, -- u16 port, const char *ifname, const u8 *addr); -+ u16 port, u8 priority, const char *ifname, const u8 *addr); - void ieee802_1x_kay_deinit(struct ieee802_1x_kay *kay); - - struct ieee802_1x_mka_participant * -diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c -index 2120a6e..2a26d2d 100644 ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -11,6 +11,7 @@ - #include "common.h" - #include "utils/uuid.h" - #include "utils/ip_addr.h" -+#include "common/ieee802_1x_defs.h" - #include "crypto/sha1.h" - #include "rsn_supp/wpa.h" - #include "eap_peer/eap.h" -@@ -2127,6 +2128,7 @@ static const struct parse_data ssid_fields[] = { - { INT_RANGE(macsec_policy, 0, 1) }, - { INT_RANGE(macsec_integ_only, 0, 1) }, - { INT_RANGE(macsec_port, 1, 65534) }, -+ { INT_RANGE(mka_priority, 0, 255) }, - { FUNC_KEY(mka_cak) }, - { FUNC_KEY(mka_ckn) }, - #endif /* CONFIG_MACSEC */ -@@ -2617,6 +2619,9 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid) - #ifdef CONFIG_IEEE80211W - ssid->ieee80211w = MGMT_FRAME_PROTECTION_DEFAULT; - #endif /* CONFIG_IEEE80211W */ -+#ifdef CONFIG_MACSEC -+ ssid->mka_priority = DEFAULT_PRIO_NOT_KEY_SERVER; -+#endif /* CONFIG_MACSEC */ - ssid->mac_addr = -1; - } - -diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c -index b9b1d4d..98e3591 100644 ---- a/wpa_supplicant/config_file.c -+++ b/wpa_supplicant/config_file.c -@@ -19,6 +19,7 @@ - #include "config.h" - #include "base64.h" - #include "uuid.h" -+#include "common/ieee802_1x_defs.h" - #include "p2p/p2p.h" - #include "eap_peer/eap_methods.h" - #include "eap_peer/eap.h" -@@ -813,6 +814,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) - write_mka_ckn(f, ssid); - INT(macsec_integ_only); - INT(macsec_port); -+ INT_DEF(mka_priority, DEFAULT_PRIO_NOT_KEY_SERVER); - #endif /* CONFIG_MACSEC */ - #ifdef CONFIG_HS20 - INT(update_identifier); -diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h -index fe0f7fa..69ace37 100644 ---- a/wpa_supplicant/config_ssid.h -+++ b/wpa_supplicant/config_ssid.h -@@ -751,6 +751,13 @@ struct wpa_ssid { - int macsec_port; - - /** -+ * mka_priority - Priority of MKA Actor -+ * -+ * Range: 0-255 (default: 255) -+ */ -+ int mka_priority; -+ -+ /** - * mka_ckn - MKA pre-shared CKN - */ - #define MACSEC_CKN_LEN 32 -diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c -index f11028a..21adc17 100644 ---- a/wpa_supplicant/wpa_cli.c -+++ b/wpa_supplicant/wpa_cli.c -@@ -1392,6 +1392,7 @@ static const char *network_fields[] = { - "macsec_policy", - "macsec_integ_only", - "macsec_port", -+ "mka_priority", - #endif /* CONFIG_MACSEC */ - #ifdef CONFIG_HS20 - "update_identifier", -diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf -index edb230d..94cef4a 100644 ---- a/wpa_supplicant/wpa_supplicant.conf -+++ b/wpa_supplicant/wpa_supplicant.conf -@@ -901,13 +901,15 @@ fast_reauth=1 - # Port component of the SCI - # Range: 1-65534 (default: 1) - # --# mka_cak and mka_ckn: IEEE 802.1X/MACsec pre-shared authentication mode -+# mka_cak, mka_ckn, and mka_priority: IEEE 802.1X/MACsec pre-shared key mode - # This allows to configure MACsec with a pre-shared key using a (CAK,CKN) pair. --# In this mode, instances of wpa_supplicant can act as peers, one of --# which will become the key server and start distributing SAKs. -+# In this mode, instances of wpa_supplicant can act as MACsec peers. The peer -+# with lower priority will become the key server and start distributing SAKs. - # mka_cak (CAK = Secure Connectivity Association Key) takes a 16-bytes (128 bit) - # hex-string (32 hex-digits) - # mka_ckn (CKN = CAK Name) takes a 32-bytes (256 bit) hex-string (64 hex-digits) -+# mka_priority (Priority of MKA Actor) is in 0..255 range with 255 being -+# default priority - # - # mixed_cell: This option can be used to configure whether so called mixed - # cells, i.e., networks that use both plaintext and encryption in the same -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index d3fefda..d087e00 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -233,7 +233,8 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) - kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa; - - res = ieee802_1x_kay_init(kay_ctx, policy, ssid->macsec_port, -- wpa_s->ifname, wpa_s->own_addr); -+ ssid->mka_priority, wpa_s->ifname, -+ wpa_s->own_addr); - if (res == NULL) { - os_free(kay_ctx); - return -1; --- -2.7.4 - diff --git a/macsec-0033-mka-Fix-an-incorrect-update-of-participant-to_use_sa.patch b/macsec-0033-mka-Fix-an-incorrect-update-of-participant-to_use_sa.patch deleted file mode 100644 index a7c28c3da25f43b676227d42b038f708547f2fb9..0000000000000000000000000000000000000000 --- a/macsec-0033-mka-Fix-an-incorrect-update-of-participant-to_use_sa.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 7faf403f9fb39fea9a0545025cc284ef05e022a7 Mon Sep 17 00:00:00 2001 -Message-Id: <7faf403f9fb39fea9a0545025cc284ef05e022a7.1488376602.git.dcaratti@redhat.com> -From: Badrish Adiga H R -Date: Fri, 6 Jan 2017 17:47:51 +0530 -Subject: [PATCH] mka: Fix an incorrect update of participant->to_use_sak - -API ieee802_1x_mka_decode_dist_sak_body() wrongly puts -participant->to_use_sak to TRUE, if Distributed SAK Parameter Set of -length 0 is received. In MACsec PSK mode, this stale incorrect value can -create problems while re-establishing CA. In MACsec PSK mode, CA goes -down if interface goes down and ideally we should be able to -re-establish the CA once interface comes up. - -Signed-off-by: Badrish Adiga H R ---- - src/pae/ieee802_1x_kay.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 1004b32..79a6878 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -1559,7 +1559,7 @@ ieee802_1x_mka_decode_dist_sak_body( - ieee802_1x_cp_connect_authenticated(kay->cp); - ieee802_1x_cp_sm_step(kay->cp); - wpa_printf(MSG_WARNING, "KaY:The Key server advise no MACsec"); -- participant->to_use_sak = TRUE; -+ participant->to_use_sak = FALSE; - return 0; - } - --- -2.7.4 - diff --git a/macsec-0034-mka-Some-bug-fixes-for-MACsec-in-PSK-mode.patch b/macsec-0034-mka-Some-bug-fixes-for-MACsec-in-PSK-mode.patch deleted file mode 100644 index 71dc4fe4a19807ddc77702e3abc970ab21a9885b..0000000000000000000000000000000000000000 --- a/macsec-0034-mka-Some-bug-fixes-for-MACsec-in-PSK-mode.patch +++ /dev/null @@ -1,51 +0,0 @@ -From e54691106b29f41aa3081b00eb4f48e411cebc72 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Badrish Adiga H R -Date: Fri, 6 Jan 2017 15:27:10 +0530 -Subject: [PATCH] mka: Some bug fixes for MACsec in PSK mode - -Issue: ------- -The test setup has 2 peers running MACsec in PSK mode, Peer A with -MAC address higher than MAC Address of peer B. Test sequence is -1. Peer B starts with actor_priority 255 -2. Peer A starts with priority 16, becomes key server. -3. Peer A stops.. -4. Peer A restarts with priority 255, but because of the stale values -participant->is_key_server(=TRUE) and participant->is_elected(=TRUE) -it continues to remain as Key Server. -5. For peer B, key server election happens and since it has lower MAC -address as compared to MAC address of A, it becomes the key server. -Now we have 2 key servers in CA and is not correct. - -Root-cause & fix: ------------------ -When number of live peers become 0, the flags such lrx, ltx, orx, -otx, etc. need to be cleared. In MACsec PSK mode, these stale values -create problems while re-establishing CA. - -Signed-off-by: Badrish Adiga H R ---- - src/pae/ieee802_1x_kay.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 79a6878..92fd7ba 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -2378,6 +2378,12 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx) - participant->advised_capability = - MACSEC_CAP_NOT_IMPLEMENTED; - participant->to_use_sak = FALSE; -+ participant->ltx = FALSE; -+ participant->lrx = FALSE; -+ participant->otx = FALSE; -+ participant->orx = FALSE; -+ participant->is_key_server = FALSE; -+ participant->is_elected = FALSE; - kay->authenticated = TRUE; - kay->secured = FALSE; - kay->failed = FALSE; --- -2.7.4 - diff --git a/macsec-0035-mka-Send-MKPDUs-forever-if-mode-is-PSK.patch b/macsec-0035-mka-Send-MKPDUs-forever-if-mode-is-PSK.patch deleted file mode 100644 index 3ee3ab54048c912ea4f11199253524b48f0b5e59..0000000000000000000000000000000000000000 --- a/macsec-0035-mka-Send-MKPDUs-forever-if-mode-is-PSK.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 37e9f511eb0072dbce190cb21e2d48f022173b03 Mon Sep 17 00:00:00 2001 -Message-Id: <37e9f511eb0072dbce190cb21e2d48f022173b03.1488376602.git.dcaratti@redhat.com> -From: Badrish Adiga H R -Date: Tue, 7 Feb 2017 14:28:31 +0530 -Subject: [PATCH] mka: Send MKPDUs forever if mode is PSK - -Issue: When 2 peers are running MACsec in PSK mode with CA -established, if the interface goes down and comes up after -time > 10 seconds, CA does not get re-established. - -Root cause: This is because retry_count of both the peers -would have reached MAX_RETRY_CNT and stays idle for other to -respond. This is clear deadlock situation where peer A waits -for MKA packets from peer B to wake up and vice-versa. - -Fix: If MACsec is running in PSK mode, we should send MKPDUs -forever for every 2 seconds. - -Signed-off-by: Badrish Adiga H R ---- - src/pae/ieee802_1x_kay.c | 6 ++++-- - src/pae/ieee802_1x_kay_i.h | 1 + - 2 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 92fd7ba..e420fc1 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -2428,7 +2428,8 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx) - participant->new_sak = FALSE; - } - -- if (participant->retry_count < MAX_RETRY_CNT) { -+ if (participant->retry_count < MAX_RETRY_CNT || -+ participant->mode == PSK) { - ieee802_1x_participant_send_mkpdu(participant); - participant->retry_count++; - } -@@ -2828,7 +2829,7 @@ int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay) - if (!principal) - return -1; - -- if (principal->retry_count < MAX_RETRY_CNT) { -+ if (principal->retry_count < MAX_RETRY_CNT || principal->mode == PSK) { - ieee802_1x_participant_send_mkpdu(principal); - principal->retry_count++; - } -@@ -3368,6 +3369,7 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn, - participant->mka_life = MKA_LIFE_TIME / 1000 + time(NULL) + - usecs / 1000000; - } -+ participant->mode = mode; - - return participant; - -diff --git a/src/pae/ieee802_1x_kay_i.h b/src/pae/ieee802_1x_kay_i.h -index 0c4bb8e..bc522d8 100644 ---- a/src/pae/ieee802_1x_kay_i.h -+++ b/src/pae/ieee802_1x_kay_i.h -@@ -93,6 +93,7 @@ struct ieee802_1x_mka_participant { - Boolean active; - Boolean participant; - Boolean retain; -+ enum mka_created_mode mode; - - enum { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate; - --- -2.7.4 - diff --git a/macsec-0036-mka-Fix-the-order-of-operations-in-secure-channel-de.patch b/macsec-0036-mka-Fix-the-order-of-operations-in-secure-channel-de.patch deleted file mode 100644 index d72c6fd5bf49b052b0bde1b70d147506f531c85e..0000000000000000000000000000000000000000 --- a/macsec-0036-mka-Fix-the-order-of-operations-in-secure-channel-de.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 128f6a98b3d4d6ed103db759707309f451db9682 Mon Sep 17 00:00:00 2001 -Message-Id: <128f6a98b3d4d6ed103db759707309f451db9682.1488376602.git.dcaratti@redhat.com> -From: Badrish Adiga H R -Date: Sat, 18 Feb 2017 05:14:15 -0800 -Subject: [PATCH] mka: Fix the order of operations in secure channel deletion - -The correct order of deleting a secure channel is to purge all the -secure associations in the channel before actually deleting the secure -channel. - -Signed-off-by: Badrish Adiga H R ---- - src/pae/ieee802_1x_kay.