From 55f8cb2c8238d0f147bf3388d661005a6685e915 Mon Sep 17 00:00:00 2001
From: zhangxianting <zhangxianting@uniontech.com>
Date: Fri, 9 Aug 2024 08:52:22 +0800
Subject: [PATCH] fix CVE-2024-5290

---
 backport-CVE-2024-5290.patch | 34 ++++++++++++++++++++++++++++++++++
 wpa_supplicant.spec          |  6 +++++-
 2 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2024-5290.patch

diff --git a/backport-CVE-2024-5290.patch b/backport-CVE-2024-5290.patch
new file mode 100644
index 0000000..77722d9
--- /dev/null
+++ b/backport-CVE-2024-5290.patch
@@ -0,0 +1,34 @@
+https://github.com/deepin-community/wpa/commit/512af510f0ae65392ff128008252fa37fbafa26b
+Description: slow certification.
+ When using PEAP certification, the server may use Identity's Request message
+ as a heartbeat; there will be many clients on the Internet to send address
+ 01: 80: C2: 00: 03 Identity's Response message as a heartbeat; at this time
+ When a client is broken and reconnect, it is easy to receive this message,
+ resulting in triggering restart of EAPOL authentication, resulting in a slow
+ authentication. So Ignore the response message in the Connecting state.
+
+Author: xinpeng wang <wangxinpeng@uniontech.com>
+
+
+Origin: https://gerrit.uniontech.com/plugins/gitiles/base/wpa/+/accd188752a1b2656a92dabca48616cb9889f386
+Bug: https://pms.uniontech.com/zentao/bug-view-105383.html
+Last-Update: 2022-05-19
+
+--- wpa-2.10.orig/src/eapol_supp/eapol_supp_sm.c
++++ wpa-2.10/src/eapol_supp/eapol_supp_sm.c
+@@ -1357,6 +1357,15 @@ int eapol_sm_rx_eapol(struct eapol_sm *s
+ 				break;
+ 			}
+ 		}
++		{
++			const struct eap_hdr *ehdr =
++				(const struct eap_hdr *) (hdr + 1);
++			if (plen >= sizeof(*ehdr) && ehdr->code == EAP_CODE_RESPONSE &&
++				sm->SUPP_PAE_state == SUPP_PAE_CONNECTING) {
++				wpa_printf(MSG_DEBUG, "EAPOL: Ignore EAP packet with response when connecting workaround %d",sm->conf.workaround);
++				break;
++			}
++		}
+
+ 		if (sm->cached_pmk) {
+ 			/* Trying to use PMKSA caching, but Authenticator did
diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec
index 09988de..6b5b4d9 100644
--- a/wpa_supplicant.spec
+++ b/wpa_supplicant.spec
@@ -1,7 +1,7 @@
 Name:          wpa_supplicant
 Epoch:         1
 Version:       2.10
-Release:       6
+Release:       7
 Summary:       A WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN)
 License:       BSD or GPLv2
 Url:           https://w1.fi/wpa_supplicant/
@@ -19,6 +19,7 @@ Patch6000:     wpa_supplicant-gui-qt4.patch
 %if "%{?toolchain}" == "clang"
 Patch6001:     Add-clang-support-for-qmake.patch
 %endif
+Patch6002:     backport-CVE-2024-5290.patch
 
 %ifarch loongarch64
 BuildRequires: /usr/bin/qmake
@@ -121,6 +122,9 @@ install -m644 %{name}/doc/docbook/*.5 %{buildroot}%{_mandir}/man5
 %{_mandir}/man5/*
 
 %changelog
+* Fri Aug  9 2024 zhangxianting <zhangxianting@uniontech.com> - 1:2.10-7
+- fix CVE-2024-5290
+
 * Wed May 29 2024 Wenlong Zhang <zhangwenlong@loongson.cn> - 1:2.10-6
 - fix build error for loongarch64
 
-- 
Gitee