$ git diff --patch-with-stat --summary b47edc195c9dcfddfe6360f2d87348b250f65019..718e9b6172a7a67867cf9f7fb716a619d4bd0d23
.abf.yml | 2 +-
...-Avoid-key-reinstallation-in-FT-handshake.patch | 174 --------
...nstallation-of-an-already-in-use-group-ke.patch | 250 -----------
...ection-of-GTK-IGTK-reinstallation-of-WNM-.patch | 184 --------
0004-Prevent-installation-of-an-all-zero-TK.patch | 79 ----
...Fix-PTK-rekeying-to-generate-a-new-ANonce.patch | 64 ---
0006-TDLS-Reject-TPK-TK-reconfiguration.patch | 132 ------
...WNM-Sleep-Mode-Response-without-pending-r.patch | 43 --
...llow-multiple-Reassociation-Response-fram.patch | 82 ----
wpa_supplicant-0.6.3-WEP232.patch | 12 -
...3-copy-wpa_scan_results_free-for-wpa_priv.patch | 22 -
...fix-wpa_priv-eloop_signal_handler-casting.patch | 11 -
...do-not-call-dbus-functions-with-NULL-path.patch | 24 -
...supplicant-1.0-mdv-dbus-service-file-args.patch | 20 -
...supplicant-1.0-mga-dbus-service-file-args.patch | 20 +
wpa_supplicant-2.2-omv-defconfig.patch | 103 ++---
wpa_supplicant-2.5-openssl-1.1.patch | 484 ---------------------
wpa_supplicant-2.7-fix-undefined-remove-ie.patch | 38 ++
wpa_supplicant-assoc-timeout.patch | 16 -
wpa_supplicant-quiet-scan-results-message.patch | 12 -
...supplicant-squelch-driver-disconnect-spam.patch | 96 ----
wpa_supplicant.spec | 61 +--
22 files changed, 105 insertions(+), 1824 deletions(-)
delete mode 100644 0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
delete mode 100644 0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
delete mode 100644 0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
delete mode 100644 0004-Prevent-installation-of-an-all-zero-TK.patch
delete mode 100644 0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
delete mode 100644 0006-TDLS-Reject-TPK-TK-reconfiguration.patch
delete mode 100644 0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
delete mode 100644 0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
delete mode 100644 wpa_supplicant-0.6.3-WEP232.patch
delete mode 100644 wpa_supplicant-0.7.3-copy-wpa_scan_results_free-for-wpa_priv.patch
delete mode 100644 wpa_supplicant-0.7.3-fix-wpa_priv-eloop_signal_handler-casting.patch
delete mode 100644 wpa_supplicant-1.0-do-not-call-dbus-functions-with-NULL-path.patch
delete mode 100644 wpa_supplicant-1.0-mdv-dbus-service-file-args.patch
create mode 100644 wpa_supplicant-1.0-mga-dbus-service-file-args.patch
delete mode 100644 wpa_supplicant-2.5-openssl-1.1.patch
create mode 100644 wpa_supplicant-2.7-fix-undefined-remove-ie.patch
delete mode 100644 wpa_supplicant-assoc-timeout.patch
delete mode 100644 wpa_supplicant-quiet-scan-results-message.patch
delete mode 100644 wpa_supplicant-squelch-driver-disconnect-spam.patch
diff --git a/.abf.yml b/.abf.yml
index fc93d4f..7065149 100644
--- a/.abf.yml
+++ b/.abf.yml
@@ -1,2 +1,2 @@
sources:
- wpa_supplicant-2.6.tar.gz: 8189704e257c3e9f8300c49dc6e49a381b1d6299
+ wpa_supplicant-2.7.tar.gz: 3c3c2c6bc493fb32b919d9b410768324f3729e25
diff --git a/0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch b/0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644
index 7276848..0000000
--- a/0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
----
- src/ap/ieee802_11.c | 16 +++++++++++++---
- src/ap/wpa_auth.c | 11 +++++++++++
- src/ap/wpa_auth.h | 3 ++-
- src/ap/wpa_auth_ft.c | 10 ++++++++++
- src/ap/wpa_auth_i.h | 1 +
- 5 files changed, 37 insertions(+), 4 deletions(-)
-
-diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
-index 4e04169..333035f 100644
---- a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
- {
- struct ieee80211_ht_capabilities ht_cap;
- struct ieee80211_vht_capabilities vht_cap;
-+ int set = 1;
-
- /*
- * Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
- * FT-over-the-DS, where a station re-associates back to the same AP but
- * skips the authentication flow, or if working with a driver that
- * does not support full AP client state.
-+ *
-+ * Skip this if the STA has already completed FT reassociation and the
-+ * TK has been configured since the TX/RX PN must not be reset to 0 for
-+ * the same key.
- */
-- if (!sta->added_unassoc)
-+ if (!sta->added_unassoc &&
-+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+ set = 0;
-+ }
-
- #ifdef CONFIG_IEEE80211N
- if (sta->flags & WLAN_STA_HT)
-@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data *hapd,
- sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
- sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
- sta->vht_opmode, sta->p2p_ie ? 1 : 0,
-- sta->added_unassoc)) {
-+ set)) {
- hostapd_logger(hapd, sta->addr,
- HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
- "Could not %s STA to kernel driver",
-- sta->added_unassoc ? "set" : "add");
-+ set ? "set" : "add");
-
- if (sta->added_unassoc) {
- hostapd_drv_sta_remove(hapd, sta->addr);
-diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
-index 3587086..707971d 100644
---- a/src/ap/wpa_auth.c
-+++ b/src/ap/wpa_auth.c
-@@ -1745,6 +1745,9 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
- #else /* CONFIG_IEEE80211R */
- break;
- #endif /* CONFIG_IEEE80211R */
-+ case WPA_DRV_STA_REMOVED:
-+ sm->tk_already_set = FALSE;
-+ return 0;
- }
-
- #ifdef CONFIG_IEEE80211R
-@@ -3250,6 +3253,14 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm)
- }
-
-
-+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm)
-+{
-+ if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt))
-+ return 0;
-+ return sm->tk_already_set;
-+}
-+
-+
- int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
- struct rsn_pmksa_cache_entry *entry)
- {
-diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
-index 0de8d97..97461b0 100644
---- a/src/ap/wpa_auth.h
-+++ b/src/ap/wpa_auth.h
-@@ -267,7 +267,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
- u8 *data, size_t data_len);
- enum wpa_event {
- WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
-- WPA_REAUTH_EAPOL, WPA_ASSOC_FT
-+ WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_DRV_STA_REMOVED
- };
- void wpa_remove_ptk(struct wpa_state_machine *sm);
- int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event);
-@@ -280,6 +280,7 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm);
- int wpa_auth_get_pairwise(struct wpa_state_machine *sm);
- int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
- int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
-+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm);
- int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
- struct rsn_pmksa_cache_entry *entry);
- struct rsn_pmksa_cache_entry *
-diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
-index 42242a5..e63b99a 100644
---- a/src/ap/wpa_auth_ft.c
-+++ b/src/ap/wpa_auth_ft.c
-@@ -780,6 +780,14 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
- return;
- }
-
-+ if (sm->tk_already_set) {
-+ /* Must avoid TK reconfiguration to prevent clearing of TX/RX
-+ * PN in the driver */
-+ wpa_printf(MSG_DEBUG,
-+ "FT: Do not re-install same PTK to the driver");
-+ return;
-+ }
-+
- /* FIX: add STA entry to kernel/driver here? The set_key will fail
- * most likely without this.. At the moment, STA entry is added only
- * after association has been completed. This function will be called
-@@ -792,6 +800,7 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
-
- /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
- sm->pairwise_set = TRUE;
-+ sm->tk_already_set = TRUE;
- }
-
-
-@@ -898,6 +907,7 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm,
-
- sm->pairwise = pairwise;
- sm->PTK_valid = TRUE;
-+ sm->tk_already_set = FALSE;
- wpa_ft_install_ptk(sm);
-
- buflen = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
-diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
-index 72b7eb3..7fd8f05 100644
---- a/src/ap/wpa_auth_i.h
-+++ b/src/ap/wpa_auth_i.h
-@@ -65,6 +65,7 @@ struct wpa_state_machine {
- struct wpa_ptk PTK;
- Boolean PTK_valid;
- Boolean pairwise_set;
-+ Boolean tk_already_set;
- int keycount;
- Boolean Pair;
- struct wpa_key_replay_counter {
---
-2.7.4
-
diff --git a/0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch b/0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
deleted file mode 100644
index 1802d66..0000000
--- a/0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
+++ /dev/null
@@ -1,250 +0,0 @@
-From 927f891007c402fefd1ff384645b3f07597c3ede Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
-Date: Wed, 12 Jul 2017 16:03:24 +0200
-Subject: [PATCH 2/8] Prevent reinstallation of an already in-use group key
-
-Track the current GTK and IGTK that is in use and when receiving a
-(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do
-not install the given key if it is already in use. This prevents an
-attacker from trying to trick the client into resetting or lowering the
-sequence counter associated to the group key.