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index e420fc1..3f9e53d 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -2361,9 +2361,9 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx) - &participant->rxsc_list, - struct receive_sc, list) { - if (sci_equal(&rxsc->sci, &peer->sci)) { -- secy_delete_receive_sc(kay, rxsc); - ieee802_1x_kay_deinit_receive_sc( - participant, rxsc); -+ secy_delete_receive_sc(kay, rxsc); - } - } - dl_list_del(&peer->list); -@@ -3432,11 +3432,11 @@ ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn) - while (!dl_list_empty(&participant->rxsc_list)) { - rxsc = dl_list_entry(participant->rxsc_list.next, - struct receive_sc, list); -- secy_delete_receive_sc(kay, rxsc); - ieee802_1x_kay_deinit_receive_sc(participant, rxsc); -+ secy_delete_receive_sc(kay, rxsc); - } -- secy_delete_transmit_sc(kay, participant->txsc); - ieee802_1x_kay_deinit_transmit_sc(participant, participant->txsc); -+ secy_delete_transmit_sc(kay, participant->txsc); - - os_memset(&participant->cak, 0, sizeof(participant->cak)); - os_memset(&participant->kek, 0, sizeof(participant->kek)); --- -2.7.4 - diff --git a/macsec-0037-mka-Fix-use-after-free-when-receive-secure-channels-.patch b/macsec-0037-mka-Fix-use-after-free-when-receive-secure-channels-.patch deleted file mode 100644 index ef0056e3958e888e0d1828f025a48923a2544cc5..0000000000000000000000000000000000000000 --- a/macsec-0037-mka-Fix-use-after-free-when-receive-secure-channels-.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 529d6ed7262f0015552e3b8f6eed8ea4508d7c1f Mon Sep 17 00:00:00 2001 -Message-Id: <529d6ed7262f0015552e3b8f6eed8ea4508d7c1f.1491928737.git.davide.caratti@gmail.com> -From: Davide Caratti -Date: Thu, 16 Mar 2017 14:01:54 +0100 -Subject: [PATCH] mka: Fix use-after-free when receive secure channels are - deleted - -ieee802_1x_kay_deinit_receive_sc() frees the receive secure channel data, -but secy_delete_receive_sc() still needs it. Since these two functions -are always called sequentially, secy_delete_receive_sc() can be called -from ieee802_1x_kay_deinit_receive_sc() before rxsc is freed. - -Fixes: 128f6a98b3d4 ("mka: Fix the order of operations in secure channel deletion") -Signed-off-by: Davide Caratti ---- - src/pae/ieee802_1x_kay.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 3f9e53d..31905ed 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -532,6 +532,7 @@ ieee802_1x_kay_deinit_receive_sc( - ieee802_1x_delete_receive_sa(participant->kay, psa); - - dl_list_del(&psc->list); -+ secy_delete_receive_sc(participant->kay, psc); - os_free(psc); - } - -@@ -2363,7 +2364,6 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx) - if (sci_equal(&rxsc->sci, &peer->sci)) { - ieee802_1x_kay_deinit_receive_sc( - participant, rxsc); -- secy_delete_receive_sc(kay, rxsc); - } - } - dl_list_del(&peer->list); -@@ -3433,7 +3433,6 @@ ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn) - rxsc = dl_list_entry(participant->rxsc_list.next, - struct receive_sc, list); - ieee802_1x_kay_deinit_receive_sc(participant, rxsc); -- secy_delete_receive_sc(kay, rxsc); - } - ieee802_1x_kay_deinit_transmit_sc(participant, participant->txsc); - secy_delete_transmit_sc(kay, participant->txsc); --- -2.7.4 - diff --git a/macsec-0038-mka-Fix-use-after-free-when-transmit-secure-channels.patch b/macsec-0038-mka-Fix-use-after-free-when-transmit-secure-channels.patch deleted file mode 100644 index 5c1b815f46d2161459be86dfe0bb3ba9baaa8cce..0000000000000000000000000000000000000000 --- a/macsec-0038-mka-Fix-use-after-free-when-transmit-secure-channels.patch +++ /dev/null @@ -1,41 +0,0 @@ -From e50df5d2a265a462b0efc056d360649608f160bf Mon Sep 17 00:00:00 2001 -Message-Id: -From: Davide Caratti -Date: Thu, 16 Mar 2017 14:01:55 +0100 -Subject: [PATCH] mka: Fix use-after-free when transmit secure channels are - deleted - -ieee802_1x_kay_deinit_transmit_sc() frees the transmit secure channel -data, but secy_delete_transmit_sc() still needs it. Since this functions -are called sequentially, secy_delete_transmit_sc() can be called from -ieee802_1x_kay_deinit_transmit_sc() before txsc is freed. - -Fixes: 128f6a98b3d4 ("mka: Fix the order of operations in secure channel deletion") -Signed-off-by: Davide Caratti ---- - src/pae/ieee802_1x_kay.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index 31905ed..1d4ed89 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -2546,6 +2546,7 @@ ieee802_1x_kay_deinit_transmit_sc( - dl_list_for_each_safe(psa, tmp, &psc->sa_list, struct transmit_sa, list) - ieee802_1x_delete_transmit_sa(participant->kay, psa); - -+ secy_delete_transmit_sc(participant->kay, psc); - os_free(psc); - } - -@@ -3435,7 +3436,6 @@ ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn) - ieee802_1x_kay_deinit_receive_sc(participant, rxsc); - } - ieee802_1x_kay_deinit_transmit_sc(participant, participant->txsc); -- secy_delete_transmit_sc(kay, participant->txsc); - - os_memset(&participant->cak, 0, sizeof(participant->cak)); - os_memset(&participant->kek, 0, sizeof(participant->kek)); --- -2.7.4 - diff --git a/macsec-0039-macsec_linux-Fix-NULL-pointer-dereference-on-error-c.patch b/macsec-0039-macsec_linux-Fix-NULL-pointer-dereference-on-error-c.patch deleted file mode 100644 index 338b76699c7b9d6e969493f2b3c33882d267ece8..0000000000000000000000000000000000000000 --- a/macsec-0039-macsec_linux-Fix-NULL-pointer-dereference-on-error-c.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 5db86df6a849684fda6a7ee53978a1ba931848cb Mon Sep 17 00:00:00 2001 -Message-Id: <5db86df6a849684fda6a7ee53978a1ba931848cb.1491601565.git.davide.caratti@gmail.com> -From: Davide Caratti -Date: Fri, 24 Mar 2017 10:25:24 +0100 -Subject: [PATCH] macsec_linux: Fix NULL pointer dereference on error cases - -In case wpa_supplicant is using driver_macsec_linux, but macsec module -is not (yet) loaded in the kernel, nl_socket_alloc() fails and drv->sk -is NULL. In this case, don't call libnl functions rntl_link_add() or -rtnl_link_change() using such NULL pointer, to prevent program from -getting segmentation faults like: - - Program received signal SIGSEGV, Segmentation fault. - nl_socket_get_local_port (sk=sk@entry=0x0) at socket.c:365 - 365 if (sk->s_local.nl_pid == 0) { - (gdb) p sk - $1 = (const struct nl_sock *) 0x0 - (gdb) bt - #0 nl_socket_get_local_port (sk=sk@entry=0x0) at socket.c:365 - #1 0x00007ffff79c56a0 in nl_complete_msg (sk=sk@entry=0x0, - msg=msg@entry=0x55555595a1f0) at nl.c:491 - #2 0x00007ffff79c56d1 in nl_send_auto (sk=sk@entry=0x0, - msg=msg@entry=0x55555595a1f0) at nl.c:522 - #3 0x00007ffff79c652f in nl_send_sync (sk=sk@entry=0x0, - msg=0x55555595a1f0) at nl.c:556 - #4 0x00007ffff755faf5 in rtnl_link_add (sk=0x0, - link=link@entry=0x55555595b0f0, flags=flags@entry=1024) at route/link.c:1548 - #5 0x000055555567a298 in macsec_drv_create_transmit_sc (priv=0x55555593b130, - sc=0x55555593b320, conf_offset=) at ../src/drivers/driver_macsec_linux.c:998 - -Signed-off-by: Davide Caratti ---- - src/drivers/driver_macsec_linux.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/src/drivers/driver_macsec_linux.c b/src/drivers/driver_macsec_linux.c -index 5dab77a..0694e60 100644 ---- a/src/drivers/driver_macsec_linux.c -+++ b/src/drivers/driver_macsec_linux.c -@@ -168,6 +168,9 @@ static int try_commit(struct macsec_drv_data *drv) - { - int err; - -+ if (!drv->sk) -+ return 0; -+ - if (!drv->link) - return 0; - -@@ -982,6 +985,11 @@ static int macsec_drv_create_transmit_sc( - - wpa_printf(MSG_DEBUG, "%s", __func__); - -+ if (!drv->sk) { -+ wpa_printf(MSG_ERROR, DRV_PREFIX "NULL rtnl socket"); -+ return -1; -+ } -+ - link = rtnl_link_macsec_alloc(); - if (!link) { - wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't allocate link"); -@@ -1048,6 +1056,9 @@ static int macsec_drv_delete_transmit_sc(void *priv, struct transmit_sc *sc) - - wpa_printf(MSG_DEBUG, "%s", __func__); - -+ if (!drv->sk) -+ return 0; -+ - if (!drv->created_link) { - rtnl_link_put(drv->link); - drv->link = NULL; --- -2.7.4 - diff --git a/rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch b/rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch deleted file mode 100644 index a62b52c6b9a83576a52943b08c50fa86eb146df6..0000000000000000000000000000000000000000 --- a/rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 3e34cfdff6b192fe337c6fb3f487f73e96582961 Mon Sep 17 00:00:00 2001 -From: Mathy Vanhoef -Date: Sun, 15 Jul 2018 01:25:53 +0200 -Subject: [PATCH] WPA: Ignore unauthenticated encrypted EAPOL-Key data - -Ignore unauthenticated encrypted EAPOL-Key data in supplicant -processing. When using WPA2, these are frames that have the Encrypted -flag set, but not the MIC flag. - -When using WPA2, EAPOL-Key frames that had the Encrypted flag set but -not the MIC flag, had their data field decrypted without first verifying -the MIC. In case the data field was encrypted using RC4 (i.e., when -negotiating TKIP as the pairwise cipher), this meant that -unauthenticated but decrypted data would then be processed. An adversary -could abuse this as a decryption oracle to recover sensitive information -in the data field of EAPOL-Key messages (e.g., the group key). -(CVE-2018-14526) - -Signed-off-by: Mathy Vanhoef ---- - src/rsn_supp/wpa.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff -upr wpa_supplicant-2.6.orig/src/rsn_supp/wpa.c wpa_supplicant-2.6/src/rsn_supp/wpa.c ---- wpa_supplicant-2.6.orig/src/rsn_supp/wpa.c 2016-10-02 21:51:11.000000000 +0300 -+++ wpa_supplicant-2.6/src/rsn_supp/wpa.c 2018-08-08 16:55:11.506831029 +0300 -@@ -2016,6 +2016,17 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, c - - if ((sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) && - (key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { -+ /* -+ * Only decrypt the Key Data field if the frame's authenticity -+ * was verified. When using AES-SIV (FILS), the MIC flag is not -+ * set, so this check should only be performed if mic_len != 0 -+ * which is the case in this code branch. -+ */ -+ if (!