From 3f7a8f66a59b3665b8502730066ece6e25390810 Mon Sep 17 00:00:00 2001
From: zhangxianting <zhangxianting@uniontech.com>
Date: Fri, 9 Aug 2024 12:19:10 +0800
Subject: [PATCH] fix CVE-2024-5290

(cherry picked from commit 8bfb0448be96a2785af24ce33b3c08212276e893)
---
 backport-CVE-2024-5290.patch | 34 ++++++++++++++++++++++++++++++++++
 wpa_supplicant.spec          |  9 ++++++++-
 2 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2024-5290.patch

diff --git a/backport-CVE-2024-5290.patch b/backport-CVE-2024-5290.patch
new file mode 100644
index 0000000..77722d9
--- /dev/null
+++ b/backport-CVE-2024-5290.patch
@@ -0,0 +1,34 @@
+https://github.com/deepin-community/wpa/commit/512af510f0ae65392ff128008252fa37fbafa26b
+Description: slow certification.
+ When using PEAP certification, the server may use Identity's Request message
+ as a heartbeat; there will be many clients on the Internet to send address
+ 01: 80: C2: 00: 03 Identity's Response message as a heartbeat; at this time
+ When a client is broken and reconnect, it is easy to receive this message,
+ resulting in triggering restart of EAPOL authentication, resulting in a slow
+ authentication. So Ignore the response message in the Connecting state.
+
+Author: xinpeng wang <wangxinpeng@uniontech.com>
+
+
+Origin: https://gerrit.uniontech.com/plugins/gitiles/base/wpa/+/accd188752a1b2656a92dabca48616cb9889f386
+Bug: https://pms.uniontech.com/zentao/bug-view-105383.html
+Last-Update: 2022-05-19
+
+--- wpa-2.10.orig/src/eapol_supp/eapol_supp_sm.c
++++ wpa-2.10/src/eapol_supp/eapol_supp_sm.c
+@@ -1357,6 +1357,15 @@ int eapol_sm_rx_eapol(struct eapol_sm *s
+ 				break;
+ 			}
+ 		}
++		{
++			const struct eap_hdr *ehdr =
++				(const struct eap_hdr *) (hdr + 1);
++			if (plen >= sizeof(*ehdr) && ehdr->code == EAP_CODE_RESPONSE &&
++				sm->SUPP_PAE_state == SUPP_PAE_CONNECTING) {
++				wpa_printf(MSG_DEBUG, "EAPOL: Ignore EAP packet with response when connecting workaround %d",sm->conf.workaround);
++				break;
++			}
++		}
+
+ 		if (sm->cached_pmk) {
+ 			/* Trying to use PMKSA caching, but Authenticator did
diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec
index c3adac5..dd5a155 100644
--- a/wpa_supplicant.spec
+++ b/wpa_supplicant.spec
@@ -1,7 +1,7 @@
 Name:          wpa_supplicant
 Epoch:         1
 Version:       2.6
-Release:       31
+Release:       32
 Summary:       A WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN)
 License:       BSD or GPLv2
 Url:           https://w1.fi/wpa_supplicant/
@@ -107,6 +107,7 @@ Patch90:       backport-0002-CVE-2022-23303-CVE-2022-23304.patch
 Patch91:       backport-0003-CVE-2022-23303-CVE-2022-23304.patch
 Patch92:       backport-0004-CVE-2022-23303-CVE-2022-23304.patch
 Patch93:       CVE-2023-52160.patch
+Patch94:       backport-CVE-2024-5290.patch
 
 BuildRequires: qt-devel >= 4.0 openssl-devel readline-devel dbus-devel libnl3-devel systemd-units docbook-utils
 Requires(post): systemd-sysv
@@ -200,6 +201,12 @@ install -m644 %{name}/doc/docbook/*.5 %{buildroot}%{_mandir}/man5
 %{_mandir}/man5/*
 
 %changelog
+* Fri Aug 09 2024 zhangxianting <zhangxianting@uniontech.com> - 1:2.6-32
+- Type:cves
+- ID:CVE-2024-5290
+- SUG:NA
+- DESC:fix CVE-2024-5290
+
 * Thu Apr 25 2024 dillon chen <dillon.chen@gmail.com> - 1:2.6-31
 - Type:cves
 - ID:CVE-2023-52160
-- 
Gitee