-
-Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
----
- src/common/wpa_common.h | 11 +++++
- src/rsn_supp/wpa.c | 116 ++++++++++++++++++++++++++++++------------------
- src/rsn_supp/wpa_i.h | 4 ++
- 3 files changed, 87 insertions(+), 44 deletions(-)
-
-diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
-index af1d0f0..d200285 100644
---- a/src/common/wpa_common.h
-+++ b/src/common/wpa_common.h
-@@ -217,6 +217,17 @@ struct wpa_ptk {
- size_t tk_len;
- };
-
-+struct wpa_gtk {
-+ u8 gtk[WPA_GTK_MAX_LEN];
-+ size_t gtk_len;
-+};
-+
-+#ifdef CONFIG_IEEE80211W
-+struct wpa_igtk {
-+ u8 igtk[WPA_IGTK_MAX_LEN];
-+ size_t igtk_len;
-+};
-+#endif /* CONFIG_IEEE80211W */
-
- /* WPA IE version 1
- * 00-50-f2:1 (OUI:OUI type)
-diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
-index 3c47879..95bd7be 100644
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -714,6 +714,15 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
- const u8 *_gtk = gd->gtk;
- u8 gtk_buf[32];
-
-+ /* Detect possible key reinstallation */
-+ if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
-+ os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
-+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-+ "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
-+ gd->keyidx, gd->tx, gd->gtk_len);
-+ return 0;
-+ }
-+
- wpa_hexdump_key(MSG_DEBUG, "WPA: Group Key", gd->gtk, gd->gtk_len);
- wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
- "WPA: Installing GTK to the driver (keyidx=%d tx=%d len=%d)",
-@@ -748,6 +757,9 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
- }
- os_memset(gtk_buf, 0, sizeof(gtk_buf));
-
-+ sm->gtk.gtk_len = gd->gtk_len;
-+ os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
-+
- return 0;
- }
-
-@@ -854,6 +866,48 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
- }
-
-
-+#ifdef CONFIG_IEEE80211W
-+static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
-+ const struct wpa_igtk_kde *igtk)
-+{
-+ size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
-+ u16 keyidx = WPA_GET_LE16(igtk->keyid);
-+
-+ /* Detect possible key reinstallation */
-+ if (sm->igtk.igtk_len == len &&
-+ os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
-+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-+ "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
-+ keyidx);
-+ return 0;
-+ }
-+
-+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-+ "WPA: IGTK keyid %d pn %02x%02x%02x%02x%02x%02x",
-+ keyidx, MAC2STR(igtk->pn));
-+ wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", igtk->igtk, len);
-+ if (keyidx > 4095) {
-+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-+ "WPA: Invalid IGTK KeyID %d", keyidx);
-+ return -1;
-+ }
-+ if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
-+ broadcast_ether_addr,
-+ keyidx, 0, igtk->pn, sizeof(igtk->pn),
-+ igtk->igtk, len) < 0) {
-+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-+ "WPA: Failed to configure IGTK to the driver");
-+ return -1;
-+ }
-+
-+ sm->igtk.igtk_len = len;
-+ os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
-+
-+ return 0;
-+}
-+#endif /* CONFIG_IEEE80211W */
-+
-+
- static int ieee80211w_set_keys(struct wpa_sm *sm,
- struct wpa_eapol_ie_parse *ie)
- {
-@@ -864,30 +918,14 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
- if (ie->igtk) {
- size_t len;
- const struct wpa_igtk_kde *igtk;
-- u16 keyidx;
-+
- len = wpa_cipher_key_len(sm->mgmt_group_cipher);
- if (ie->igtk_len != WPA_IGTK_KDE_PREFIX_LEN + len)
- return -1;
-+
- igtk = (const struct wpa_igtk_kde *) ie->igtk;
-- keyidx = WPA_GET_LE16(igtk->keyid);
-- wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: IGTK keyid %d "
-- "pn %02x%02x%02x%02x%02x%02x",
-- keyidx, MAC2STR(igtk->pn));
-- wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK",
-- igtk->igtk, len);
-- if (keyidx > 4095) {
-- wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-- "WPA: Invalid IGTK KeyID %d", keyidx);
-- return -1;
-- }
-- if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
-- broadcast_ether_addr,
-- keyidx, 0, igtk->pn, sizeof(igtk->pn),
-- igtk->igtk, len) < 0) {
-- wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-- "WPA: Failed to configure IGTK to the driver");
-+ if (wpa_supplicant_install_igtk(sm, igtk) < 0)
- return -1;
-- }
- }
-
- return 0;
-@@ -2307,7 +2345,7 @@ void wpa_sm_deinit(struct wpa_sm *sm)
- */
- void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
- {
-- int clear_ptk = 1;
-+ int clear_keys = 1;
-
- if (sm == NULL)
- return;
-@@ -2333,11 +2371,11 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
- /* Prepare for the next transition */
- wpa_ft_prepare_auth_request(sm, NULL);
-
-- clear_ptk = 0;
-+ clear_keys = 0;
- }
- #endif /* CONFIG_IEEE80211R */
-
-- if (clear_ptk) {
-+ if (clear_keys) {
- /*
- * IEEE 802.11, 8.4.10: Delete PTK SA on (re)association if
- * this is not part of a Fast BSS Transition.
-@@ -2347,6 +2385,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
- os_memset(&sm->ptk, 0, sizeof(sm->ptk));
- sm->tptk_set = 0;
- os_memset(&sm->tptk, 0, sizeof(sm->tptk));
-+ os_memset(&sm->gtk, 0, sizeof(sm->gtk));
-+#ifdef CONFIG_IEEE80211W
-+ os_memset(&sm->igtk, 0, sizeof(sm->igtk));
-+#endif /* CONFIG_IEEE80211W */
- }
-
- #ifdef CONFIG_TDLS
-@@ -2877,6 +2919,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
- os_memset(sm->pmk, 0, sizeof(sm->pmk));
- os_memset(&sm->ptk, 0, sizeof(sm->ptk));
- os_memset(&sm->tptk, 0, sizeof(sm->tptk));
-+ os_memset(&sm->gtk, 0, sizeof(sm->gtk));
-+#ifdef CONFIG_IEEE80211W
-+ os_memset(&sm->igtk, 0, sizeof(sm->igtk));
-+#endif /* CONFIG_IEEE80211W */
- #ifdef CONFIG_IEEE80211R
- os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
- os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0));
-@@ -2949,29 +2995,11 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
- os_memset(&gd, 0, sizeof(gd));
- #ifdef CONFIG_IEEE80211W
- } else if (subelem_id == WNM_SLEEP_SUBELEM_IGTK) {
-- struct wpa_igtk_kde igd;
-- u16 keyidx;
--
-- os_memset(&igd, 0, sizeof(igd));
-- keylen = wpa_cipher_key_len(sm->mgmt_group_cipher);
-- os_memcpy(igd.keyid, buf + 2, 2);
-- os_memcpy(igd.pn, buf + 4, 6);
--
-- keyidx = WPA_GET_LE16(igd.keyid);
-- os_memcpy(igd.igtk, buf + 10, keylen);
--
-- wpa_hexdump_key(MSG_DEBUG, "Install IGTK (WNM SLEEP)",
-- igd.igtk, keylen);
-- if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
-- broadcast_ether_addr,
-- keyidx, 0, igd.pn, sizeof(igd.pn),
-- igd.igtk, keylen) < 0) {
-- wpa_printf(MSG_DEBUG, "Failed to install the IGTK in "
-- "WNM mode");
-- os_memset(&igd, 0, sizeof(igd));
-+ const struct wpa_igtk_kde *igtk;
-+
-+ igtk = (const struct wpa_igtk_kde *) (buf + 2);
-+ if (wpa_supplicant_install_igtk(sm, igtk) < 0)
- return -1;
-- }
-- os_memset(&igd, 0, sizeof(igd));
- #endif /* CONFIG_IEEE80211W */
- } else {
- wpa_printf(MSG_DEBUG, "Unknown element id");
-diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
-index f653ba6..afc9e37 100644
---- a/src/rsn_supp/wpa_i.h
-+++ b/src/rsn_supp/wpa_i.h
-@@ -31,6 +31,10 @@ struct wpa_sm {
- u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
- int rx_replay_counter_set;
- u8 request_counter[WPA_REPLAY_COUNTER_LEN];
-+ struct wpa_gtk gtk;
-+#ifdef CONFIG_IEEE80211W
-+ struct wpa_igtk igtk;
-+#endif /* CONFIG_IEEE80211W */
-
- struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
-
---
-2.7.4
-
diff --git a/0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch b/0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
deleted file mode 100644
index e2937b8..0000000
--- a/0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
+++ /dev/null
@@ -1,184 +0,0 @@
-From 8280294e74846ea342389a0cd17215050fa5afe8 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sun, 1 Oct 2017 12:12:24 +0300
-Subject: [PATCH 3/8] Extend protection of GTK/IGTK reinstallation of WNM-Sleep
- Mode cases
-
-This extends the protection to track last configured GTK/IGTK value
-separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a
-corner case where these two different mechanisms may get used when the
-GTK/IGTK has changed and tracking a single value is not sufficient to
-detect a possible key reconfiguration.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/rsn_supp/wpa.c | 53 +++++++++++++++++++++++++++++++++++++---------------
- src/rsn_supp/wpa_i.h | 2 ++
- 2 files changed, 40 insertions(+), 15 deletions(-)
-
-diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
-index 95bd7be..7a2c68d 100644
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -709,14 +709,17 @@ struct wpa_gtk_data {
-
- static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
- const struct wpa_gtk_data *gd,
-- const u8 *key_rsc)
-+ const u8 *key_rsc, int wnm_sleep)
- {
- const u8 *_gtk = gd->gtk;
- u8 gtk_buf[32];
-
- /* Detect possible key reinstallation */
-- if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
-- os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
-+ if ((sm->gtk.gtk_len == (size_t) gd->gtk_len &&
-+ os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) ||
-+ (sm->gtk_wnm_sleep.gtk_len == (size_t) gd->gtk_len &&
-+ os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk,
-+ sm->gtk_wnm_sleep.gtk_len) == 0)) {
- wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
- "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
- gd->keyidx, gd->tx, gd->gtk_len);
-@@ -757,8 +760,14 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
- }
- os_memset(gtk_buf, 0, sizeof(gtk_buf));
-
-- sm->gtk.gtk_len = gd->gtk_len;
-- os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
-+ if (wnm_sleep) {
-+ sm->gtk_wnm_sleep.gtk_len = gd->gtk_len;
-+ os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk,
-+ sm->gtk_wnm_sleep.gtk_len);
-+ } else {
-+ sm->gtk.gtk_len = gd->gtk_len;
-+ os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
-+ }
-
- return 0;
- }
-@@ -852,7 +861,7 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
- (wpa_supplicant_check_group_cipher(sm, sm->group_cipher,
- gtk_len, gtk_len,
- &gd.key_rsc_len, &gd.alg) ||
-- wpa_supplicant_install_gtk(sm, &gd, key_rsc))) {
-+ wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0))) {
- wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
- "RSN: Failed to install GTK");
