From 245a3780dfc05bbee682867003e2e29ab6457a61 Mon Sep 17 00:00:00 2001 From: Yafen Date: Fri, 27 Dec 2024 11:19:07 +0800 Subject: [PATCH] Revert commit breaking authentication on brcmfmac (cherry picked from commit 27bbe6b010b52ef68728ccd6389f02ab2bf4b3d3) --- ...orization-completed-on-driver-indica.patch | 50 +++++++++++++++++++ wpa_supplicant.spec | 6 ++- 2 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch diff --git a/wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch b/wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch new file mode 100644 index 0000000..b42cba1 --- /dev/null +++ b/wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch @@ -0,0 +1,50 @@ +From 2514856652f9a393e505d542cb8f039f8bac10f5 Mon Sep 17 00:00:00 2001 +From: Janne Grunau +Date: Sun, 4 Aug 2024 13:24:42 +0200 +Subject: [PATCH 1/1] Revert "Mark authorization completed on driver indication + during 4-way HS offload" + +This reverts commit 41638606054a09867fe3f9a2b5523aa4678cbfa5. +--- + wpa_supplicant/events.c | 25 ++++++++----------------- + 1 file changed, 8 insertions(+), 17 deletions(-) + +diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c +index 46e7cf1ab..7b3ef7205 100644 +--- a/wpa_supplicant/events.c ++++ b/wpa_supplicant/events.c +@@ -4441,23 +4441,14 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, + eapol_sm_notify_eap_success(wpa_s->eapol, true); + } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && + wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { +- if (already_authorized) { +- /* +- * We are done; the driver will take care of RSN 4-way +- * handshake. +- */ +- wpa_supplicant_cancel_auth_timeout(wpa_s); +- wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); +- eapol_sm_notify_portValid(wpa_s->eapol, true); +- eapol_sm_notify_eap_success(wpa_s->eapol, true); +- } else { +- /* Update port, WPA_COMPLETED state from the +- * EVENT_PORT_AUTHORIZED handler when the driver is done +- * with the 4-way handshake. +- */ +- wpa_msg(wpa_s, MSG_DEBUG, +- "ASSOC INFO: wait for driver port authorized indication"); +- } ++ /* ++ * We are done; the driver will take care of RSN 4-way ++ * handshake. ++ */ ++ wpa_supplicant_cancel_auth_timeout(wpa_s); ++ wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); ++ eapol_sm_notify_portValid(wpa_s->eapol, true); ++ eapol_sm_notify_eap_success(wpa_s->eapol, true); + } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && + wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { + /* +-- +2.45.2 + diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index ba79649..57fc9e1 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -1,7 +1,7 @@ Name: wpa_supplicant Epoch: 1 Version: 2.11 -Release: 2 +Release: 3 Summary: A WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN) License: BSD-3-Clause Url: https://w1.fi/wpa_supplicant/ @@ -17,6 +17,7 @@ Patch6000: wpa_supplicant-gui-qt4.patch Patch6001: Add-clang-support-for-qmake.patch %endif Patch6002: backport-CVE-2024-5290.patch +Patch1: wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch %ifarch loongarch64 BuildRequires: /usr/bin/qmake @@ -119,6 +120,9 @@ install -m644 %{name}/doc/docbook/*.5 %{buildroot}%{_mandir}/man5 %{_mandir}/man5/* %changelog +* Fri Dec 27 2024 Yafen Fang - 1:2.11-3 +- Revert commit breaking authentication on brcmfmac + * Fri Aug 9 2024 zhangxianting - 1:2.11-2 - fix CVE-2024-5290 -- Gitee