(key_info & WPA_KEY_INFO_MIC)) { -+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, -+ "WPA: Ignore EAPOL-Key with encrypted but unauthenticated data"); -+ goto out; -+ } - if (wpa_supplicant_decrypt_key_data(sm, key, ver, key_data, - &key_data_len)) - goto out; diff --git a/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch b/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch deleted file mode 100644 index 727684865dbdb1dbb0dbee89298fd2f403720930..0000000000000000000000000000000000000000 --- a/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch +++ /dev/null @@ -1,174 +0,0 @@ -From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001 -From: Mathy Vanhoef -Date: Fri, 14 Jul 2017 15:15:35 +0200 -Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake - -Do not reinstall TK to the driver during Reassociation Response frame -processing if the first attempt of setting the TK succeeded. This avoids -issues related to clearing the TX/RX PN that could result in reusing -same PN values for transmitted frames (e.g., due to CCM nonce reuse and -also hitting replay protection on the receiver) and accepting replayed -frames on RX side. - -This issue was introduced by the commit -0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in -authenticator') which allowed wpa_ft_install_ptk() to be called multiple -times with the same PTK. While the second configuration attempt is -needed with some drivers, it must be done only if the first attempt -failed. - -Signed-off-by: Mathy Vanhoef ---- - src/ap/ieee802_11.c | 16 +++++++++++++--- - src/ap/wpa_auth.c | 11 +++++++++++ - src/ap/wpa_auth.h | 3 ++- - src/ap/wpa_auth_ft.c | 10 ++++++++++ - src/ap/wpa_auth_i.h | 1 + - 5 files changed, 37 insertions(+), 4 deletions(-) - -diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c -index 4e04169..333035f 100644 ---- a/src/ap/ieee802_11.c -+++ b/src/ap/ieee802_11.c -@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd, - { - struct ieee80211_ht_capabilities ht_cap; - struct ieee80211_vht_capabilities vht_cap; -+ int set = 1; - - /* - * Remove the STA entry to ensure the STA PS state gets cleared and -@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd, - * FT-over-the-DS, where a station re-associates back to the same AP but - * skips the authentication flow, or if working with a driver that - * does not support full AP client state. -+ * -+ * Skip this if the STA has already completed FT reassociation and the -+ * TK has been configured since the TX/RX PN must not be reset to 0 for -+ * the same key. - */ -- if (!sta->added_unassoc) -+ if (!sta->added_unassoc && -+ (!(sta->flags & WLAN_STA_AUTHORIZED) || -+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) { - hostapd_drv_sta_remove(hapd, sta->addr); -+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED); -+ set = 0; -+ } - - #ifdef CONFIG_IEEE80211N - if (sta->flags & WLAN_STA_HT) -@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data *hapd, - sta->flags & WLAN_STA_VHT ? &vht_cap : NULL, - sta->flags | WLAN_STA_ASSOC, sta->qosinfo, - sta->vht_opmode, sta->p2p_ie ? 1 : 0, -- sta->added_unassoc)) { -+ set)) { - hostapd_logger(hapd, sta->addr, - HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE, - "Could not %s STA to kernel driver", -- sta->added_unassoc ? "set" : "add"); -+ set ? "set" : "add"); - - if (sta->added_unassoc) { - hostapd_drv_sta_remove(hapd, sta->addr); -diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c -index 3587086..707971d 100644 ---- a/src/ap/wpa_auth.c -+++ b/src/ap/wpa_auth.c -@@ -1745,6 +1745,9 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event) - #else /* CONFIG_IEEE80211R */ - break; - #endif /* CONFIG_IEEE80211R */ -+ case WPA_DRV_STA_REMOVED: -+ sm->tk_already_set = FALSE; -+ return 0; - } - - #ifdef CONFIG_IEEE80211R -@@ -3250,6 +3253,14 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm) - } - - -+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm) -+{ -+ if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt)) -+ return 0; -+ return sm->tk_already_set; -+} -+ -+ - int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm, - struct rsn_pmksa_cache_entry *entry) - { -diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h -index 0de8d97..97461b0 100644 ---- a/src/ap/wpa_auth.h -+++ b/src/ap/wpa_auth.h -@@ -267,7 +267,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, - u8 *data, size_t data_len); - enum wpa_event { - WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH, -- WPA_REAUTH_EAPOL, WPA_ASSOC_FT -+ WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_DRV_STA_REMOVED - }; - void wpa_remove_ptk(struct wpa_state_machine *sm); - int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event); -@@ -280,6 +280,7 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm); - int wpa_auth_get_pairwise(struct wpa_state_machine *sm); - int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm); - int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm); -+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm); - int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm, - struct rsn_pmksa_cache_entry *entry); - struct rsn_pmksa_cache_entry * -diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c -index 42242a5..e63b99a 100644 ---- a/src/ap/wpa_auth_ft.c -+++ b/src/ap/wpa_auth_ft.c -@@ -780,6 +780,14 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm) - return; - } - -+ if (sm->tk_already_set) { -+ /* Must avoid TK reconfiguration to prevent clearing of TX/RX -+ * PN in the driver */ -+ wpa_printf(MSG_DEBUG, -+ "FT: Do not re-install same PTK to the driver"); -+ return; -+ } -+ - /* FIX: add STA entry to kernel/driver here? The set_key will fail - * most likely without this.. At the moment, STA entry is added only - * after association has been completed. This function will be called -@@ -792,6 +800,7 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm) - - /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */ - sm->pairwise_set = TRUE; -+ sm->tk_already_set = TRUE; - } - - -@@ -898,6 +907,7 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm, - - sm->pairwise = pairwise; - sm->PTK_valid = TRUE; -+ sm->tk_already_set = FALSE; - wpa_ft_install_ptk(sm); - - buflen = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) + -diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h -index 72b7eb3..7fd8f05 100644 ---- a/src/ap/wpa_auth_i.h -+++ b/src/ap/wpa_auth_i.h -@@ -65,6 +65,7 @@ struct wpa_state_machine { - struct wpa_ptk PTK; - Boolean PTK_valid; - Boolean pairwise_set; -+ Boolean tk_already_set; - int keycount; - Boolean Pair; - struct wpa_key_replay_counter { --- -2.7.4 - diff --git a/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch b/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch deleted file mode 100644 index 1802d664add6f3e83b4bb64c5f7114c2e4b36298..0000000000000000000000000000000000000000 --- a/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch +++ /dev/null @@ -1,250 +0,0 @@ -From 927f891007c402fefd1ff384645b3f07597c3ede Mon Sep 17 00:00:00 2001 -From: Mathy Vanhoef -Date: Wed, 12 Jul 2017 16:03:24 +0200 -Subject: [PATCH 2/8] Prevent reinstallation of an already in-use group key - -Track the current GTK and IGTK that is in use and when receiving a -(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do -not install the given key if it is already in use. This prevents an -attacker from trying to trick the client into resetting or lowering the -sequence counter associated to the group key. - -Signed-off-by: Mathy Vanhoef ---- - src/common/wpa_common.h | 11 +++++ - src/rsn_supp/wpa.c | 116 ++++++++++++++++++++++++++++++------------------ - src/rsn_supp/wpa_i.h | 4 ++ - 3 files changed, 87 insertions(+), 44 deletions(-) - -diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h -index af1d0f0..d200285 100644 ---- a/src/common/wpa_common.h -+++ b/src/common/wpa_common.h -@@ -217,6 +217,17 @@ struct wpa_ptk { - size_t tk_len; - }; - -+struct wpa_gtk { -+ u8 gtk[WPA_GTK_MAX_LEN]; -+ size_t gtk_len; -+}; -+ -+#ifdef CONFIG_IEEE80211W -+struct wpa_igtk { -+ u8 igtk[WPA_IGTK_MAX_LEN]; -+ size_t igtk_len; -+}; -+#endif /* CONFIG_IEEE80211W */ - - /* WPA IE version 1 - * 00-50-f2:1 (OUI:OUI type) -diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c -index 3c47879..95bd7be 100644 ---- a/src/rsn_supp/wpa.c -+++ b/src/rsn_supp/wpa.c -@@ -714,6 +714,15 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, - const u8 *_gtk = gd->gtk; - u8 gtk_buf[32]; - -+ /* Detect possible key reinstallation */ -+ if (sm->gtk.gtk_len == (size_t) gd->gtk_len && -+ os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) { -+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, -+ "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)", -+ gd->keyidx, gd->tx, gd->gtk_len); -+ return 0; -+ } -+ - wpa_hexdump_key(MSG_DEBUG, "WPA: Group Key", gd->gtk, gd->gtk_len); - wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, - "WPA: Installing GTK to the driver (keyidx=%d tx=%d len=%d)", -@@ -748,6 +757,9 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, - } - os_memset(gtk_buf, 0, sizeof(gtk_buf)); - -+ sm->gtk.gtk_len = gd->gtk_len; -+ os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len); -+ - return 0; - } - -@@ -854,6 +866,48 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm, - } - - -+#ifdef CONFIG_IEEE80211W -+static int wpa_supplicant_install_igtk(struct wpa_sm *sm, -+ const struct wpa_igtk_kde *igtk) -+{ -+ size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); -+ u16 keyidx = WPA_GET_LE16(igtk->keyid); -+ -+ /* Detect possible key reinstallation */ -+ if (sm->igtk.igtk_len == len && -+ os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) { -+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, -+ "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)", -+ keyidx); -+ return 0; -+ } -+ -+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, -+ "WPA: IGTK keyid %d pn %02x%02x%02x%02x%02x%02x", -+ keyidx, MAC2STR(igtk->pn)); -+ wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", igtk->igtk, len); -+ if (keyidx > 4095) { -+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, -+ "WPA: Invalid IGTK KeyID %d", keyidx); -+ return -1; -+ } -+ if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), -+ broadcast_ether_addr, -+ keyidx, 0, igtk->pn, sizeof(igtk->pn), -+ igtk->igtk, len) < 0) { -+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, -+ "WPA: Failed to configure IGTK to the driver"); -+ return -1; -+ } -+ -+ sm->igtk.igtk_len = len; -+ os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len); -+ -+ return 0; -+} -+#endif /* CONFIG_IEEE80211W */ -+ -+ - static int ieee80211w_set_keys(struct wpa_sm *sm, - struct wpa_eapol_ie_parse *ie) - { -@@ -864,30 +918,14 @@ static int ieee80211w_set_keys(struct wpa_sm *sm, - if (ie->igtk) { - size_t len; - const struct wpa_igtk_kde *igtk; -- u16 keyidx; -+ - len = wpa_cipher_key_len(sm->mgmt_group_cipher); - if (ie->igtk_len != WPA_IGTK_KDE_PREFIX_LEN + len) - return -1; -+ - igtk = (const struct wpa_igtk_kde *) ie->igtk; -- keyidx = WPA_GET_LE16(igtk->keyid); -- wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: IGTK keyid %d " -- "pn %02x%02x%02x%02x%02x%02x", -- keyidx, MAC2STR(igtk->pn)); -- wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", -- igtk->igtk, len); -- if (keyidx > 4095) { -- wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, -- "WPA: Invalid IGTK KeyID %d", keyidx); -- return -1; -- } -- if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), -- broadcast_ether_addr, -- keyidx, 0, igtk->pn, sizeof(igtk->pn), -- igtk->igtk, len) < 0) { -- wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, -- "WPA: Failed to configure IGTK to the driver"); -+ if (wpa_supplicant_install_igtk(sm, igtk) < 0) - return -1; -- } - } - - return 0; -@@ -2307,7 +2345,7 @@ void wpa_sm_deinit(struct wpa_sm *sm) - */ - void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) - { -- int clear_ptk = 1; -+ int clear_keys = 1; - - if (sm == NULL) - return; -@@ -2333,11 +2371,11 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) - /* Prepare for the next transition */ - wpa_ft_prepare_auth_request(sm, NULL); - -- clear_ptk = 0; -+ clear_keys = 0; - } - #endif /* CONFIG_IEEE80211R */ - -- if (clear_ptk) { -+ if (clear_keys) { - /* - * IEEE 802.11, 8.4.10: Delete PTK SA on (re)association if - * this is not part of a Fast BSS Transition. -@@ -2347,6 +2385,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) - os_memset(&sm->ptk, 0, sizeof(sm->ptk)); - sm->tptk_set = 0; - os_memset(&sm->tptk, 0, sizeof(sm->tptk)); -+ os_memset(&sm->gtk, 0, sizeof(sm->gtk)); -+#ifdef CONFIG_IEEE80211W -+ os_memset(&sm->igtk, 0, sizeof(sm->igtk)); -+#endif /* CONFIG_IEEE80211W */ - } - - #ifdef CONFIG_TDLS -@@ -2877,6 +2919,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm) - os_memset(sm->pmk, 0, sizeof(sm->pmk)); - os_memset(&sm->ptk, 0, sizeof(sm->ptk)); - os_memset(&sm->tptk, 0, sizeof(sm->tptk)); -+ os_memset(&sm->gtk, 0, sizeof(sm->gtk)); -+#ifdef CONFIG_IEEE80211W -+ os_memset(&sm->igtk, 0, sizeof(sm->igtk)); -+#endif /* CONFIG_IEEE80211W */ - #ifdef CONFIG_IEEE80211R - os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); - os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0)); -@@ -2949,29 +2995,11 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf) - os_memset(&gd, 0, sizeof(gd)); - #ifdef CONFIG_IEEE80211W - } else if (subelem_id == WNM_SLEEP_SUBELEM_IGTK) { -- struct wpa_igtk_kde igd; -- u16 keyidx; -- -- os_memset(&igd, 0, sizeof(igd)); -- keylen = wpa_cipher_key_len(sm->mgmt_group_cipher); -- os_memcpy(igd.keyid, buf + 2, 2); -- os_memcpy(igd.pn, buf + 4, 6); -- -- keyidx = WPA_GET_LE16(igd.keyid); -- os_memcpy(igd.igtk, buf + 10, keylen); -- -- wpa_hexdump_key(MSG_DEBUG, "Install IGTK (WNM SLEEP)", -- igd.igtk, keylen); -- if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), -- broadcast_ether_addr, -- keyidx, 0, igd.pn, sizeof(igd.pn), -- igd.igtk, keylen) < 0) { -- wpa_printf(MSG_DEBUG, "Failed to install the IGTK in " -- "WNM mode"); -- os_memset(&igd, 0, sizeof(igd)); -+ const struct wpa_igtk_kde *igtk; -+ -+ igtk = (const struct wpa_igtk_kde *) (buf + 2); -+ if (wpa_supplicant_install_igtk(sm, igtk) < 0) - return -1; -- } -- os_memset(&igd, 0, sizeof(igd)); - #endif /* CONFIG_IEEE80211W */ - } else { - wpa_printf(MSG_DEBUG, "Unknown element id"); -diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h -index f653ba6..afc9e37 100644 ---- a/src/rsn_supp/wpa_i.h -+++ b/src/rsn_supp/wpa_i.h -@@ -31,6 +31,10 @@ struct wpa_sm { - u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN]; - int rx_replay_counter_set; - u8 request_counter[WPA_REPLAY_COUNTER_LEN]; -+ struct wpa_gtk gtk; -+#ifdef CONFIG_IEEE80211W -+ struct wpa_igtk igtk; -+#endif /* CONFIG_IEEE80211W */ - - struct eapol_sm *eapol; /* EAPOL state machine from upper level code */ - --- -2.7.4 - diff --git a/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch b/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch deleted file mode 100644 index e2937b851ad55ef8f06e96a3c597bb7d0d9ccda8..0000000000000000000000000000000000000000 --- a/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch +++ /dev/null @@ -1,184 +0,0 @@ -From 8280294e74846ea342389a0cd17215050fa5afe8 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Sun, 1 Oct 2017 12:12:24 +0300 -Subject: [PATCH 3/8] Extend protection of GTK/IGTK reinstallation of WNM-Sleep - Mode cases - -This extends the protection to track last configured GTK/IGTK value -separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a -corner case where these two different mechanisms may get used when the -GTK/IGTK has changed and tracking a single value is not sufficient to -detect a possible key reconfiguration. - -Signed-off-by: Jouni Malinen ---- - src/rsn_supp/wpa.c | 53 +++++++++++++++++++++++++++++++++++++--------------- - src/rsn_supp/wpa_i.h | 2 ++ - 2 files changed, 40 insertions(+), 15 deletions(-) - -diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c -index 95bd7be..7a2c68d 100644 ---- a/src/rsn_supp/wpa.c -+++ b/src/rsn_supp/wpa.c -@@ -709,14 +709,17 @@ struct wpa_gtk_data { - - static int wpa_supplicant_install_gtk(struct wpa_sm *sm, - const struct wpa_gtk_data *gd, -- const u8 *key_rsc) -+ const u8 *key_rsc, int wnm_sleep) - { - const u8 *_gtk = gd->gtk; - u8 gtk_buf[32]; - - /* Detect possible key reinstallation */ -- if (sm->gtk.gtk_len == (size_t) gd->gtk_len && -- os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) { -+ if ((sm->gtk.gtk_len == (size_t) gd->gtk_len && -+ os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) || -+ (sm->gtk_wnm_sleep.gtk_len == (size_t) gd->gtk_len && -+ os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk, -+ sm->gtk_wnm_sleep.gtk_len) == 0)) { - wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, - "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)", - gd->keyidx, gd->tx, gd->gtk_len); -@@ -757,8 +760,14 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, - } - os_memset(gtk_buf, 0, sizeof(gtk_buf)); - -- sm->gtk.gtk_len = gd->gtk_len; -- os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len); -+ if (wnm_sleep) { -+ sm->gtk_wnm_sleep.gtk_len = gd->gtk_len; -+ os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk, -+ sm->gtk_wnm_sleep.gtk_len); -+ } else { -+ sm->gtk.gtk_len = gd->gtk_len; -+ os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len); -+ } - - return 0; - } -@@ -852,7 +861,7 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm, - (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, - gtk_len, gtk_len, - &gd.key_rsc_len, &gd.alg) || -- wpa_supplicant_install_gtk(sm, &gd, key_rsc))) { -+ wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0))) { - wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, - "RSN: Failed to install GTK"); - os_memset(&gd, 0, sizeof(gd)); -@@ -868,14 +877,18 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm, - - #ifdef CONFIG_IEEE80211W - static int wpa_supplicant_install_igtk(struct wpa_sm *sm, -- const struct wpa_igtk_kde *igtk) -+ const struct wpa_igtk_kde *igtk, -+ int wnm_sleep) - { - size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); - u16 keyidx = WPA_GET_LE16(igtk->keyid); - - /* Detect possible key reinstallation */ -- if (sm->igtk.igtk_len == len && -- os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) { -+ if ((sm->igtk.igtk_len == len && -+ os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) || -+ (sm->igtk_wnm_sleep.igtk_len == len && -+ os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk, -+ sm->igtk_wnm_sleep.igtk_len) == 0)) { - wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, - "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)", - keyidx); -@@ -900,8 +913,14 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm, - return -1; - } - -- sm->igtk.igtk_len = len; -- os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len); -+ if (wnm_sleep) { -+ sm->igtk_wnm_sleep.igtk_len = len; -+ os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk, -+ sm->igtk_wnm_sleep.igtk_len); -+ } else { -+ sm->igtk.igtk_len = len; -+ os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len); -+ } - - return 0; - } -@@ -924,7 +943,7 @@ static int ieee80211w_set_keys(struct wpa_sm *sm, - return -1; - - igtk = (const struct wpa_igtk_kde *) ie->igtk; -- if (wpa_supplicant_install_igtk(sm, igtk) < 0) -+ if (wpa_supplicant_install_igtk(sm, igtk, 0) < 0) - return -1; - } - -@@ -1574,7 +1593,7 @@ static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm, - if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc)) - key_rsc = null_rsc; - -- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc) || -+ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0) || - wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0) - goto failed; - os_memset(&gd, 0, sizeof(gd)); -@@ -2386,8 +2405,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) - sm->tptk_set = 0; - os_memset(&sm->tptk, 0, sizeof(sm->tptk)); - os_memset(&sm->gtk, 0, sizeof(sm->gtk)); -+ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); - #ifdef CONFIG_IEEE80211W - os_memset(&sm->igtk, 0, sizeof(sm->igtk)); -+ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); - #endif /* CONFIG_IEEE80211W */ - } - -@@ -2920,8 +2941,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm) - os_memset(&sm->ptk, 0, sizeof(sm->ptk)); - os_memset(&sm->tptk, 0, sizeof(sm->tptk)); - os_memset(&sm->gtk, 0, sizeof(sm->gtk)); -+ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); - #ifdef CONFIG_IEEE80211W - os_memset(&sm->igtk, 0, sizeof(sm->igtk)); -+ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); - #endif /* CONFIG_IEEE80211W */ - #ifdef CONFIG_IEEE80211R - os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); -@@ -2986,7 +3009,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf) - - wpa_hexdump_key(MSG_DEBUG, "Install GTK (WNM SLEEP)", - gd.gtk, gd.gtk_len); -- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc)) { -+ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 1)) { - os_memset(&gd, 0, sizeof(gd)); - wpa_printf(MSG_DEBUG, "Failed to install the GTK in " - "WNM mode"); -@@ -2998,7 +3021,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf) - const struct wpa_igtk_kde *igtk; - - igtk = (const struct wpa_igtk_kde *) (buf + 2); -- if (wpa_supplicant_install_igtk(sm, igtk) < 0) -+ if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0) - return -1; - #endif /* CONFIG_IEEE80211W */ - } else { -diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h -index afc9e37..9a54631 100644 ---- a/src/rsn_supp/wpa_i.h -+++ b/src/rsn_supp/wpa_i.h -@@ -32,8 +32,10 @@ struct wpa_sm { - int rx_replay_counter_set; - u8 request_counter[WPA_REPLAY_COUNTER_LEN]; - struct wpa_gtk gtk; -+ struct wpa_gtk gtk_wnm_sleep; - #ifdef CONFIG_IEEE80211W - struct wpa_igtk igtk; -+ struct wpa_igtk igtk_wnm_sleep; - #endif /* CONFIG_IEEE80211W */ - - struct eapol_sm *eapol; /* EAPOL state machine from upper level code */ --- -2.7.4 - diff --git a/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch b/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch deleted file mode 100644 index 22ee217947d6fb836ca753aaec2ac42e25bc05c3..0000000000000000000000000000000000000000 --- a/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 8f82bc94e8697a9d47fa8774dfdaaede1084912c Mon Sep 17 00:00:00 2001 -From: Mathy Vanhoef -Date: Fri, 29 Sep 2017 04:22:51 +0200 -Subject: [PATCH 4/8] Prevent installation of an all-zero TK - -Properly track whether a PTK has already been installed to the driver -and the TK part cleared from memory. This prevents an attacker from -trying to trick the client into installing an all-zero TK. - -This fixes the earlier fix in commit -ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the -driver in EAPOL-Key 3/4 retry case') which did not take into account -possibility of an extra message 1/4 showing up between retries of -message 3/4. - -Signed-off-by: Mathy Vanhoef ---- - src/common/wpa_common.h | 1 + - src/rsn_supp/wpa.c | 5 ++--- - src/rsn_supp/wpa_i.h | 1 - - 3 files changed, 3 insertions(+), 4 deletions(-) - -diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h -index d200285..1021ccb 100644 ---- a/src/common/wpa_common.h -+++ b/src/common/wpa_common.h -@@ -215,6 +215,7 @@ struct wpa_ptk { - size_t kck_len; - size_t kek_len; - size_t tk_len; -+ int installed; /* 1 if key has already been installed to driver */ - }; - - struct wpa_gtk { -diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c -index 7a2c68d..0550a41 100644 ---- a/src/rsn_supp/wpa.c -+++ b/src/rsn_supp/wpa.c -@@ -510,7 +510,6 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, - os_memset(buf, 0, sizeof(buf)); - } - sm->tptk_set = 1; -- sm->tk_to_set = 1; - - kde = sm->assoc_wpa_ie; - kde_len = sm->assoc_wpa_ie_len; -@@ -615,7 +614,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, - enum