- os_memset(&gd, 0, sizeof(gd));
-@@ -868,14 +877,18 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
-
- #ifdef CONFIG_IEEE80211W
- static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
-- const struct wpa_igtk_kde *igtk)
-+ const struct wpa_igtk_kde *igtk,
-+ int wnm_sleep)
- {
- size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
- u16 keyidx = WPA_GET_LE16(igtk->keyid);
-
- /* Detect possible key reinstallation */
-- if (sm->igtk.igtk_len == len &&
-- os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
-+ if ((sm->igtk.igtk_len == len &&
-+ os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) ||
-+ (sm->igtk_wnm_sleep.igtk_len == len &&
-+ os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk,
-+ sm->igtk_wnm_sleep.igtk_len) == 0)) {
- wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
- "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
- keyidx);
-@@ -900,8 +913,14 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
- return -1;
- }
-
-- sm->igtk.igtk_len = len;
-- os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
-+ if (wnm_sleep) {
-+ sm->igtk_wnm_sleep.igtk_len = len;
-+ os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk,
-+ sm->igtk_wnm_sleep.igtk_len);
-+ } else {
-+ sm->igtk.igtk_len = len;
-+ os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
-+ }
-
- return 0;
- }
-@@ -924,7 +943,7 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
- return -1;
-
- igtk = (const struct wpa_igtk_kde *) ie->igtk;
-- if (wpa_supplicant_install_igtk(sm, igtk) < 0)
-+ if (wpa_supplicant_install_igtk(sm, igtk, 0) < 0)
- return -1;
- }
-
-@@ -1574,7 +1593,7 @@ static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm,
- if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc))
- key_rsc = null_rsc;
-
-- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc) ||
-+ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0) ||
- wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0)
- goto failed;
- os_memset(&gd, 0, sizeof(gd));
-@@ -2386,8 +2405,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
- sm->tptk_set = 0;
- os_memset(&sm->tptk, 0, sizeof(sm->tptk));
- os_memset(&sm->gtk, 0, sizeof(sm->gtk));
-+ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
- #ifdef CONFIG_IEEE80211W
- os_memset(&sm->igtk, 0, sizeof(sm->igtk));
-+ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
- #endif /* CONFIG_IEEE80211W */
- }
-
-@@ -2920,8 +2941,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
- os_memset(&sm->ptk, 0, sizeof(sm->ptk));
- os_memset(&sm->tptk, 0, sizeof(sm->tptk));
- os_memset(&sm->gtk, 0, sizeof(sm->gtk));
-+ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
- #ifdef CONFIG_IEEE80211W
- os_memset(&sm->igtk, 0, sizeof(sm->igtk));
-+ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
- #endif /* CONFIG_IEEE80211W */
- #ifdef CONFIG_IEEE80211R
- os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
-@@ -2986,7 +3009,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
-
- wpa_hexdump_key(MSG_DEBUG, "Install GTK (WNM SLEEP)",
- gd.gtk, gd.gtk_len);
-- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc)) {
-+ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 1)) {
- os_memset(&gd, 0, sizeof(gd));
- wpa_printf(MSG_DEBUG, "Failed to install the GTK in "
- "WNM mode");
-@@ -2998,7 +3021,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
- const struct wpa_igtk_kde *igtk;
-
- igtk = (const struct wpa_igtk_kde *) (buf + 2);
-- if (wpa_supplicant_install_igtk(sm, igtk) < 0)
-+ if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0)
- return -1;
- #endif /* CONFIG_IEEE80211W */
- } else {
-diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
-index afc9e37..9a54631 100644
---- a/src/rsn_supp/wpa_i.h
-+++ b/src/rsn_supp/wpa_i.h
-@@ -32,8 +32,10 @@ struct wpa_sm {
- int rx_replay_counter_set;
- u8 request_counter[WPA_REPLAY_COUNTER_LEN];
- struct wpa_gtk gtk;
-+ struct wpa_gtk gtk_wnm_sleep;
- #ifdef CONFIG_IEEE80211W
- struct wpa_igtk igtk;
-+ struct wpa_igtk igtk_wnm_sleep;
- #endif /* CONFIG_IEEE80211W */
-
- struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
---
-2.7.4
-
diff --git a/0004-Prevent-installation-of-an-all-zero-TK.patch b/0004-Prevent-installation-of-an-all-zero-TK.patch
deleted file mode 100644
index 22ee217..0000000
--- a/0004-Prevent-installation-of-an-all-zero-TK.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From 8f82bc94e8697a9d47fa8774dfdaaede1084912c Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
-Date: Fri, 29 Sep 2017 04:22:51 +0200
-Subject: [PATCH 4/8] Prevent installation of an all-zero TK
-
-Properly track whether a PTK has already been installed to the driver
-and the TK part cleared from memory. This prevents an attacker from
-trying to trick the client into installing an all-zero TK.
-
-This fixes the earlier fix in commit
-ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the
-driver in EAPOL-Key 3/4 retry case') which did not take into account
-possibility of an extra message 1/4 showing up between retries of
-message 3/4.
-
-Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
----
- src/common/wpa_common.h | 1 +
- src/rsn_supp/wpa.c | 5 ++---
- src/rsn_supp/wpa_i.h | 1 -
- 3 files changed, 3 insertions(+), 4 deletions(-)
-
-diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
-index d200285..1021ccb 100644
---- a/src/common/wpa_common.h
-+++ b/src/common/wpa_common.h
-@@ -215,6 +215,7 @@ struct wpa_ptk {
- size_t kck_len;
- size_t kek_len;
- size_t tk_len;
-+ int installed; /* 1 if key has already been installed to driver */
- };
-
- struct wpa_gtk {
-diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
-index 7a2c68d..0550a41 100644
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -510,7 +510,6 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm,
- os_memset(buf, 0, sizeof(buf));
- }
- sm->tptk_set = 1;
-- sm->tk_to_set = 1;
-
- kde = sm->assoc_wpa_ie;
- kde_len = sm->assoc_wpa_ie_len;
-@@ -615,7 +614,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
- enum wpa_alg alg;
- const u8 *key_rsc;
-
-- if (!sm->tk_to_set) {
-+ if (sm->ptk.installed) {
- wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
- "WPA: Do not re-install same PTK to the driver");
- return 0;
-@@ -659,7 +658,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
-
- /* TK is not needed anymore in supplicant */
- os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
-- sm->tk_to_set = 0;
-+ sm->ptk.installed = 1;
-
- if (sm->wpa_ptk_rekey) {
- eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
-diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
-index 9a54631..41f371f 100644
---- a/src/rsn_supp/wpa_i.h
-+++ b/src/rsn_supp/wpa_i.h
-@@ -24,7 +24,6 @@ struct wpa_sm {
- struct wpa_ptk ptk, tptk;
- int ptk_set, tptk_set;
- unsigned int msg_3_of_4_ok:1;
-- unsigned int tk_to_set:1;
- u8 snonce[WPA_NONCE_LEN];
- u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
- int renew_snonce;
---
-2.7.4
-
diff --git a/0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch b/0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
deleted file mode 100644
index c19c4c7..0000000
--- a/0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From 12fac09b437a1dc8a0f253e265934a8aaf4d2f8b Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sun, 1 Oct 2017 12:32:57 +0300
-Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce
-
-The Authenticator state machine path for PTK rekeying ended up bypassing
-the AUTHENTICATION2 state where a new ANonce is generated when going
-directly to the PTKSTART state since there is no need to try to
-determine the PMK again in such a case. This is far from ideal since the
-new PTK would depend on a new nonce only from the supplicant.
-
-Fix this by generating a new ANonce when moving to the PTKSTART state
-for the purpose of starting new 4-way handshake to rekey PTK.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/ap/wpa_auth.c | 24 +++++++++++++++++++++---
- 1 file changed, 21 insertions(+), 3 deletions(-)
-
-diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
-index 707971d..bf10cc1 100644
---- a/src/ap/wpa_auth.c
-+++ b/src/ap/wpa_auth.c
-@@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
- }
-
-
-+static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm)
-+{
-+ if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
-+ wpa_printf(MSG_ERROR,
-+ "WPA: Failed to get random data for ANonce");
-+ sm->Disconnect = TRUE;
-+ return -1;
-+ }
-+ wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
-+ WPA_NONCE_LEN);
-+ sm->TimeoutCtr = 0;
-+ return 0;
-+}
-+
-+
- SM_STATE(WPA_PTK, INITPMK)
- {
- u8 msk[2 * PMK_LEN];
-@@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK)
- SM_ENTER(WPA_PTK, AUTHENTICATION);
- else if (sm->ReAuthenticationRequest)
- SM_ENTER(WPA_PTK, AUTHENTICATION2);
-- else if (sm->PTKRequest)
-- SM_ENTER(WPA_PTK, PTKSTART);
-- else switch (sm->wpa_ptk_state) {
-+ else if (sm->PTKRequest) {
-+ if (wpa_auth_sm_ptk_update(sm) < 0)
-+ SM_ENTER(WPA_PTK, DISCONNECTED);
-+ else
-+ SM_ENTER(WPA_PTK, PTKSTART);
-+ } else switch (sm->wpa_ptk_state) {
- case WPA_PTK_INITIALIZE:
- break;
- case WPA_PTK_DISCONNECT:
---
-2.7.4
-
diff --git a/0006-TDLS-Reject-TPK-TK-reconfiguration.patch b/0006-TDLS-Reject-TPK-TK-reconfiguration.patch
deleted file mode 100644
index e1bd5a5..0000000
--- a/0006-TDLS-Reject-TPK-TK-reconfiguration.patch
+++ /dev/null
@@ -1,132 +0,0 @@
-From 6c4bed4f47d1960ec04981a9d50e5076aea5223d Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 22 Sep 2017 11:03:15 +0300
-Subject: [PATCH 6/8] TDLS: Reject TPK-TK reconfiguration
-
-Do not try to reconfigure the same TPK-TK to the driver after it has
-been successfully configured. This is an explicit check to avoid issues
-related to resetting the TX/RX packet number. There was already a check
-for this for TPK M2 (retries of that message are ignored completely), so
-that behavior does not get modified.
-
-For TPK M3, the TPK-TK could have been reconfigured, but that was
-followed by immediate teardown of the link due to an issue in updating
-the STA entry. Furthermore, for TDLS with any real security (i.e.,
-ignoring open/WEP), the TPK message exchange is protected on the AP path
-and simple replay attacks are not feasible.
