diff --git a/wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch b/wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch new file mode 100644 index 0000000000000000000000000000000000000000..b42cba1088ddd6379d0fa85c8f94415804171e34 --- /dev/null +++ b/wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch @@ -0,0 +1,50 @@ +From 2514856652f9a393e505d542cb8f039f8bac10f5 Mon Sep 17 00:00:00 2001 +From: Janne Grunau +Date: Sun, 4 Aug 2024 13:24:42 +0200 +Subject: [PATCH 1/1] Revert "Mark authorization completed on driver indication + during 4-way HS offload" + +This reverts commit 41638606054a09867fe3f9a2b5523aa4678cbfa5. +--- + wpa_supplicant/events.c | 25 ++++++++----------------- + 1 file changed, 8 insertions(+), 17 deletions(-) + +diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c +index 46e7cf1ab..7b3ef7205 100644 +--- a/wpa_supplicant/events.c ++++ b/wpa_supplicant/events.c +@@ -4441,23 +4441,14 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, + eapol_sm_notify_eap_success(wpa_s->eapol, true); + } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && + wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { +- if (already_authorized) { +- /* +- * We are done; the driver will take care of RSN 4-way +- * handshake. +- */ +- wpa_supplicant_cancel_auth_timeout(wpa_s); +- wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); +- eapol_sm_notify_portValid(wpa_s->eapol, true); +- eapol_sm_notify_eap_success(wpa_s->eapol, true); +- } else { +- /* Update port, WPA_COMPLETED state from the +- * EVENT_PORT_AUTHORIZED handler when the driver is done +- * with the 4-way handshake. +- */ +- wpa_msg(wpa_s, MSG_DEBUG, +- "ASSOC INFO: wait for driver port authorized indication"); +- } ++ /* ++ * We are done; the driver will take care of RSN 4-way ++ * handshake. ++ */ ++ wpa_supplicant_cancel_auth_timeout(wpa_s); ++ wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); ++ eapol_sm_notify_portValid(wpa_s->eapol, true); ++ eapol_sm_notify_eap_success(wpa_s->eapol, true); + } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && + wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { + /* +-- +2.45.2 + diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index ba79649a66c9cbae256c83822fe588571e2a624b..57fc9e1f4427f58723d7056c83a872b7f988de69 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -1,7 +1,7 @@ Name: wpa_supplicant Epoch: 1 Version: 2.11 -Release: 2 +Release: 3 Summary: A WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN) License: BSD-3-Clause Url: https://w1.fi/wpa_supplicant/ @@ -17,6 +17,7 @@ Patch6000: wpa_supplicant-gui-qt4.patch Patch6001: Add-clang-support-for-qmake.patch %endif Patch6002: backport-CVE-2024-5290.patch +Patch1: wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch %ifarch loongarch64 BuildRequires: /usr/bin/qmake @@ -119,6 +120,9 @@ install -m644 %{name}/doc/docbook/*.5 %{buildroot}%{_mandir}/man5 %{_mandir}/man5/* %changelog +* Fri Dec 27 2024 Yafen Fang - 1:2.11-3 +- Revert commit breaking authentication on brcmfmac + * Fri Aug 9 2024 zhangxianting - 1:2.11-2 - fix CVE-2024-5290