wpa_alg alg; - const u8 *key_rsc; - -- if (!sm->tk_to_set) { -+ if (sm->ptk.installed) { - wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, - "WPA: Do not re-install same PTK to the driver"); - return 0; -@@ -659,7 +658,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, - - /* TK is not needed anymore in supplicant */ - os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN); -- sm->tk_to_set = 0; -+ sm->ptk.installed = 1; - - if (sm->wpa_ptk_rekey) { - eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL); -diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h -index 9a54631..41f371f 100644 ---- a/src/rsn_supp/wpa_i.h -+++ b/src/rsn_supp/wpa_i.h -@@ -24,7 +24,6 @@ struct wpa_sm { - struct wpa_ptk ptk, tptk; - int ptk_set, tptk_set; - unsigned int msg_3_of_4_ok:1; -- unsigned int tk_to_set:1; - u8 snonce[WPA_NONCE_LEN]; - u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */ - int renew_snonce; --- -2.7.4 - diff --git a/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch b/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch deleted file mode 100644 index c19c4c710235a668a3f53e00b2ac87102e0e6330..0000000000000000000000000000000000000000 --- a/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 12fac09b437a1dc8a0f253e265934a8aaf4d2f8b Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Sun, 1 Oct 2017 12:32:57 +0300 -Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce - -The Authenticator state machine path for PTK rekeying ended up bypassing -the AUTHENTICATION2 state where a new ANonce is generated when going -directly to the PTKSTART state since there is no need to try to -determine the PMK again in such a case. This is far from ideal since the -new PTK would depend on a new nonce only from the supplicant. - -Fix this by generating a new ANonce when moving to the PTKSTART state -for the purpose of starting new 4-way handshake to rekey PTK. - -Signed-off-by: Jouni Malinen ---- - src/ap/wpa_auth.c | 24 +++++++++++++++++++++--- - 1 file changed, 21 insertions(+), 3 deletions(-) - -diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c -index 707971d..bf10cc1 100644 ---- a/src/ap/wpa_auth.c -+++ b/src/ap/wpa_auth.c -@@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2) - } - - -+static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) -+{ -+ if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { -+ wpa_printf(MSG_ERROR, -+ "WPA: Failed to get random data for ANonce"); -+ sm->Disconnect = TRUE; -+ return -1; -+ } -+ wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce, -+ WPA_NONCE_LEN); -+ sm->TimeoutCtr = 0; -+ return 0; -+} -+ -+ - SM_STATE(WPA_PTK, INITPMK) - { - u8 msk[2 * PMK_LEN]; -@@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK) - SM_ENTER(WPA_PTK, AUTHENTICATION); - else if (sm->ReAuthenticationRequest) - SM_ENTER(WPA_PTK, AUTHENTICATION2); -- else if (sm->PTKRequest) -- SM_ENTER(WPA_PTK, PTKSTART); -- else switch (sm->wpa_ptk_state) { -+ else if (sm->PTKRequest) { -+ if (wpa_auth_sm_ptk_update(sm) < 0) -+ SM_ENTER(WPA_PTK, DISCONNECTED); -+ else -+ SM_ENTER(WPA_PTK, PTKSTART); -+ } else switch (sm->wpa_ptk_state) { - case WPA_PTK_INITIALIZE: - break; - case WPA_PTK_DISCONNECT: --- -2.7.4 - diff --git a/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch b/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch deleted file mode 100644 index e1bd5a572625e9e86c1d9843803675100f226a65..0000000000000000000000000000000000000000 --- a/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch +++ /dev/null @@ -1,132 +0,0 @@ -From 6c4bed4f47d1960ec04981a9d50e5076aea5223d Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Fri, 22 Sep 2017 11:03:15 +0300 -Subject: [PATCH 6/8] TDLS: Reject TPK-TK reconfiguration - -Do not try to reconfigure the same TPK-TK to the driver after it has -been successfully configured. This is an explicit check to avoid issues -related to resetting the TX/RX packet number. There was already a check -for this for TPK M2 (retries of that message are ignored completely), so -that behavior does not get modified. - -For TPK M3, the TPK-TK could have been reconfigured, but that was -followed by immediate teardown of the link due to an issue in updating -the STA entry. Furthermore, for TDLS with any real security (i.e., -ignoring open/WEP), the TPK message exchange is protected on the AP path -and simple replay attacks are not feasible. - -As an additional corner case, make sure the local nonce gets updated if -the peer uses a very unlikely "random nonce" of all zeros. - -Signed-off-by: Jouni Malinen ---- - src/rsn_supp/tdls.c | 38 ++++++++++++++++++++++++++++++++++++-- - 1 file changed, 36 insertions(+), 2 deletions(-) - -diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c -index e424168..9eb9738 100644 ---- a/src/rsn_supp/tdls.c -+++ b/src/rsn_supp/tdls.c -@@ -112,6 +112,7 @@ struct wpa_tdls_peer { - u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */ - } tpk; - int tpk_set; -+ int tk_set; /* TPK-TK configured to the driver */ - int tpk_success; - int tpk_in_progress; - -@@ -192,6 +193,20 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) - u8 rsc[6]; - enum wpa_alg alg; - -+ if (peer->tk_set) { -+ /* -+ * This same TPK-TK has already been configured to the driver -+ * and this new configuration attempt (likely due to an -+ * unexpected retransmitted frame) would result in clearing -+ * the TX/RX sequence number which can break security, so must -+ * not allow that to happen. -+ */ -+ wpa_printf(MSG_INFO, "TDLS: TPK-TK for the peer " MACSTR -+ " has already been configured to the driver - do not reconfigure", -+ MAC2STR(peer->addr)); -+ return -1; -+ } -+ - os_memset(rsc, 0, 6); - - switch (peer->cipher) { -@@ -209,12 +224,15 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) - return -1; - } - -+ wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR, -+ MAC2STR(peer->addr)); - if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1, - rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) { - wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the " - "driver"); - return -1; - } -+ peer->tk_set = 1; - return 0; - } - -@@ -696,7 +714,7 @@ static void wpa_tdls_peer_clear(struct wpa_sm *sm, struct wpa_tdls_peer *peer) - peer->cipher = 0; - peer->qos_info = 0; - peer->wmm_capable = 0; -- peer->tpk_set = peer->tpk_success = 0; -+ peer->tk_set = peer->tpk_set = peer->tpk_success = 0; - peer->chan_switch_enabled = 0; - os_memset(&peer->tpk, 0, sizeof(peer->tpk)); - os_memset(peer->inonce, 0, WPA_NONCE_LEN); -@@ -1159,6 +1177,7 @@ skip_rsnie: - wpa_tdls_peer_free(sm, peer); - return -1; - } -+ peer->tk_set = 0; /* A new nonce results in a new TK */ - wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake", - peer->inonce, WPA_NONCE_LEN); - os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN); -@@ -1751,6 +1770,19 @@ static int wpa_tdls_addset_peer(struct wpa_sm *sm, struct wpa_tdls_peer *peer, - } - - -+static int tdls_nonce_set(const u8 *nonce) -+{ -+ int i; -+ -+ for (i = 0; i < WPA_NONCE_LEN; i++) { -+ if (nonce[i]) -+ return 1; -+ } -+ -+ return 0; -+} -+ -+ - static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr, - const u8 *buf, size_t len) - { -@@ -2004,7 +2036,8 @@ skip_rsn: - peer->rsnie_i_len = kde.rsn_ie_len; - peer->cipher = cipher; - -- if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0) { -+ if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0 || -+ !tdls_nonce_set(peer->inonce)) { - /* - * There is no point in updating the RNonce for every obtained - * TPK M1 frame (e.g., retransmission due to timeout) with the -@@ -2020,6 +2053,7 @@ skip_rsn: - "TDLS: Failed to get random data for responder nonce"); - goto error; - } -+ peer->tk_set = 0; /* A new nonce results in a new TK */ - } - - #if 0 --- -2.7.4 - diff --git a/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch b/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch deleted file mode 100644 index 85ea1d62bcf5a882a29ccbe223feee5447830e79..0000000000000000000000000000000000000000 --- a/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 53c5eb58e95004f86e65ee9fbfccbc291b139057 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Fri, 22 Sep 2017 11:25:02 +0300 -Subject: [PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending - request - -Commit 03ed0a52393710be6bdae657d1b36efa146520e5 ('WNM: Ignore WNM-Sleep -Mode Response if WNM-Sleep Mode has not been used') started ignoring the -response when no WNM-Sleep Mode Request had been used during the -association. This can be made tighter by clearing the used flag when -successfully processing a response. This adds an additional layer of -protection against unexpected retransmissions of the response frame. - -Signed-off-by: Jouni Malinen ---- - wpa_supplicant/wnm_sta.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c -index 1b3409c..67a07ff 100644 ---- a/wpa_supplicant/wnm_sta.c -+++ b/wpa_supplicant/wnm_sta.c -@@ -260,7 +260,7 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s, - - if (!wpa_s->wnmsleep_used) { - wpa_printf(MSG_DEBUG, -- "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode has not been used in this association"); -+ "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode operation has not been requested"); - return; - } - -@@ -299,6 +299,8 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s, - return; - } - -+ wpa_s->wnmsleep_used = 0; -+ - if (wnmsleep_ie->status == WNM_STATUS_SLEEP_ACCEPT || - wnmsleep_ie->status == WNM_STATUS_SLEEP_EXIT_ACCEPT_GTK_UPDATE) { - wpa_printf(MSG_DEBUG, "Successfully recv WNM-Sleep Response " --- -2.7.4 - diff --git a/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch b/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch deleted file mode 100644 index b9678f6815a89e5df66575501fc1cf4ef15424d4..0000000000000000000000000000000000000000 --- a/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch +++ /dev/null @@ -1,82 +0,0 @@ -From b372ab0b7daea719749194dc554b26e6367603f2 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Fri, 22 Sep 2017 12:06:37 +0300 -Subject: [PATCH 8/8] FT: Do not allow multiple Reassociation Response frames - -The driver is expected to not report a second association event without -the station having explicitly request a new association. As such, this -case should not be reachable. However, since reconfiguring the same -pairwise or group keys to the driver could result in nonce reuse issues, -be extra careful here and do an additional state check to avoid this -even if the local driver ends up somehow accepting an unexpected -Reassociation Response frame. - -Signed-off-by: Jouni Malinen ---- - src/rsn_supp/wpa.c | 3 +++ - src/rsn_supp/wpa_ft.c | 8 ++++++++ - src/rsn_supp/wpa_i.h | 1 + - 3 files changed, 12 insertions(+) - -diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c -index 0550a41..2a53c6f 100644 ---- a/src/rsn_supp/wpa.c -+++ b/src/rsn_supp/wpa.c -@@ -2440,6 +2440,9 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm) - #ifdef CONFIG_TDLS - wpa_tdls_disassoc(sm); - #endif /* CONFIG_TDLS */ -+#ifdef CONFIG_IEEE80211R -+ sm->ft_reassoc_completed = 0; -+#endif /* CONFIG_IEEE80211R */ - - /* Keys are not needed in the WPA state machine anymore */ - wpa_sm_drop_sa(sm); -diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c -index 205793e..d45bb45 100644 ---- a/src/rsn_supp/wpa_ft.c -+++ b/src/rsn_supp/wpa_ft.c -@@ -153,6 +153,7 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len, - u16 capab; - - sm->ft_completed = 0; -+ sm->ft_reassoc_completed = 0; - - buf_len = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) + - 2 + sm->r0kh_id_len + ric_ies_len + 100; -@@ -681,6 +682,11 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, - return -1; - } - -+ if (sm->ft_reassoc_completed) { -+ wpa_printf(MSG_DEBUG, "FT: Reassociation has already been completed for this FT protocol instance - ignore unexpected retransmission"); -+ return 0; -+ } -+ - if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) { - wpa_printf(MSG_DEBUG, "FT: Failed to parse IEs"); - return -1; -@@ -781,6 +787,8 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, - return -1; - } - -+ sm->ft_reassoc_completed = 1; -+ - if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0) - return -1; - -diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h -index 41f371f..56f88dc 100644 ---- a/src/rsn_supp/wpa_i.h -+++ b/src/rsn_supp/wpa_i.h -@@ -128,6 +128,7 @@ struct wpa_sm { - size_t r0kh_id_len; - u8 r1kh_id[FT_R1KH_ID_LEN]; - int ft_completed; -+ int ft_reassoc_completed; - int over_the_ds_in_progress; - u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */ - int set_ptk_after_assoc; --- -2.7.4 - diff --git a/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch b/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch deleted file mode 100644 index 0c03e1dc4810da12e85b4b69689e32590167e260..0000000000000000000000000000000000000000 --- a/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch +++ /dev/null @@ -1,99 +0,0 @@ -From 290834df69556b903b49f2a45671cc62b44f13bb Mon Sep 17 00:00:00 2001 -From: Beniamino Galvani -Date: Fri, 28 Apr 2017 17:59:30 +0200 -Subject: [PATCH] nl80211: Fix race condition in detecting MAC change - -Commit 3e0272ca00ce1df35b45e7d739dd7e935f13fd84 ('nl80211: Re-read MAC -address on RTM_NEWLINK') added the detection of external changes to MAC -address when the interface is brought up. - -If the interface state is changed quickly enough, wpa_supplicant may -receive the netlink message for the !IFF_UP event when the interface -has already been brought up and would ignore the next netlink IFF_UP -message, missing the MAC change. - -Fix this by also reloading the MAC address when a !IFF_UP event is -received with the interface up, because this implies that the -interface went down and up again, possibly changing the address. - -Signed-off-by: Beniamino Galvani ---- - src/drivers/driver_nl80211.c | 47 +++++++++++++++++++++++++------------------- - 1 file changed, 27 insertions(+), 20 deletions(-) - -diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c -index af1cb84..24fad29 100644 ---- a/src/drivers/driver_nl80211.c -+++ b/src/drivers/driver_nl80211.c -@@ -933,6 +933,30 @@ nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len) - } - - -+static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv, -+ int ifindex) -+{ -+ struct i802_bss *bss; -+ u8 addr[ETH_ALEN]; -+ -+ bss = get_bss_ifindex(drv, ifindex); -+ if (bss && -+ linux_get_ifhwaddr(drv->global->ioctl_sock, -+ bss->ifname, addr) < 0) { -+ wpa_printf(MSG_DEBUG, -+ "nl80211: %s: failed to re-read MAC address", -+ bss->ifname); -+ } else if (bss && os_memcmp(addr, bss->addr, ETH_ALEN) != 0) { -+ wpa_printf(MSG_DEBUG, -+ "nl80211: Own MAC address on ifindex %d (%s) changed from " -+ MACSTR " to " MACSTR, -+ ifindex, bss->ifname, -+ MAC2STR(bss->addr), MAC2STR(addr)); -+ os_memcpy(bss->addr, addr, ETH_ALEN); -+ } -+} -+ -+ - static void wpa_driver_nl80211_event_rtm_newlink(void *ctx, - struct ifinfomsg *ifi, - u8 *buf, size_t len) -@@ -997,6 +1021,8 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx, - namebuf[0] = '\0'; - if (if_indextoname(ifi->ifi_index, namebuf) && - linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) { -+ /* Re-read MAC address as it may have changed */ -+ nl80211_refresh_mac(drv, ifi->ifi_index); - wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down " - "event since interface %s is up", namebuf); - drv->ignore_if_down_event = 0; -@@ -1044,27 +1070,8 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx, - "event since interface %s is marked " - "removed", drv->first_bss->ifname); - } else { -- struct i802_bss *bss; -- u8 addr[ETH_ALEN]; -- - /* Re-read MAC address as it may have changed */ -- bss = get_bss_ifindex(drv, ifi->ifi_index); -- if (bss && -- linux_get_ifhwaddr(drv->global->ioctl_sock, -- bss->ifname, addr) < 0) { -- wpa_printf(MSG_DEBUG, -- "nl80211: %s: failed to re-read MAC address", -- bss->ifname); -- } else if (bss && -- os_memcmp(addr, bss->addr, ETH_ALEN) != 0) { -- wpa_printf(MSG_DEBUG, -- "nl80211: Own MAC address on ifindex %d (%s) changed from " -- MACSTR " to " MACSTR, -- ifi->ifi_index, bss->ifname, -- MAC2STR(bss->addr), -- MAC2STR(addr)); -- os_memcpy(bss->addr, addr, ETH_ALEN); -- } -+ nl80211_refresh_mac(drv, ifi->ifi_index); - - wpa_printf(MSG_DEBUG, "nl80211: Interface up"); - drv->if_disabled = 0; --- -2.9.3 - diff --git a/rh1462262-use-system-openssl-ciphers.patch b/rh1462262-use-system-openssl-ciphers.patch deleted file mode 100644 index 01ed7a273a7ca06155eccfd3450d7a77f2561629..0000000000000000000000000000000000000000 --- a/rh1462262-use-system-openssl-ciphers.patch +++ /dev/null @@ -1,122 +0,0 @@ -From 61665e43b0509e3d05b2519bf10531bd2163ed66 Mon Sep 17 00:00:00 2001 -From: Beniamino Galvani -Date: Sun, 9 Jul 2017 11:06:50 +0200 -Subject: [PATCH] OpenSSL: Add build option to select default ciphers - -Add a build option to select different default ciphers for OpenSSL -instead of the hardcoded default "DEFAULT:!EXP:!LOW". - -This new option is useful on distributions where the security level -should be consistent for all applications, as in Fedora [1]. In such -cases the new configuration option would be set to "" or -"PROFILE=SYSTEM" to select the global crypto policy by default. - -[1] https://fedoraproject.org/wiki/Changes/CryptoPolicy - -Signed-off-by: Beniamino Galvani -(cherry picked from commit 2b9891bd6e125d3e28f26afde32e153db658b7cc) ---- - src/crypto/tls_openssl.c | 2 +- - wpa_supplicant/Android.mk | 4 ++++ - wpa_supplicant/Makefile | 4 ++++ - wpa_supplicant/android.config | 4 ++++ - wpa_supplicant/defconfig | 4 ++++ - wpa_supplicant/wpa_supplicant.conf | 4 ++-- - 6 files changed, 19 insertions(+), 3 deletions(-) - -diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c -index 23ac64b..c4170b6 100644 ---- a/src/crypto/tls_openssl.c -+++ b/src/crypto/tls_openssl.c -@@ -1017,7 +1017,7 @@ void * tls_init(const struct tls_config *conf) - if (conf && conf->openssl_ciphers) - ciphers = conf->openssl_ciphers; - else -- ciphers = "DEFAULT:!EXP:!LOW"; -+ ciphers = TLS_DEFAULT_CIPHERS; - if (SSL_CTX_set_cipher_list(ssl, ciphers) != 1) { - wpa_printf(MSG_ERROR, - "OpenSSL: Failed to set cipher string '%s'", -diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk -index a8d6a7f..a9dc086 100644 ---- a/wpa_supplicant/Android.mk -+++ b/wpa_supplicant/Android.mk -@@ -971,6 +971,10 @@ ifdef CONFIG_TLS_ADD_DL - LIBS += -ldl - LIBS_p += -ldl - endif -+ifndef CONFIG_TLS_DEFAULT_CIPHERS -+CONFIG_TLS_DEFAULT_CIPHERS = "DEFAULT:!EXP:!LOW" -+endif -+L_CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" - endif - - ifeq ($(CONFIG_TLS), gnutls) -diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile -index 512052e..cc55a52 100644 ---- a/wpa_supplicant/Makefile -+++ b/wpa_supplicant/Makefile -@@ -1020,6 +1020,10 @@ ifdef CONFIG_TLS_ADD_DL - LIBS += -ldl - LIBS_p += -ldl - endif -+ifndef CONFIG_TLS_DEFAULT_CIPHERS -+CONFIG_TLS_DEFAULT_CIPHERS = "DEFAULT:!EXP:!LOW" -+endif -+CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" - endif - - ifeq ($(CONFIG_TLS), gnutls) -diff --git a/wpa_supplicant/android.config b/wpa_supplicant/android.config -index 02505bb..f3cc838 100644 ---- a/wpa_supplicant/android.config -+++ b/wpa_supplicant/android.config -@@ -291,6 +291,10 @@ CONFIG_IEEE80211W=y - # will be used) - #CONFIG_TLSV12=y - -+# Select which ciphers to use by default with OpenSSL if the user does not -+# specify them. -+#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" -+ - # If CONFIG_TLS=internal is used, additional library and include paths are - # needed for LibTomMath. Alternatively, an integrated, minimal version of - # LibTomMath can be used. See beginning of libtommath.c for details on benefits -diff --git a/wpa_supplicant/defconfig b/wpa_supplicant/defconfig -index 1d05198..8b0eb87 100644 ---- a/wpa_supplicant/defconfig -+++ b/wpa_supplicant/defconfig -@@ -316,6 +316,10 @@ CONFIG_PEERKEY=y - # will be used) - #CONFIG_TLSV12=y - -+# Select which ciphers to use by default with OpenSSL if the user does not -+# specify them. -+#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" -+ - # If CONFIG_TLS=internal is used, additional library and include paths are - # needed for LibTomMath. Alternatively, an integrated, minimal version of - # LibTomMath can be used. See beginning of libtommath.c for details on benefits -diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf -index 1061c98..70989c0 100644 ---- a/wpa_supplicant/wpa_supplicant.conf -+++ b/wpa_supplicant/wpa_supplicant.conf -@@ -183,13 +183,13 @@ fast_reauth=1 - # OpenSSL cipher string - # - # This is an OpenSSL specific configuration option for configuring the default --# ciphers. If not set, "DEFAULT:!EXP:!LOW" is used as the default. -+# ciphers. If not set, the value configured at build time ("DEFAULT:!EXP:!LOW" -+# by default) is used. - # See https://www.openssl.org/docs/apps/ciphers.html for OpenSSL documentation - # on cipher suite configuration. This is applicable only if wpa_supplicant is - # built to use OpenSSL. - #openssl_ciphers=DEFAULT:!EXP:!LOW - -- - # Dynamic EAP methods - # If EAP methods were built dynamically as shared object files, they need to be - # loaded here before being used in the network blocks. By default, EAP methods --- -2.9.3 - diff --git a/rh1465138-openssl-Fix-openssl-1-1-private-key-callback.patch b/rh1465138-openssl-Fix-openssl-1-1-private-key-callback.patch deleted file mode 100644 index bee574a5c8406030aa0db7184ee6c1d4555add05..0000000000000000000000000000000000000000 --- a/rh1465138-openssl-Fix-openssl-1-1-private-key-callback.patch +++ /dev/null @@ -1,127 +0,0 @@ -From 25b37c54a47e49d591f5752bbf0f510480402cae Mon Sep 17 00:00:00 2001 -From: Beniamino Galvani -Date: Sun, 9 Jul 2017 11:14:10 +0200 -Subject: [PATCH 1/2] OpenSSL: Fix private key password handling with OpenSSL - >= 1.1.0f - -Since OpenSSL version 1.1.0f, SSL_use_PrivateKey_file() uses the -callback from the SSL object instead of the one from the CTX, so let's -set the callback on both SSL and CTX. Note that -SSL_set_default_passwd_cb*() is available only in 1.1.0. - -Signed-off-by: Beniamino Galvani -(cherry picked from commit f665c93e1d28fbab3d9127a8c3985cc32940824f) ---- - src/crypto/tls_openssl.c | 12 ++++++++++++ - 1 file changed, 12 insertions(+) - -diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c -index c4170b6..bceb8c3 100644 ---- a/src/crypto/tls_openssl.c -+++ b/src/crypto/tls_openssl.c -@@ -2779,6 +2779,15 @@ static int tls_connection_private_key(struct tls_data *data, - } else - passwd = NULL; - -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+ /* -+ * In OpenSSL >= 1.1.0f