-
-As an additional corner case, make sure the local nonce gets updated if
-the peer uses a very unlikely "random nonce" of all zeros.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/rsn_supp/tdls.c | 38 ++++++++++++++++++++++++++++++++++++--
- 1 file changed, 36 insertions(+), 2 deletions(-)
-
-diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c
-index e424168..9eb9738 100644
---- a/src/rsn_supp/tdls.c
-+++ b/src/rsn_supp/tdls.c
-@@ -112,6 +112,7 @@ struct wpa_tdls_peer {
- u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */
- } tpk;
- int tpk_set;
-+ int tk_set; /* TPK-TK configured to the driver */
- int tpk_success;
- int tpk_in_progress;
-
-@@ -192,6 +193,20 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
- u8 rsc[6];
- enum wpa_alg alg;
-
-+ if (peer->tk_set) {
-+ /*
-+ * This same TPK-TK has already been configured to the driver
-+ * and this new configuration attempt (likely due to an
-+ * unexpected retransmitted frame) would result in clearing
-+ * the TX/RX sequence number which can break security, so must
-+ * not allow that to happen.
-+ */
-+ wpa_printf(MSG_INFO, "TDLS: TPK-TK for the peer " MACSTR
-+ " has already been configured to the driver - do not reconfigure",
-+ MAC2STR(peer->addr));
-+ return -1;
-+ }
-+
- os_memset(rsc, 0, 6);
-
- switch (peer->cipher) {
-@@ -209,12 +224,15 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
- return -1;
- }
-
-+ wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR,
-+ MAC2STR(peer->addr));
- if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1,
- rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) {
- wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "
- "driver");
- return -1;
- }
-+ peer->tk_set = 1;
- return 0;
- }
-
-@@ -696,7 +714,7 @@ static void wpa_tdls_peer_clear(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
- peer->cipher = 0;
- peer->qos_info = 0;
- peer->wmm_capable = 0;
-- peer->tpk_set = peer->tpk_success = 0;
-+ peer->tk_set = peer->tpk_set = peer->tpk_success = 0;
- peer->chan_switch_enabled = 0;
- os_memset(&peer->tpk, 0, sizeof(peer->tpk));
- os_memset(peer->inonce, 0, WPA_NONCE_LEN);
-@@ -1159,6 +1177,7 @@ skip_rsnie:
- wpa_tdls_peer_free(sm, peer);
- return -1;
- }
-+ peer->tk_set = 0; /* A new nonce results in a new TK */
- wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake",
- peer->inonce, WPA_NONCE_LEN);
- os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
-@@ -1751,6 +1770,19 @@ static int wpa_tdls_addset_peer(struct wpa_sm *sm, struct wpa_tdls_peer *peer,
- }
-
-
-+static int tdls_nonce_set(const u8 *nonce)
-+{
-+ int i;
-+
-+ for (i = 0; i < WPA_NONCE_LEN; i++) {
-+ if (nonce[i])
-+ return 1;
-+ }
-+
-+ return 0;
-+}
-+
-+
- static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr,
- const u8 *buf, size_t len)
- {
-@@ -2004,7 +2036,8 @@ skip_rsn:
- peer->rsnie_i_len = kde.rsn_ie_len;
- peer->cipher = cipher;
-
-- if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0) {
-+ if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0 ||
-+ !tdls_nonce_set(peer->inonce)) {
- /*
- * There is no point in updating the RNonce for every obtained
- * TPK M1 frame (e.g., retransmission due to timeout) with the
-@@ -2020,6 +2053,7 @@ skip_rsn:
- "TDLS: Failed to get random data for responder nonce");
- goto error;
- }
-+ peer->tk_set = 0; /* A new nonce results in a new TK */
- }
-
- #if 0
---
-2.7.4
-
diff --git a/0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch b/0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
deleted file mode 100644
index 85ea1d6..0000000
--- a/0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 53c5eb58e95004f86e65ee9fbfccbc291b139057 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 22 Sep 2017 11:25:02 +0300
-Subject: [PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending
- request
-
-Commit 03ed0a52393710be6bdae657d1b36efa146520e5 ('WNM: Ignore WNM-Sleep
-Mode Response if WNM-Sleep Mode has not been used') started ignoring the
-response when no WNM-Sleep Mode Request had been used during the
-association. This can be made tighter by clearing the used flag when
-successfully processing a response. This adds an additional layer of
-protection against unexpected retransmissions of the response frame.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- wpa_supplicant/wnm_sta.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
-index 1b3409c..67a07ff 100644
---- a/wpa_supplicant/wnm_sta.c
-+++ b/wpa_supplicant/wnm_sta.c
-@@ -260,7 +260,7 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
-
- if (!wpa_s->wnmsleep_used) {
- wpa_printf(MSG_DEBUG,
-- "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode has not been used in this association");
-+ "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode operation has not been requested");
- return;
- }
-
-@@ -299,6 +299,8 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
- return;
- }
-
-+ wpa_s->wnmsleep_used = 0;
-+
- if (wnmsleep_ie->status == WNM_STATUS_SLEEP_ACCEPT ||
- wnmsleep_ie->status == WNM_STATUS_SLEEP_EXIT_ACCEPT_GTK_UPDATE) {
- wpa_printf(MSG_DEBUG, "Successfully recv WNM-Sleep Response "
---
-2.7.4
-
diff --git a/0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch b/0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
deleted file mode 100644
index b9678f6..0000000
--- a/0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From b372ab0b7daea719749194dc554b26e6367603f2 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 22 Sep 2017 12:06:37 +0300
-Subject: [PATCH 8/8] FT: Do not allow multiple Reassociation Response frames
-
-The driver is expected to not report a second association event without
-the station having explicitly request a new association. As such, this
-case should not be reachable. However, since reconfiguring the same
-pairwise or group keys to the driver could result in nonce reuse issues,
-be extra careful here and do an additional state check to avoid this
-even if the local driver ends up somehow accepting an unexpected
-Reassociation Response frame.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/rsn_supp/wpa.c | 3 +++
- src/rsn_supp/wpa_ft.c | 8 ++++++++
- src/rsn_supp/wpa_i.h | 1 +
- 3 files changed, 12 insertions(+)
-
-diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
-index 0550a41..2a53c6f 100644
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -2440,6 +2440,9 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm)
- #ifdef CONFIG_TDLS
- wpa_tdls_disassoc(sm);
- #endif /* CONFIG_TDLS */
-+#ifdef CONFIG_IEEE80211R
-+ sm->ft_reassoc_completed = 0;
-+#endif /* CONFIG_IEEE80211R */
-
- /* Keys are not needed in the WPA state machine anymore */
- wpa_sm_drop_sa(sm);
-diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
-index 205793e..d45bb45 100644
---- a/src/rsn_supp/wpa_ft.c
-+++ b/src/rsn_supp/wpa_ft.c
-@@ -153,6 +153,7 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
- u16 capab;
-
- sm->ft_completed = 0;
-+ sm->ft_reassoc_completed = 0;
-
- buf_len = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
- 2 + sm->r0kh_id_len + ric_ies_len + 100;
-@@ -681,6 +682,11 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
- return -1;
- }
-
-+ if (sm->ft_reassoc_completed) {
-+ wpa_printf(MSG_DEBUG, "FT: Reassociation has already been completed for this FT protocol instance - ignore unexpected retransmission");
-+ return 0;
-+ }
-+
- if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) {
- wpa_printf(MSG_DEBUG, "FT: Failed to parse IEs");
- return -1;
-@@ -781,6 +787,8 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
- return -1;
- }
-
-+ sm->ft_reassoc_completed = 1;
-+
- if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0)
- return -1;
-
-diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
-index 41f371f..56f88dc 100644
---- a/src/rsn_supp/wpa_i.h
-+++ b/src/rsn_supp/wpa_i.h
-@@ -128,6 +128,7 @@ struct wpa_sm {
- size_t r0kh_id_len;
- u8 r1kh_id[FT_R1KH_ID_LEN];
- int ft_completed;
-+ int ft_reassoc_completed;
- int over_the_ds_in_progress;
- u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
- int set_ptk_after_assoc;
---
-2.7.4
-
diff --git a/wpa_supplicant-0.6.3-WEP232.patch b/wpa_supplicant-0.6.3-WEP232.patch
deleted file mode 100644
index bbb5b8f..0000000
--- a/wpa_supplicant-0.6.3-WEP232.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -p -up wpa_supplicant-0.6.3/wpa_supplicant/config_ssid.h.WEP232 wpa_supplicant-0.6.3/wpa_supplicant/config_ssid.h
---- wpa_supplicant-0.6.3/wpa_supplicant/config_ssid.h.WEP232 2008-02-23 03:45:24.000000000 +0100
-+++ wpa_supplicant-0.6.3/wpa_supplicant/config_ssid.h 2008-03-31 22:28:29.000000000 +0200
-@@ -189,7 +189,7 @@ struct wpa_ssid {
- #endif /* IEEE8021X_EAPOL */
-
- #define NUM_WEP_KEYS 4
--#define MAX_WEP_KEY_LEN 16
-+#define MAX_WEP_KEY_LEN 32
- /**
- * wep_key - WEP keys
- */
diff --git a/wpa_supplicant-0.7.3-copy-wpa_scan_results_free-for-wpa_priv.patch b/wpa_supplicant-0.7.3-copy-wpa_scan_results_free-for-wpa_priv.patch
deleted file mode 100644
index 3731dae..0000000
--- a/wpa_supplicant-0.7.3-copy-wpa_scan_results_free-for-wpa_priv.patch
+++ /dev/null
@@ -1,22 +0,0 @@
---- wpa_supplicant-0.7.3/wpa_supplicant/wpa_priv.c.func_copy~ 2011-12-01 03:03:19.062419637 +0100
-+++ wpa_supplicant-0.7.3/wpa_supplicant/wpa_priv.c 2011-12-01 03:03:27.209261417 +0100
-@@ -117,6 +117,19 @@ static void wpa_priv_cmd_scan(struct wpa
- iface->driver->scan2(iface->drv_priv, ¶ms);
- }
-
-+/* copied from scan.c */
-+static void wpa_scan_results_free(struct wpa_scan_results *res)
-+{
-+ size_t i;
-+
-+ if (res == NULL)
-+ return;
-+
-+ for (i = 0; i < res->num; i++)
-+ os_free(res->res[i]);
-+ os_free(res->res);
-+ os_free(res);
-+}
-
- static void wpa_priv_get_scan_results2(struct wpa_priv_interface *iface,
- struct sockaddr_un *from)
diff --git a/wpa_supplicant-0.7.3-fix-wpa_priv-eloop_signal_handler-casting.patch b/wpa_supplicant-0.7.3-fix-wpa_priv-eloop_signal_handler-casting.patch
deleted file mode 100644
index a0bb348..0000000
--- a/wpa_supplicant-0.7.3-fix-wpa_priv-eloop_signal_handler-casting.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- wpa_supplicant-0.7.3/wpa_supplicant/wpa_priv.c.cast~ 2011-12-01 05:37:40.323072169 +0100
-+++ wpa_supplicant-0.7.3/wpa_supplicant/wpa_priv.c 2011-12-01 05:37:43.540083426 +0100
-@@ -1030,7 +1030,7 @@ int main(int argc, char *argv[])
- if (daemonize && os_daemonize(pid_file))
- goto out;
-
-- eloop_register_signal_terminate(wpa_priv_terminate, NULL);
-+ eloop_register_signal_terminate((eloop_signal_handler)wpa_priv_terminate, NULL);
- eloop_run();
-
- ret = 0;
diff --git a/wpa_supplicant-1.0-do-not-call-dbus-functions-with-NULL-path.patch b/wpa_supplicant-1.0-do-not-call-dbus-functions-with-NULL-path.patch
deleted file mode 100644
index 3dfd793..0000000
--- a/wpa_supplicant-1.0-do-not-call-dbus-functions-with-NULL-path.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff -Naur wpa_supplicant-1.0/wpa_supplicant/dbus/dbus_new_helpers.c wpa_supplicant-1.0.tpg/wpa_supplicant/dbus/dbus_new_helpers.c
---- wpa_supplicant-1.0/wpa_supplicant/dbus/dbus_new_helpers.c 2012-05-09 21:56:09.000000000 +0000
-+++ wpa_supplicant-1.0.tpg/wpa_supplicant/dbus/dbus_new_helpers.c 2012-05-25 09:13:42.669775649 +0000
-@@ -882,7 +882,7 @@
- const struct wpa_dbus_property_desc *dsc;
- int i = 0;
-
-- if (iface == NULL)
-+ if (iface == NULL || path == NULL)
- return;
-
- dbus_connection_get_object_path_data(iface->con, path,
-diff -Naur wpa_supplicant-1.0/wpa_supplicant/dbus/dbus_old.c wpa_supplicant-1.0.tpg/wpa_supplicant/dbus/dbus_old.c
---- wpa_supplicant-1.0/wpa_supplicant/dbus/dbus_old.c 2012-05-09 21:56:09.000000000 +0000
-+++ wpa_supplicant-1.0.tpg/wpa_supplicant/dbus/dbus_old.c 2012-05-25 09:13:42.669775649 +0000
-@@ -419,7 +419,7 @@
- if (wpa_s->global == NULL)
- return;
- iface = wpa_s->global->dbus;
-- if (iface == NULL)
-+ if (iface == NULL || wpa_s->dbus_path == NULL)
- return;
-
- /* Only send signal if state really changed */
diff --git a/wpa_supplicant-1.0-mdv-dbus-service-file-args.patch b/wpa_supplicant-1.0-mdv-dbus-service-file-args.patch
deleted file mode 100644
index d1b84a4..0000000
--- a/wpa_supplicant-1.0-mdv-dbus-service-file-args.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-diff -Naur wpa_supplicant-1.0/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in wpa_supplicant-1.0.tpg/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in
---- wpa_supplicant-1.0/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in 2012-05-09 21:56:09.000000000 +0000
-+++ wpa_supplicant-1.0.tpg/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in 2012-05-25 08:53:45.898525233 +0000
-@@ -1,5 +1,5 @@
- [D-BUS Service]
- Name=fi.epitest.hostap.WPASupplicant
--Exec=@BINDIR@/wpa_supplicant -u
-+Exec=@BINDIR@/wpa_supplicant -c /etc/wpa_supplicant.conf -u -P /var/run/wpa_supplicant.pid
- User=root
- SystemdService=wpa_supplicant.service
-diff -Naur wpa_supplicant-1.0/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in wpa_supplicant-1.0.tpg/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in
---- wpa_supplicant-1.0/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in 2012-05-09 21:56:09.000000000 +0000
-+++ wpa_supplicant-1.0.tpg/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in 2012-05-25 08:54:30.318525081 +0000
-@@ -1,5 +1,5 @@
- [D-BUS Service]
- Name=fi.w1.wpa_supplicant1
--Exec=@BINDIR@/wpa_supplicant -u
-+Exec=@BINDIR@/wpa_supplicant -c /etc/wpa_supplicant.conf -u -P /var/run/wpa_supplicant.pid
- User=root
- SystemdService=wpa_supplicant.service
diff --git a/wpa_supplicant-1.0-mga-dbus-service-file-args.patch b/wpa_supplicant-1.0-mga-dbus-service-file-args.patch
new file mode 100644
index 0000000..0d0f9e3
--- /dev/null
+++ b/wpa_supplicant-1.0-mga-dbus-service-file-args.patch
@@ -0,0 +1,20 @@
+diff -Naur -x '*~' wpa_supplicant-1.0/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in wpa_supplicant-1.0-mga-dbus-service-file-args/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in
+--- wpa_supplicant-1.0/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in 2012-05-09 23:56:09.000000000 +0200
++++ wpa_supplicant-1.0-mga-dbus-service-file-args/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in 2012-08-09 17:02:52.586835715 +0200
+@@ -1,5 +1,5 @@
+ [D-BUS Service]
+ Name=fi.epitest.hostap.WPASupplicant
+-Exec=@BINDIR@/wpa_supplicant -u
++Exec=@BINDIR@/wpa_supplicant -u -c /etc/wpa_supplicant.conf -P /run/wpa_supplicant.pid
+ User=root
+ SystemdService=wpa_supplicant.service
+diff -Naur -x '*~' wpa_supplicant-1.0/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in wpa_supplicant-1.0-mga-dbus-service-file-args/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in
+--- wpa_supplicant-1.0/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in 2012-05-09 23:56:09.000000000 +0200
++++ wpa_supplicant-1.0-mga-dbus-service-file-args/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in 2012-08-09 17:03:13.234682750 +0200
+@@ -1,5 +1,5 @@
+ [D-BUS Service]
+ Name=fi.w1.wpa_supplicant1
+-Exec=@BINDIR@/wpa_supplicant -u
++Exec=@BINDIR@/wpa_supplicant -u -c /etc/wpa_supplicant.conf -P /run/wpa_supplicant.pid
+ User=root
+ SystemdService=wpa_supplicant.service
diff --git a/wpa_supplicant-2.2-omv-defconfig.patch b/wpa_supplicant-2.2-omv-defconfig.patch
index d5862c6..a945fc1 100644
--- a/wpa_supplicant-2.2-omv-defconfig.patch
+++ b/wpa_supplicant-2.2-omv-defconfig.patch
@@ -1,17 +1,7 @@
-diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wpa_supplicant/defconfig
---- wpa_supplicant-2.6/wpa_supplicant/defconfig 2016-10-02 18:51:11.000000000 +0000
-+++ wpa_supplicant-2.6.tpg/wpa_supplicant/defconfig 2016-10-09 08:54:47.845483228 +0000
-@@ -44,7 +44,7 @@
- #CONFIG_LIBNL20=y
-
- # Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
--#CONFIG_LIBNL32=y
-+CONFIG_LIBNL32=y
-
-
- # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
-@@ -74,10 +74,10 @@
- CONFIG_DRIVER_WIRED=y
+--- wpa_supplicant-2.7/wpa_supplicant/defconfig.orig 2018-12-29 21:44:42.294838609 -0500
++++ wpa_supplicant-2.7/wpa_supplicant/defconfig 2018-12-29 22:17:26.895613720 -0500
+@@ -80,10 +80,10 @@ CONFIG_DRIVER_WIRED=y
+ #CONFIG_DRIVER_MACSEC_LINUX=y
# Driver interface for the Broadcom RoboSwitch family
-#CONFIG_DRIVER_ROBOSWITCH=y
@@ -23,7 +13,7 @@ diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wp
# Solaris libraries
#LIBS += -lsocket -ldlpi -lnsl
-@@ -106,7 +106,7 @@
+@@ -112,7 +112,7 @@ CONFIG_EAP_TTLS=y
# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed
# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g.,
# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions.
@@ -32,7 +22,7 @@ diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wp
# EAP-GTC
CONFIG_EAP_GTC=y
-@@ -115,45 +115,45 @@
+@@ -121,43 +121,43 @@ CONFIG_EAP_GTC=y
CONFIG_EAP_OTP=y
# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
@@ -85,12 +75,9 @@ diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wp
-#CONFIG_WPS=y
+CONFIG_WPS=y
# Enable WPS external registrar functionality
--#CONFIG_WPS_ER=y
-+CONFIG_WPS_ER=y
+ #CONFIG_WPS_ER=y
# Disable credentials for an open network by default when acting as a WPS
- # registrar.