SSL_use_PrivateKey_file() uses the callback -+ * from the SSL object. See OpenSSL commit d61461a75253. -+ */ -+ SSL_set_default_passwd_cb(conn->ssl, tls_passwd_cb); -+ SSL_set_default_passwd_cb_userdata(conn->ssl, passwd); -+#endif /* >= 1.1.0f && !LibreSSL */ -+ /* Keep these for OpenSSL < 1.1.0f */ - SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb); - SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd); - -@@ -2869,6 +2878,9 @@ static int tls_connection_private_key(struct tls_data *data, - return -1; - } - ERR_clear_error(); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+ SSL_set_default_passwd_cb(conn->ssl, NULL); -+#endif /* >= 1.1.0f && !LibreSSL */ - SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL); - os_free(passwd); - --- -2.9.3 - -From b2887d6964a406eb5f88f4ad4e9764c468954382 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Mon, 17 Jul 2017 12:06:17 +0300 -Subject: [PATCH 2/2] OpenSSL: Clear default_passwd_cb more thoroughly - -Previously, the pointer to strdup passwd was left in OpenSSL library -default_passwd_cb_userdata and even the default_passwd_cb was left set -on an error path. To avoid unexpected behavior if something were to -manage to use there pointers, clear them explicitly once done with -loading of the private key. - -Signed-off-by: Jouni Malinen -(cherry picked from commit 89971d8b1e328a2f79699c953625d1671fd40384) ---- - src/crypto/tls_openssl.c | 22 +++++++++++++++++----- - 1 file changed, 17 insertions(+), 5 deletions(-) - -diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c -index bceb8c3..770af9e 100644 ---- a/src/crypto/tls_openssl.c -+++ b/src/crypto/tls_openssl.c -@@ -2758,6 +2758,19 @@ static int tls_connection_engine_private_key(struct tls_connection *conn) - } - - -+static void tls_clear_default_passwd_cb(SSL_CTX *ssl_ctx, SSL *ssl) -+{ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+ if (ssl) { -+ SSL_set_default_passwd_cb(ssl, NULL); -+ SSL_set_default_passwd_cb_userdata(ssl, NULL); -+ } -+#endif /* >= 1.1.0f && !LibreSSL */ -+ SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL); -+ SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, NULL); -+} -+ -+ - static int tls_connection_private_key(struct tls_data *data, - struct tls_connection *conn, - const char *private_key, -@@ -2874,14 +2887,12 @@ static int tls_connection_private_key(struct tls_data *data, - if (!ok) { - tls_show_errors(MSG_INFO, __func__, - "Failed to load private key"); -+ tls_clear_default_passwd_cb(ssl_ctx, conn->ssl); - os_free(passwd); - return -1; - } - ERR_clear_error(); --#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -- SSL_set_default_passwd_cb(conn->ssl, NULL); --#endif /* >= 1.1.0f && !LibreSSL */ -- SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL); -+ tls_clear_default_passwd_cb(ssl_ctx, conn->ssl); - os_free(passwd); - - if (!SSL_check_private_key(conn->ssl)) { -@@ -2924,13 +2935,14 @@ static int tls_global_private_key(struct tls_data *data, - tls_read_pkcs12(data, NULL, private_key, passwd)) { - tls_show_errors(MSG_INFO, __func__, - "Failed to load private key"); -+ tls_clear_default_passwd_cb(ssl_ctx, NULL); - os_free(passwd); - ERR_clear_error(); - return -1; - } -+ tls_clear_default_passwd_cb(ssl_ctx, NULL); - os_free(passwd); - ERR_clear_error(); -- SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL); - - if (!SSL_CTX_check_private_key(ssl_ctx)) { - tls_show_errors(MSG_INFO, __func__, --- -2.9.3 - diff --git a/rh1497640-mka-add-error-handling-for-secy_init_macsec.patch b/rh1497640-mka-add-error-handling-for-secy_init_macsec.patch deleted file mode 100644 index 69c0d7f34586ce2071a4f96eed3aa510eb16f05e..0000000000000000000000000000000000000000 --- a/rh1497640-mka-add-error-handling-for-secy_init_macsec.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 7612e65b9bdfe03e5a018e3c897f4a3292c42ee4 Mon Sep 17 00:00:00 2001 -From: Sabrina Dubroca -Date: Tue, 22 Aug 2017 10:34:19 +0200 -Subject: mka: Add error handling for secy_init_macsec() calls - -secy_init_macsec() can fail (if ->macsec_init fails), and -ieee802_1x_kay_init() should handle this and not let MKA run any -further, because nothing is going to work anyway. - -On failure, ieee802_1x_kay_init() must deinit its kay, which will free -kay->ctx, so ieee802_1x_kay_init callers (only ieee802_1x_alloc_kay_sm) -must not do it. Before this patch there is a double-free of the ctx -argument when ieee802_1x_kay_deinit() was called. - -Signed-off-by: Sabrina Dubroca ---- - src/pae/ieee802_1x_kay.c | 25 ++++++++++++++----------- - wpa_supplicant/wpas_kay.c | 5 ++--- - 2 files changed, 16 insertions(+), 14 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index ff55f88..c4bfcbc 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -3100,6 +3100,7 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - kay = os_zalloc(sizeof(*kay)); - if (!kay) { - wpa_printf(MSG_ERROR, "KaY-%s: out of memory", __func__); -+ os_free(ctx); - return NULL; - } - -@@ -3134,10 +3135,8 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - dl_list_init(&kay->participant_list); - - if (policy != DO_NOT_SECURE && -- secy_get_capability(kay, &kay->macsec_capable) < 0) { -- os_free(kay); -- return NULL; -- } -+ secy_get_capability(kay, &kay->macsec_capable) < 0) -+ goto error; - - if (policy == DO_NOT_SECURE || - kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) { -@@ -3164,16 +3163,17 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - wpa_printf(MSG_DEBUG, "KaY: state machine created"); - - /* Initialize the SecY must be prio to CP, as CP will control SecY */ -- secy_init_macsec(kay); -+ if (secy_init_macsec(kay) < 0) { -+ wpa_printf(MSG_DEBUG, "KaY: Could not initialize MACsec"); -+ goto error; -+ } - - wpa_printf(MSG_DEBUG, "KaY: secy init macsec done"); - - /* init CP */ - kay->cp = ieee802_1x_cp_sm_init(kay); -- if (kay->cp == NULL) { -- ieee802_1x_kay_deinit(kay); -- return NULL; -- } -+ if (kay->cp == NULL) -+ goto error; - - if (policy == DO_NOT_SECURE) { - ieee802_1x_cp_connect_authenticated(kay->cp); -@@ -3184,12 +3184,15 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, - if (kay->l2_mka == NULL) { - wpa_printf(MSG_WARNING, - "KaY: Failed to initialize L2 packet processing for MKA packet"); -- ieee802_1x_kay_deinit(kay); -- return NULL; -+ goto error; - } - } - - return kay; -+ -+error: -+ ieee802_1x_kay_deinit(kay); -+ return NULL; - } - - -diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c -index d087e00..587e5c3 100644 ---- a/wpa_supplicant/wpas_kay.c -+++ b/wpa_supplicant/wpas_kay.c -@@ -235,10 +235,9 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) - res = ieee802_1x_kay_init(kay_ctx, policy, ssid->macsec_port, - ssid->mka_priority, wpa_s->ifname, - wpa_s->own_addr); -- if (res == NULL) { -- os_free(kay_ctx); -+ /* ieee802_1x_kay_init() frees kay_ctx on failure */ -+ if (res == NULL) - return -1; -- } - - wpa_s->kay = res; - --- -cgit v0.12 - diff --git a/rh1497640-pae-validate-input-before-pointer.patch b/rh1497640-pae-validate-input-before-pointer.patch deleted file mode 100644 index d99be04c39c0eb730c1dc2ce85dff177f062a41a..0000000000000000000000000000000000000000 --- a/rh1497640-pae-validate-input-before-pointer.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 0ad5893a2f1f521d44712cd395e067ccf0a397c3 Mon Sep 17 00:00:00 2001 -From: Michael Braun -Date: Fri, 18 Aug 2017 01:14:28 +0200 -Subject: PAE: Validate input before pointer - -ieee802_1x_kay_decode_mkpdu() calls ieee802_1x_mka_i_in_peerlist() -before body_len has been checked on all segments. - -ieee802_1x_kay_decode_mkpdu() and ieee802_1x_mka_i_in_peerlist() might -continue and thus underflow left_len even if it finds left_len to small -(or before checking). - -Additionally, ieee802_1x_mka_dump_peer_body() might perform out of bound -reads in this case. - -Fix this by checking left_len and aborting if too small early. - -Signed-off-by: Michael Braun ---- - src/pae/ieee802_1x_kay.c | 23 ++++++++++++----------- - 1 file changed, 12 insertions(+), 11 deletions(-) - -diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c -index c4bfcbc..cad0292 100644 ---- a/src/pae/ieee802_1x_kay.c -+++ b/src/pae/ieee802_1x_kay.c -@@ -964,21 +964,19 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant, - body_len = get_mka_param_body_len(hdr); - body_type = get_mka_param_body_type(hdr); - -- if (body_type != MKA_LIVE_PEER_LIST && -- body_type != MKA_POTENTIAL_PEER_LIST) -- continue; -- -- ieee802_1x_mka_dump_peer_body( -- (struct ieee802_1x_mka_peer_body *)pos); -- -- if (left_len < (MKA_HDR_LEN + body_len + DEFAULT_ICV_LEN)) { -+ if (left_len < (MKA_HDR_LEN + MKA_ALIGN_LENGTH(body_len) + DEFAULT_ICV_LEN)) { - wpa_printf(MSG_ERROR, - "KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV", - left_len, MKA_HDR_LEN, -- body_len, DEFAULT_ICV_LEN); -- continue; -+ MKA_ALIGN_LENGTH(body_len), -+ DEFAULT_ICV_LEN); -+ return FALSE; - } - -+ if (body_type != MKA_LIVE_PEER_LIST && -+ body_type != MKA_POTENTIAL_PEER_LIST) -+ continue; -+ - if ((body_len % 16) != 0) { - wpa_printf(MSG_ERROR, - "KaY: MKA Peer Packet Body Length (%zu bytes) should be a multiple of 16 octets", -@@ -986,6 +984,9 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant, - continue; - } - -+ ieee802_1x_mka_dump_peer_body( -+ (struct ieee802_1x_mka_peer_body *)pos); -+ - for (i = 0; i < body_len; - i += sizeof(struct ieee802_1x_mka_peer_id)) { - const struct ieee802_1x_mka_peer_id *peer_mi; -@@ -3018,7 +3019,7 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay, - "KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV", - left_len, MKA_HDR_LEN, - body_len, DEFAULT_ICV_LEN); -- continue; -+ return -1; - } - - if (handled[body_type]) --- -cgit v0.12 - diff --git a/rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch b/rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch deleted file mode 100644 index 23625e9f39902ce7d232c8aa50c22f6562c25e1a..0000000000000000000000000000000000000000 --- a/rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 3cdb4ac074f76accf24a51d143db545afad2c90b Mon Sep 17 00:00:00 2001 -Message-Id: <3cdb4ac074f76accf24a51d143db545afad2c90b.1525963467.git.davide.caratti@gmail.com> -From: Stijn Tintel -Date: Thu, 5 Jan 2017 16:06:33 +0100 -Subject: [PATCH] D-Bus: Add pmf to global capabilities - -This indicates that the wpa_supplicant binary has been compiled with PMF -support. - -Signed-off-by: Stijn Tintel ---- - wpa_supplicant/dbus/dbus_new_handlers.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c -index 094301045..87581c900 100644 ---- a/wpa_supplicant/dbus/dbus_new_handlers.c -+++ b/wpa_supplicant/dbus/dbus_new_handlers.c -@@ -991,6 +991,9 @@ dbus_bool_t wpas_dbus_getter_global_capabilities( - #ifdef CONFIG_INTERWORKING - capabilities[num_items++] = "interworking"; - #endif /* CONFIG_INTERWORKING */ -+#ifdef CONFIG_IEEE80211W -+ capabilities[num_items++] = "pmf"; -+#endif /* CONFIG_IEEE80211W */ - - return wpas_dbus_simple_array_property_getter(iter, - DBUS_TYPE_STRING, --- -2.14.3 - diff --git a/rh1570903-nl80211-Fix-NL80211_ATTR_SMPS_MODE-encoding.patch b/rh1570903-nl80211-Fix-NL80211_ATTR_SMPS_MODE-encoding.patch deleted file mode 100644 index ad15b7c8c06a02d1b4a2f74092b92dcac59c48a2..0000000000000000000000000000000000000000 --- a/rh1570903-nl80211-Fix-NL80211_ATTR_SMPS_MODE-encoding.patch +++ /dev/null @@ -1,38 +0,0 @@ -From a2426829ce426de82d2fa47071ca41ea81c43307 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Jouni Malinen -Date: Fri, 1 Dec 2017 20:22:44 +0200 -Subject: [PATCH] nl80211: Fix NL80211_ATTR_SMPS_MODE encoding - -This nl80211 attribute uses NLA_U8 policy in cfg80211 and -hostapd/wpa_supplicant needs to use same size when writing the -attribute. - -This fixes AP mode regression triggered by kernel commit "net: netlink: -Update attr validation to require exact length for some types" in -v4.15-rc1 that resulted in the following debug log entry when trying to -enable beaconing: -nl80211: Beacon set failed: -34 (Numerical result out of range) - -Fixes: da1080d7215f ("nl80211: Advertise and configure SMPS modes") -Signed-off-by: Jouni Malinen ---- - src/drivers/driver_nl80211.