- #CONFIG_WPS_REG_DISABLE_OPEN=y
-@@ -161,7 +161,7 @@
+@@ -167,7 +167,7 @@ CONFIG_EAP_LEAP=y
#CONFIG_WPS_NFC=y
# EAP-IKEv2
@@ -99,7 +86,7 @@ diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wp
# EAP-EKE
#CONFIG_EAP_EKE=y
-@@ -176,7 +176,7 @@
+@@ -185,7 +185,7 @@ CONFIG_SMARTCARD=y
# PC/SC interface for smartcards (USIM, GSM SIM)
# Enable this if EAP-SIM or EAP-AKA is included
@@ -108,7 +95,7 @@ diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wp
# Support HT overrides (disable HT/HT40, mask MCS rates, etc.)
#CONFIG_HT_OVERRIDES=y
-@@ -203,7 +203,7 @@
+@@ -212,7 +212,7 @@ CONFIG_CTRL_IFACE=y
# When building a wpa_cli binary for distribution, please note that these
# libraries are licensed under GPL and as such, BSD license may not apply for
# the resulting binary.
@@ -117,7 +104,7 @@ diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wp
# Include internal line edit mode in wpa_cli. This can be used as a replacement
# for GNU Readline to provide limited command line editing and history support.
-@@ -293,7 +293,7 @@
+@@ -299,7 +299,7 @@ CONFIG_BACKEND=file
# IEEE 802.11w (management frame protection), also known as PMF
# Driver support is also needed for IEEE 802.11w.
@@ -126,7 +113,7 @@ diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wp
# Select TLS implementation
# openssl = OpenSSL (default)
-@@ -340,14 +340,14 @@
+@@ -351,14 +351,14 @@ CONFIG_BACKEND=file
# Add support for old DBus control interface
# (fi.epitest.hostap.WPASupplicant)
@@ -144,7 +131,20 @@ diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wp
# Add support for loading EAP methods dynamically as shared libraries.
# When this option is enabled, each EAP method can be either included
-@@ -396,7 +396,7 @@
+@@ -382,10 +382,10 @@ CONFIG_BACKEND=file
+ #CONFIG_DYNAMIC_EAP_METHODS=y
+
+ # IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode
+-#CONFIG_IEEE80211R=y
++CONFIG_IEEE80211R=y
+
+ # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
+-#CONFIG_DEBUG_FILE=y
++CONFIG_DEBUG_FILE=y
+
+ # Send debug messages to syslog instead of stdout
+ #CONFIG_DEBUG_SYSLOG=y
+@@ -407,7 +407,7 @@ CONFIG_BACKEND=file
# Enable mitigation against certain attacks against TKIP by delaying Michael
# MIC error reports by a random amount of time between 0 and 60 seconds
@@ -153,54 +153,3 @@ diff -Naur wpa_supplicant-2.6/wpa_supplicant/defconfig wpa_supplicant-2.6.tpg/wp
# Enable tracing code for developer debugging
# This tracks use of memory allocations and other registrations and reports
-@@ -448,11 +448,11 @@
- #CONFIG_NO_RANDOM_POOL=y
-
- # IEEE 802.11n (High Throughput) support (mainly for AP mode)
--#CONFIG_IEEE80211N=y
-+CONFIG_IEEE80211N=y
-
- # IEEE 802.11ac (Very High Throughput) support (mainly for AP mode)
- # (depends on CONFIG_IEEE80211N)
--#CONFIG_IEEE80211AC=y
-+CONFIG_IEEE80211AC=y
-
- # Wireless Network Management (IEEE Std 802.11v-2011)
- # Note: This is experimental and not complete implementation.
-@@ -462,10 +462,10 @@
- # This can be used to enable functionality to improve interworking with
- # external networks (GAS/ANQP to learn more about the networks and network
- # selection based on available credentials).
--#CONFIG_INTERWORKING=y
-+CONFIG_INTERWORKING=y
-
- # Hotspot 2.0
--#CONFIG_HS20=y
-+CONFIG_HS20=y
-
- # Enable interface matching in wpa_supplicant
- #CONFIG_MATCH_IFACE=y
-@@ -478,12 +478,12 @@
- # should be noted that this is mainly aimed at simple cases like
- # WPA2-Personal while more complex configurations like WPA2-Enterprise with an
- # external RADIUS server can be supported with hostapd.
--#CONFIG_AP=y
-+CONFIG_AP=y
-
- # P2P (Wi-Fi Direct)
- # This can be used to enable P2P support in wpa_supplicant. See README-P2P for
- # more information on P2P operations.
--#CONFIG_P2P=y
-+CONFIG_P2P=y
-
- # Enable TDLS support
- #CONFIG_TDLS=y
-@@ -491,7 +491,7 @@
- # Wi-Fi Direct
- # This can be used to enable Wi-Fi Direct extensions for P2P using an external
- # program to control the additional information exchanges in the messages.
--#CONFIG_WIFI_DISPLAY=y
-+CONFIG_WIFI_DISPLAY=y
-
- # Autoscan
- # This can be used to enable automatic scan support in wpa_supplicant.
diff --git a/wpa_supplicant-2.5-openssl-1.1.patch b/wpa_supplicant-2.5-openssl-1.1.patch
deleted file mode 100644
index ba35b5b..0000000
--- a/wpa_supplicant-2.5-openssl-1.1.patch
+++ /dev/null
@@ -1,484 +0,0 @@
---- wpa_supplicant-2.5/src/crypto/crypto_openssl.c.omv~ 2016-09-18 19:47:22.805589312 +0200
-+++ wpa_supplicant-2.5/src/crypto/crypto_openssl.c 2016-09-18 20:11:05.028778421 +0200
-@@ -65,30 +65,31 @@ static BIGNUM * get_group5_prime(void)
- static int openssl_digest_vector(const EVP_MD *type, size_t num_elem,
- const u8 *addr[], const size_t *len, u8 *mac)
- {
-- EVP_MD_CTX ctx;
-+ EVP_MD_CTX *ctx = EVP_MD_CTX_new();
- size_t i;
- unsigned int mac_len;
-
-- EVP_MD_CTX_init(&ctx);
-- if (!EVP_DigestInit_ex(&ctx, type, NULL)) {
-+ EVP_MD_CTX_init(ctx);
-+ if (!EVP_DigestInit_ex(ctx, type, NULL)) {
- wpa_printf(MSG_ERROR, "OpenSSL: EVP_DigestInit_ex failed: %s",
- ERR_error_string(ERR_get_error(), NULL));
- return -1;
- }
- for (i = 0; i < num_elem; i++) {
-- if (!EVP_DigestUpdate(&ctx, addr[i], len[i])) {
-+ if (!EVP_DigestUpdate(ctx, addr[i], len[i])) {
- wpa_printf(MSG_ERROR, "OpenSSL: EVP_DigestUpdate "
- "failed: %s",
- ERR_error_string(ERR_get_error(), NULL));
- return -1;
- }
- }
-- if (!EVP_DigestFinal(&ctx, mac, &mac_len)) {
-+ if (!EVP_DigestFinal(ctx, mac, &mac_len)) {
- wpa_printf(MSG_ERROR, "OpenSSL: EVP_DigestFinal failed: %s",
- ERR_error_string(ERR_get_error(), NULL));
- return -1;
- }
-
-+ EVP_MD_CTX_free(ctx);
- return 0;
- }
-
-@@ -129,32 +130,33 @@ int rc4_skip(const u8 *key, size_t keyle
- #ifdef OPENSSL_NO_RC4
- return -1;
- #else /* OPENSSL_NO_RC4 */
-- EVP_CIPHER_CTX ctx;
-+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
- int outl;
- int res = -1;
- unsigned char skip_buf[16];
-
-- EVP_CIPHER_CTX_init(&ctx);
-- if (!EVP_CIPHER_CTX_set_padding(&ctx, 0) ||
-- !EVP_CipherInit_ex(&ctx, EVP_rc4(), NULL, NULL, NULL, 1) ||
-- !EVP_CIPHER_CTX_set_key_length(&ctx, keylen) ||
-- !EVP_CipherInit_ex(&ctx, NULL, NULL, key, NULL, 1))
-+ EVP_CIPHER_CTX_init(ctx);
-+ if (!EVP_CIPHER_CTX_set_padding(ctx, 0) ||
-+ !EVP_CipherInit_ex(ctx, EVP_rc4(), NULL, NULL, NULL, 1) ||
-+ !EVP_CIPHER_CTX_set_key_length(ctx, keylen) ||
-+ !EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, 1))
- goto out;
-
- while (skip >= sizeof(skip_buf)) {
- size_t len = skip;
- if (len > sizeof(skip_buf))
- len = sizeof(skip_buf);
-- if (!EVP_CipherUpdate(&ctx, skip_buf, &outl, skip_buf, len))
-+ if (!EVP_CipherUpdate(ctx, skip_buf, &outl, skip_buf, len))
- goto out;
- skip -= len;
- }
-
-- if (EVP_CipherUpdate(&ctx, data, &outl, data, data_len))
-+ if (EVP_CipherUpdate(ctx, data, &outl, data, data_len))
- res = 0;
-
- out:
-- EVP_CIPHER_CTX_cleanup(&ctx);
-+ EVP_CIPHER_CTX_cleanup(ctx);
-+ EVP_CIPHER_CTX_free(ctx);
- return res;
- #endif /* OPENSSL_NO_RC4 */
- }
-@@ -203,14 +205,13 @@ static const EVP_CIPHER * aes_get_evp_ci
-
- void * aes_encrypt_init(const u8 *key, size_t len)
- {
-- EVP_CIPHER_CTX *ctx;
-+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
- const EVP_CIPHER *type;
-
- type = aes_get_evp_cipher(len);
- if (type == NULL)
- return NULL;
-
-- ctx = os_malloc(sizeof(*ctx));
- if (ctx == NULL)
- return NULL;
- EVP_CIPHER_CTX_init(ctx);
-@@ -248,20 +249,19 @@ void aes_encrypt_deinit(void *ctx)
- "in AES encrypt", len);
- }
- EVP_CIPHER_CTX_cleanup(c);
-- bin_clear_free(c, sizeof(*c));
-+ EVP_CIPHER_CTX_free(c);
- }
-
-
- void * aes_decrypt_init(const u8 *key, size_t len)
- {
-- EVP_CIPHER_CTX *ctx;
-+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
- const EVP_CIPHER *type;
-
- type = aes_get_evp_cipher(len);
- if (type == NULL)
- return NULL;
-
-- ctx = os_malloc(sizeof(*ctx));
- if (ctx == NULL)
- return NULL;
- EVP_CIPHER_CTX_init(ctx);
-@@ -299,7 +299,7 @@ void aes_decrypt_deinit(void *ctx)
- "in AES decrypt", len);
- }
- EVP_CIPHER_CTX_cleanup(c);
-- bin_clear_free(c, sizeof(*c));
-+ EVP_CIPHER_CTX_free(c);
- }
-
-
-@@ -338,24 +338,28 @@ int aes_unwrap(const u8 *kek, size_t kek
-
- int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
- {
-- EVP_CIPHER_CTX ctx;
-+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
- int clen, len;
- u8 buf[16];
-
-- EVP_CIPHER_CTX_init(&ctx);
-- if (EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv) != 1)
-+ if(ctx == NULL)
- return -1;
-- EVP_CIPHER_CTX_set_padding(&ctx, 0);
-+
-+ EVP_CIPHER_CTX_init(ctx);
-+ if (EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv) != 1)
-+ return -1;
-+ EVP_CIPHER_CTX_set_padding(ctx, 0);
-
- clen = data_len;
-- if (EVP_EncryptUpdate(&ctx, data, &clen, data, data_len) != 1 ||
-+ if (EVP_EncryptUpdate(ctx, data, &clen, data, data_len) != 1 ||
- clen != (int) data_len)
- return -1;
-
- len = sizeof(buf);
-- if (EVP_EncryptFinal_ex(&ctx, buf, &len) != 1 || len != 0)
-+ if (EVP_EncryptFinal_ex(ctx, buf, &len) != 1 || len != 0)
- return -1;
-- EVP_CIPHER_CTX_cleanup(&ctx);
-+ EVP_CIPHER_CTX_cleanup(ctx);
-+ EVP_CIPHER_CTX_free(ctx);
-
- return 0;
- }
-@@ -363,24 +367,28 @@ int aes_128_cbc_encrypt(const u8 *key, c
-
- int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
- {
-- EVP_CIPHER_CTX ctx;
-+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
- int plen, len;
- u8 buf[16];
-
-- EVP_CIPHER_CTX_init(&ctx);
-- if (EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv) != 1)
-+ if (ctx == NULL)
- return -1;
-- EVP_CIPHER_CTX_set_padding(&ctx, 0);
-+
-+ EVP_CIPHER_CTX_init(ctx);
-+ if (EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv) != 1)
-+ return -1;
-+ EVP_CIPHER_CTX_set_padding(ctx, 0);
-
- plen = data_len;
-- if (EVP_DecryptUpdate(&ctx, data, &plen, data, data_len) != 1 ||
-+ if (EVP_DecryptUpdate(ctx, data, &plen, data, data_len) != 1 ||
- plen != (int) data_len)
- return -1;
-
- len = sizeof(buf);
-- if (EVP_DecryptFinal_ex(&ctx, buf, &len) != 1 || len != 0)
-+ if (EVP_DecryptFinal_ex(ctx, buf, &len) != 1 || len != 0)
- return -1;
-- EVP_CIPHER_CTX_cleanup(&ctx);
-+ EVP_CIPHER_CTX_cleanup(ctx);
-+ EVP_CIPHER_CTX_free(ctx);
-
- return 0;
- }
-@@ -425,8 +433,8 @@ error:
-
-
- struct crypto_cipher {
-- EVP_CIPHER_CTX enc;
-- EVP_CIPHER_CTX dec;
-+ EVP_CIPHER_CTX *enc;
-+ EVP_CIPHER_CTX *dec;
- };
-
-
-@@ -487,23 +495,30 @@ struct crypto_cipher * crypto_cipher_ini
- return NULL;
- }
-
-- EVP_CIPHER_CTX_init(&ctx->enc);
-- EVP_CIPHER_CTX_set_padding(&ctx->enc, 0);
-- if (!EVP_EncryptInit_ex(&ctx->enc, cipher, NULL, NULL, NULL) ||
-- !EVP_CIPHER_CTX_set_key_length(&ctx->enc, key_len) ||
-- !EVP_EncryptInit_ex(&ctx->enc, NULL, NULL, key, iv)) {
-- EVP_CIPHER_CTX_cleanup(&ctx->enc);
-+ ctx->enc = EVP_CIPHER_CTX_new();
-+ if (ctx->enc == NULL)
-+ return NULL;
-+ EVP_CIPHER_CTX_init(ctx->enc);
-+ EVP_CIPHER_CTX_set_padding(ctx->enc, 0);
-+ if (!EVP_EncryptInit_ex(ctx->enc, cipher, NULL, NULL, NULL) ||
-+ !EVP_CIPHER_CTX_set_key_length(ctx->enc, key_len) ||
-+ !EVP_EncryptInit_ex(ctx->enc, NULL, NULL, key, iv)) {
-+ EVP_CIPHER_CTX_cleanup(ctx->enc);
-+ EVP_CIPHER_CTX_free(ctx->enc);
- os_free(ctx);
- return NULL;
- }
-
-- EVP_CIPHER_CTX_init(&ctx->dec);
-- EVP_CIPHER_CTX_set_padding(&ctx->dec, 0);
-- if (!EVP_DecryptInit_ex(&ctx->dec, cipher, NULL, NULL, NULL) ||
-- !EVP_CIPHER_CTX_set_key_length(&ctx->dec, key_len) ||
-- !EVP_DecryptInit_ex(&ctx->dec, NULL, NULL, key, iv)) {
-- EVP_CIPHER_CTX_cleanup(&ctx->enc);
-- EVP_CIPHER_CTX_cleanup(&ctx->dec);
-+ ctx->dec = EVP_CIPHER_CTX_new();
-+ EVP_CIPHER_CTX_init(ctx->dec);
-+ EVP_CIPHER_CTX_set_padding(ctx->dec, 0);
-+ if (!EVP_DecryptInit_ex(ctx->dec, cipher, NULL, NULL, NULL) ||
-+ !EVP_CIPHER_CTX_set_key_length(ctx->dec, key_len) ||
-+ !EVP_DecryptInit_ex(ctx->dec, NULL, NULL, key, iv)) {
-+ EVP_CIPHER_CTX_cleanup(ctx->enc);
-+ EVP_CIPHER_CTX_free(ctx->enc);
-+ EVP_CIPHER_CTX_cleanup(ctx->dec);
-+ EVP_CIPHER_CTX_free(ctx->dec);
- os_free(ctx);
- return NULL;
- }
-@@ -516,7 +531,7 @@ int crypto_cipher_encrypt(struct crypto_
- u8 *crypt, size_t len)
- {
- int outl;
-- if (!EVP_EncryptUpdate(&ctx->enc, crypt, &outl, plain, len))
-+ if (!EVP_EncryptUpdate(ctx->enc, crypt, &outl, plain, len))
- return -1;
- return 0;
- }
-@@ -527,7 +542,7 @@ int crypto_cipher_decrypt(struct crypto_
- {
- int outl;
- outl = len;
-- if (!EVP_DecryptUpdate(&ctx->dec, plain, &outl, crypt, len))
-+ if (!EVP_DecryptUpdate(ctx->dec, plain, &outl, crypt, len))
- return -1;
- return 0;
- }
-@@ -535,8 +550,10 @@ int crypto_cipher_decrypt(struct crypto_
-
- void crypto_cipher_deinit(struct crypto_cipher *ctx)
- {
-- EVP_CIPHER_CTX_cleanup(&ctx->enc);
-- EVP_CIPHER_CTX_cleanup(&ctx->dec);
-+ EVP_CIPHER_CTX_cleanup(ctx->enc);
-+ EVP_CIPHER_CTX_free(ctx->enc);
-+ EVP_CIPHER_CTX_cleanup(ctx->dec);
-+ EVP_CIPHER_CTX_free(ctx->dec);
- os_free(ctx);
- }
-
-@@ -544,8 +561,10 @@ void crypto_cipher_deinit(struct crypto_
- void * dh5_init(struct wpabuf **priv, struct wpabuf **publ)
- {
- DH *dh;
-+ BIGNUM *p, *g;
- struct wpabuf *pubkey = NULL, *privkey = NULL;
- size_t publen, privlen;
-+ const BIGNUM *pub_key, *priv_key;
-
- *priv = NULL;
- *publ = NULL;
-@@ -555,28 +572,29 @@ void * dh5_init(struct wpabuf **priv, st
- if (dh == NULL)
- return NULL;
-
-- dh->g = BN_new();
-- if (dh->g == NULL || BN_set_word(dh->g, 2) != 1)
-+ g = BN_new();
-+ if (g == NULL || BN_set_word(g, 2) != 1)
- goto err;
-
-- dh->p = get_group5_prime();
-- if (dh->p == NULL)
-+ p = get_group5_prime();
-+ if (p == NULL)
- goto err;
-
-+ DH_set0_pqg(dh, p, NULL, g);
-+
- if (DH_generate_key(dh) != 1)
- goto err;
-
-- publen = BN_num_bytes(dh->pub_key);
-- pubkey = wpabuf_alloc(publen);
-- if (pubkey == NULL)
-+ DH_get0_key(dh, &pub_key, &priv_key);
-+ if (pub_key == NULL)
- goto err;
-+ publen = BN_num_bytes(pub_key);
-- privlen = BN_num_bytes(dh->priv_key);
-- privkey = wpabuf_alloc(privlen);
-- if (privkey == NULL)
-+ if (priv_key == NULL)
- goto err;
-+ privlen = BN_num_bytes(priv_key);
-
-- BN_bn2bin(dh->pub_key, wpabuf_put(pubkey, publen));
-- BN_bn2bin(dh->priv_key, wpabuf_put(privkey, privlen));
-+ BN_bn2bin(pub_key, wpabuf_put(pubkey, publen));
-+ BN_bn2bin(priv_key, wpabuf_put(privkey, privlen));
-
- *priv = privkey;
- *publ = pubkey;
-@@ -592,27 +609,31 @@ err:
- void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ)
- {
- DH *dh;
-+ BIGNUM *g, *p, *dhpub, *dhpriv;
-
- dh = DH_new();
- if (dh == NULL)
- return NULL;
-
-- dh->g = BN_new();
-- if (dh->g == NULL || BN_set_word(dh->g, 2) != 1)
-+ g = BN_new();
-+ if (g == NULL || BN_set_word(g, 2) != 1)
- goto err;
-
-- dh->p = get_group5_prime();
-- if (dh->p == NULL)
-+ p = get_group5_prime();
-+ if (p == NULL)
- goto err;
-
-- dh->priv_key = BN_bin2bn(wpabuf_head(priv), wpabuf_len(priv), NULL);
-- if (dh->priv_key == NULL)
-- goto err;
-+ DH_set0_pqg(dh, p, NULL, g);
-
-- dh->pub_key = BN_bin2bn(wpabuf_head(publ), wpabuf_len(publ), NULL);
-- if (dh->pub_key == NULL)
-+ dhpub = BN_bin2bn(wpabuf_head(publ), wpabuf_len(publ), NULL);