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c -index 2ce03ed76..7571e77f0 100644 ---- a/src/drivers/driver_nl80211.c -+++ b/src/drivers/driver_nl80211.c -@@ -3957,7 +3957,7 @@ static int wpa_driver_nl80211_set_ap(void *priv, - smps_mode = NL80211_SMPS_OFF; - break; - } -- if (nla_put_u32(msg, NL80211_ATTR_SMPS_MODE, smps_mode)) -+ if (nla_put_u8(msg, NL80211_ATTR_SMPS_MODE, smps_mode)) - goto fail; - } - --- -2.17.0 - diff --git a/wpa_supplicant-2.10.tar.gz b/wpa_supplicant-2.10.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..74236a8c9ed4ce3d4710623516e416fc35fa3b03 Binary files /dev/null and b/wpa_supplicant-2.10.tar.gz differ diff --git a/wpa_supplicant-2.6.tar.gz b/wpa_supplicant-2.6.tar.gz deleted file mode 100644 index 6048646c8088ad752d492acbe94f658951df1dc3..0000000000000000000000000000000000000000 Binary files a/wpa_supplicant-2.6.tar.gz and /dev/null differ diff --git a/allow-to-override-names-of-qt4-tools.patch b/wpa_supplicant-gui-qt4.patch similarity index 54% rename from allow-to-override-names-of-qt4-tools.patch rename to wpa_supplicant-gui-qt4.patch index 480d57f31a84740176458617bd2af86d2c7eb1e8..7acca1e5fc0771f417c90d80715c5603ead17fe4 100644 --- a/allow-to-override-names-of-qt4-tools.patch +++ b/wpa_supplicant-gui-qt4.patch @@ -1,27 +1,27 @@ -From 96e803dc2502f1d822258048bb8dd5febe733dc7 Mon Sep 17 00:00:00 2001 -From: openEuler Buildteam -Date: Fri, 10 Jan 2020 09:25:47 +0800 -Subject: [PATCH] allow to override names of the Qt4 tools. +From 9404f356e394604d1d3d6dbffc52abd54260e4d4 Mon Sep 17 00:00:00 2001 +From: Lubomir Rintel +Date: Tue, 27 Oct 2015 08:56:35 +0100 +Subject: [PATCH] wpa_supplicant: allow overriding the names of the Qt4 tools +This is useful for distributions that ship different versions of Qt in +different locations. --- - wpa_supplicant/Makefile | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) + wpa_supplicant/Makefile | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) -diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile -index 371789d..56c319c 100644 --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -21,7 +21,8 @@ export LIBDIR ?= /usr/local/lib/ - export INCDIR ?= /usr/local/include/ - export BINDIR ?= /usr/local/sbin/ +@@ -35,6 +35,9 @@ export INCDIR ?= /usr/local/include + export BINDIR ?= /usr/local/sbin PKG_CONFIG ?= pkg-config -- -+LRELEASE ?= lrelease + +QMAKE ?= qmake ++LRELEASE ?= lrelease ++ CFLAGS += $(EXTRA_CFLAGS) CFLAGS += -I$(abspath ../src) CFLAGS += -I$(abspath ../src/utils) -@@ -1811,10 +1812,10 @@ wpa_gui: +@@ -2039,10 +2042,10 @@ wpa_gui: @echo "wpa_gui has been removed - see wpa_gui-qt4 for replacement" wpa_gui-qt4/Makefile: @@ -34,6 +34,3 @@ index 371789d..56c319c 100644 wpa_gui-qt4: wpa_gui-qt4/Makefile wpa_gui-qt4/lang/wpa_gui_de.qm $(MAKE) -C wpa_gui-qt4 --- -1.8.3.1 - diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index 32b9394165cb6a5893df367ff1b44c18130344fe..d6cd21fda541dbeb4794fc1165bcb6aa2073837b 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -1,7 +1,7 @@ Name: wpa_supplicant Epoch: 1 -Version: 2.6 -Release: 30 +Version: 2.10 +Release: 1 Summary: A WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN) License: BSD or GPLv2 Url: https://w1.fi/wpa_supplicant/ @@ -11,101 +11,7 @@ Source2: %{name}.conf Source3: %{name}.service Source5: %{name}.logrotate -#patches number ranging between [0,6000) are from fedora/redhat upstream -#patches number ranging between [6000,9000) are backport from higher versions, including some CVE fixes -Patch0: macsec-0001-mka-Move-structs-transmit-receive-_-sa-sc-to-a-commo.patch -Patch1: macsec-0002-mka-Pass-full-structures-down-to-macsec-drivers-pack.patch -Patch2: macsec-0003-mka-Pass-full-structures-down-to-macsec-drivers-tran.patch -Patch3: macsec-0004-mka-Pass-full-structures-down-to-macsec-drivers-rece.patch -Patch4: macsec-0005-mka-Pass-full-structures-down-to-macsec-drivers-tran.patch -Patch5: macsec-0006-mka-Pass-full-structures-down-to-macsec-drivers-rece.patch -Patch6: macsec-0007-mka-Add-driver-op-to-get-macsec-capabilities.patch -Patch7: macsec-0008-mka-Remove-channel-hacks-from-the-stack-and-the-macs.patch -Patch8: macsec-0009-mka-Sync-structs-definitions-with-IEEE-Std-802.1X-20.patch -Patch9: macsec-0010-mka-Add-support-for-removing-SAs.patch -Patch10: macsec-0011-mka-Implement-reference-counting-on-data_key.patch -Patch11: macsec-0012-mka-Fix-getting-capabilities-from-the-driver.patch -Patch12: macsec-0013-wpa_supplicant-Allow-pre-shared-CAK-CKN-pair-for-MKA.patch -Patch13: macsec-0014-mka-Disable-peer-detection-timeout-for-PSK-mode.patch -Patch14: macsec-0015-wpa_supplicant-Add-macsec_integ_only-setting-for-MKA.patch -Patch15: macsec-0016-mka-Add-enable_encrypt-op-and-call-it-from-CP-state-.patch -Patch16: macsec-0017-wpa_supplicant-Allow-configuring-the-MACsec-port-for.patch -Patch17: macsec-0018-drivers-Move-common-definitions-for-wired-drivers-ou.patch -Patch18: macsec-0019-drivers-Move-wired_multicast_membership-to-a-common-.patch -Patch19: macsec-0020-drivers-Move-driver_wired_multi-to-a-common-file.patch -Patch20: macsec-0021-drivers-Move-driver_wired_get_ifflags-to-a-common-fi.patch -Patch21: macsec-0022-drivers-Move-driver_wired_set_ifflags-to-a-common-fi.patch -Patch22: macsec-0023-drivers-Move-driver_wired_get_ifstatus-to-a-common-f.patch -Patch23: macsec-0024-drivers-Move-driver_wired_init_common-to-a-common-fi.patch -Patch24: macsec-0025-drivers-Move-driver_wired_deinit_common-to-a-common-.patch -Patch25: macsec-0026-drivers-Move-driver_wired_get_capa-to-a-common-file.patch -Patch26: macsec-0027-drivers-Move-driver_wired_get_bssid-to-a-common-file.patch -Patch27: macsec-0028-drivers-Move-driver_wired_get_ssid-to-a-common-file.patch -Patch28: macsec-0029-macsec_linux-Add-a-driver-for-macsec-on-Linux-kernel.patch -Patch29: macsec-0030-mka-Remove-references-to-macsec_qca-from-wpa_supplic.patch -Patch30: macsec-0031-PAE-Make-KaY-specific-details-available-via-control-.patch -Patch31: macsec-0032-mka-Make-MKA-actor-priority-configurable.patch -Patch32: macsec-0033-mka-Fix-an-incorrect-update-of-participant-to_use_sa.patch -Patch33: macsec-0034-mka-Some-bug-fixes-for-MACsec-in-PSK-mode.patch -Patch34: macsec-0035-mka-Send-MKPDUs-forever-if-mode-is-PSK.patch -Patch35: macsec-0036-mka-Fix-the-order-of-operations-in-secure-channel-de.patch -Patch36: macsec-0037-mka-Fix-use-after-free-when-receive-secure-channels-.patch -Patch37: macsec-0038-mka-Fix-use-after-free-when-transmit-secure-channels.patch -Patch38: macsec-0039-macsec_linux-Fix-NULL-pointer-dereference-on-error-c.patch -Patch39: rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch -Patch40: rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch -Patch41: rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch -Patch42: rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch -Patch43: rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch -Patch44: rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch -Patch45: rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch -Patch46: rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch -Patch47: rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch -Patch48: rh1462262-use-system-openssl-ciphers.patch -Patch49: rh1465138-openssl-Fix-openssl-1-1-private-key-callback.patch -Patch50: rh1497640-mka-add-error-handling-for-secy_init_macsec.patch -Patch51: rh1497640-pae-validate-input-before-pointer.patch -Patch52: rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch -Patch53: rh1570903-nl80211-Fix-NL80211_ATTR_SMPS_MODE-encoding.patch -Patch54: CVE-2019-9496-SAE-Fix-confirm-message-validation-in-error-cases.patch -Patch55: CVE-2019-9494-1.patch -Patch56: CVE-2019-9494-2.patch -Patch57: CVE-2019-9494-3.patch -Patch58: CVE-2019-9494-4.patch -Patch59: CVE-2019-9494-5.patch -Patch60: CVE-2019-9494-6.patch -Patch61: CVE-2019-9494-7.patch -Patch62: CVE-2019-9494-8.patch -Patch63: CVE-2019-16275.patch -Patch64: CVE-2019-9497.patch -Patch65: CVE-2019-9498-and-CVE-2019-9499.patch -Patch66: CVE-2019-11555-1.patch -Patch67: CVE-2019-11555-2.patch -Patch68: rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch -Patch69: CVE-2019-9499.patch -Patch70: CVE-2019-9495-pre1.patch -Patch71: CVE-2019-9495-pre2.patch -Patch72: CVE-2019-9495-pre3.patch -Patch73: CVE-2019-9495.patch -Patch74: CVE-2019-13377-1.patch -Patch75: CVE-2019-13377-2-pre1.patch -Patch76: CVE-2019-13377-2-pre.patch -Patch77: CVE-2019-13377-2.patch -Patch78: CVE-2019-13377-3.patch -Patch79: CVE-2019-13377-4.patch -Patch80: CVE-2019-13377-5.patch -Patch81: CVE-2019-13377-6-pre.patch -Patch82: CVE-2019-13377-6.patch -Patch83: add-options-of-wpa_supplicant-service.patch -Patch84: allow-to-override-names-of-qt4-tools.patch -Patch85: CVE-2021-27803.patch -Patch86: CVE-2021-0326.patch -Patch87: backport-Add-support-for-wolfSSL-cryptographic-library.patch -Patch88: backport-Share-common-SAE-and-EAP-pwd-functionality-suitable-.patch -Patch89: backport-0001-CVE-2022-23303-CVE-2022-23304.patch -Patch90: backport-0002-CVE-2022-23303-CVE-2022-23304.patch -Patch91: backport-0003-CVE-2022-23303-CVE-2022-23304.patch -Patch92: backport-0004-CVE-2022-23303-CVE-2022-23304.patch +Patch6000: wpa_supplicant-gui-qt4.patch BuildRequires: qt-devel >= 4.0 openssl-devel readline-devel dbus-devel libnl3-devel systemd-units docbook-utils Requires(post): systemd-sysv @@ -162,7 +68,6 @@ install -m755 %{name}/{wpa_passphrase,wpa_cli,wpa_supplicant,eapol_test} %{build install -Dm644 %{name}/dbus/dbus-wpa_supplicant.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/wpa_supplicant.conf install -Dm644 %{name}/dbus/fi.w1.wpa_supplicant1.service %{buildroot}%{_datadir}/dbus-1/system-services/fi.w1.wpa_supplicant1.service -install -Dm644 %{name}/dbus/fi.epitest.hostap.WPASupplicant.service %{buildroot}%{_datadir}/dbus-1/system-services/fi.epitest.hostap.WPASupplicant.service install -Dm755 %{name}/wpa_gui-qt4/wpa_gui %{buildroot}/%{_bindir}/wpa_gui @@ -182,7 +87,6 @@ install -m644 %{name}/doc/docbook/*.5 %{buildroot}%{_mandir}/man5 %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %{_unitdir}/%{name}.service %{_sysconfdir}/dbus-1/system.d/%{name}.conf -%{_datadir}/dbus-1/system-services/fi.epitest.hostap.WPASupplicant.service %{_datadir}/dbus-1/system-services/fi.w1.wpa_supplicant1.service %{_sbindir}/wpa_passphrase %{_sbindir}/wpa_supplicant @@ -199,6 +103,9 @@ install -m644 %{name}/doc/docbook/*.5 %{buildroot}%{_mandir}/man5 %{_mandir}/man5/* %changelog +* Thu Mar 31 2022 yuanxin - 1:2.10-1 +- update version to 2.10 + * Wed Jan 26 2022 shixuantong - 1:2.6-30 - Type:cves - ID:CVE-2022-23303 CVE-2022-23304