-+ if(!dhpub)
-+ goto err;
-+ dhpriv = BN_bin2bn(wpabuf_head(priv), wpabuf_len(priv), NULL);
-+ if(!dhpriv)
- goto err;
-
-+ DH_set0_key(dh, dhpub, dhpriv);
-+
- if (DH_generate_key(dh) != 1)
- goto err;
-
-@@ -672,7 +693,7 @@ void dh5_free(void *ctx)
-
-
- struct crypto_hash {
-- HMAC_CTX ctx;
-+ HMAC_CTX *ctx;
- };
-
-
-@@ -707,12 +728,15 @@ struct crypto_hash * crypto_hash_init(en
- ctx = os_zalloc(sizeof(*ctx));
- if (ctx == NULL)
- return NULL;
-- HMAC_CTX_init(&ctx->ctx);
-+ ctx->ctx = HMAC_CTX_new();
-+ if (ctx->ctx == NULL)
-+ return NULL;
-
- #if OPENSSL_VERSION_NUMBER < 0x00909000
-- HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL);
-+ HMAC_Init_ex(ctx->ctx, key, key_len, md, NULL);
- #else /* openssl < 0.9.9 */
-- if (HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL) != 1) {
-+ if (HMAC_Init_ex(ctx->ctx, key, key_len, md, NULL) != 1) {
-+ HMAC_CTX_free(ctx->ctx);
- bin_clear_free(ctx, sizeof(*ctx));
- return NULL;
- }
-@@ -726,7 +750,7 @@ void crypto_hash_update(struct crypto_ha
- {
- if (ctx == NULL)
- return;
-- HMAC_Update(&ctx->ctx, data, len);
-+ HMAC_Update(ctx->ctx, data, len);
- }
-
-
-@@ -745,12 +769,12 @@ int crypto_hash_finish(struct crypto_has
-
- mdlen = *len;
- #if OPENSSL_VERSION_NUMBER < 0x00909000
-- HMAC_Final(&ctx->ctx, mac, &mdlen);
-+ HMAC_Final(ctx->ctx, mac, &mdlen);
- res = 1;
- #else /* openssl < 0.9.9 */
-- res = HMAC_Final(&ctx->ctx, mac, &mdlen);
-+ res = HMAC_Final(ctx->ctx, mac, &mdlen);
- #endif /* openssl < 0.9.9 */
-- HMAC_CTX_cleanup(&ctx->ctx);
-+ HMAC_CTX_free(ctx->ctx);
- bin_clear_free(ctx, sizeof(*ctx));
-
- if (res == 1) {
-@@ -767,28 +791,29 @@ static int openssl_hmac_vector(const EVP
- const u8 *addr[], const size_t *len, u8 *mac,
- unsigned int mdlen)
- {
-- HMAC_CTX ctx;
-+ HMAC_CTX *ctx = HMAC_CTX_new();
- size_t i;
- int res;
-
-- HMAC_CTX_init(&ctx);
-+ if (ctx == NULL)
-+ return -1;
- #if OPENSSL_VERSION_NUMBER < 0x00909000
-- HMAC_Init_ex(&ctx, key, key_len, type, NULL);
-+ HMAC_Init_ex(ctx, key, key_len, type, NULL);
- #else /* openssl < 0.9.9 */
-- if (HMAC_Init_ex(&ctx, key, key_len, type, NULL) != 1)
-+ if (HMAC_Init_ex(ctx, key, key_len, type, NULL) != 1)
- return -1;
- #endif /* openssl < 0.9.9 */
-
- for (i = 0; i < num_elem; i++)
-- HMAC_Update(&ctx, addr[i], len[i]);
-+ HMAC_Update(ctx, addr[i], len[i]);
-
- #if OPENSSL_VERSION_NUMBER < 0x00909000
-- HMAC_Final(&ctx, mac, &mdlen);
-+ HMAC_Final(ctx, mac, &mdlen);
- res = 1;
- #else /* openssl < 0.9.9 */
-- res = HMAC_Final(&ctx, mac, &mdlen);
-+ res = HMAC_Final(ctx, mac, &mdlen);
- #endif /* openssl < 0.9.9 */
-- HMAC_CTX_cleanup(&ctx);
-+ HMAC_CTX_free(ctx);
-
- return res == 1 ? 0 : -1;
- }
---- wpa_supplicant-2.5/src/crypto/tls_openssl.c.omv~ 2016-09-18 20:20:51.033468603 +0200
-+++ wpa_supplicant-2.5/src/crypto/tls_openssl.c 2016-09-18 20:21:20.665051523 +0200
-@@ -3964,7 +3964,7 @@ int tls_global_set_params(void *tls_ctx,
- * commented out unless explicitly needed for EAP-FAST in order to be able to
- * build this file with unmodified openssl. */
-
--#ifdef OPENSSL_IS_BORINGSSL
-+#if defined(OPENSSL_IS_BORINGSSL) || OPENSSL_VERSION_NUMBER >= 0x10100000L
- static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len,
- STACK_OF(SSL_CIPHER) *peer_ciphers,
- const SSL_CIPHER **cipher, void *arg)
diff --git a/wpa_supplicant-2.7-fix-undefined-remove-ie.patch b/wpa_supplicant-2.7-fix-undefined-remove-ie.patch
new file mode 100644
index 0000000..97a8cc7
--- /dev/null
+++ b/wpa_supplicant-2.7-fix-undefined-remove-ie.patch
@@ -0,0 +1,38 @@
+From f2973fa39d6109f0f34969e91551a98dc340d537 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Mon, 3 Dec 2018 12:00:26 +0200
+Subject: FT: Fix CONFIG_IEEE80211X=y build without CONFIG_FILS=y
+
+remove_ie() was defined within an ifdef CONFIG_FILS block while it is
+now needed even without CONFIG_FILS=y. Remove the CONFIG_FILS condition
+there.
+
+Fixes 8c41734e5de1 ("FT: Fix Reassociation Request IEs during FT protocol")
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ wpa_supplicant/sme.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
+index 39c8069..f77f751 100644
+--- a/wpa_supplicant/sme.c
++++ b/wpa_supplicant/sme.c
+@@ -1386,7 +1386,6 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data)
+ }
+
+
+-#ifdef CONFIG_FILS
+ #ifdef CONFIG_IEEE80211R
+ static void remove_ie(u8 *buf, size_t *len, u8 eid)
+ {
+@@ -1401,7 +1400,6 @@ static void remove_ie(u8 *buf, size_t *len, u8 eid)
+ }
+ }
+ #endif /* CONFIG_IEEE80211R */
+-#endif /* CONFIG_FILS */
+
+
+ void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode,
+--
+cgit v0.12
+
diff --git a/wpa_supplicant-assoc-timeout.patch b/wpa_supplicant-assoc-timeout.patch
deleted file mode 100644
index c3b3568..0000000
--- a/wpa_supplicant-assoc-timeout.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -up wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c.assoc-timeout wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c
---- wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c.assoc-timeout 2010-09-07 10:43:39.000000000 -0500
-+++ wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c 2010-12-07 18:57:45.163457000 -0600
-@@ -1262,10 +1262,10 @@ void wpa_supplicant_associate(struct wpa
-
- if (assoc_failed) {
- /* give IBSS a bit more time */
-- timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
-+ timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
- } else if (wpa_s->conf->ap_scan == 1) {
- /* give IBSS a bit more time */
-- timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
-+ timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 20;
- }
- wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
- }
diff --git a/wpa_supplicant-quiet-scan-results-message.patch b/wpa_supplicant-quiet-scan-results-message.patch
deleted file mode 100644
index 340ad3b..0000000
--- a/wpa_supplicant-quiet-scan-results-message.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -Naur wpa_supplicant-1.0/wpa_supplicant/events.c wpa_supplicant-1.0.tpg/wpa_supplicant/events.c
---- wpa_supplicant-1.0/wpa_supplicant/events.c 2012-05-09 21:56:09.000000000 +0000
-+++ wpa_supplicant-1.0.tpg/wpa_supplicant/events.c 2012-05-25 09:26:20.699358689 +0000
-@@ -1076,7 +1076,7 @@
- }
-
- wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available");
-- wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
-+ wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS);
- wpas_notify_scan_results(wpa_s);
-
- wpas_notify_scan_done(wpa_s, 1);
diff --git a/wpa_supplicant-squelch-driver-disconnect-spam.patch b/wpa_supplicant-squelch-driver-disconnect-spam.patch
deleted file mode 100644
index f53a418..0000000
--- a/wpa_supplicant-squelch-driver-disconnect-spam.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-diff -up wpa_supplicant-0.6.8/wpa_supplicant/events.c.disconnect-spam wpa_supplicant-0.6.8/wpa_supplicant/events.c
---- wpa_supplicant-0.6.8/wpa_supplicant/events.c.disconnect-spam 2010-05-06 18:10:51.348288705 -0700
-+++ wpa_supplicant-0.6.8/wpa_supplicant/events.c 2010-05-06 18:10:51.356288887 -0700
-@@ -1302,6 +1302,15 @@ static void wpa_supplicant_event_disasso
- wpa_s->keys_cleared = 0;
- wpa_clear_keys(wpa_s, wpa_s->bssid);
- }
-+
-+ if (wpa_s->wpa_state == WPA_DISCONNECTED) {
-+ wpa_s->disconnect_count++;
-+ if (!eloop_is_timeout_registered(wpa_disconnect_spam_handle, wpa_s, NULL)) {
-+ eloop_register_timeout(6, 0, wpa_disconnect_spam_handle, wpa_s, NULL);
-+ wpa_printf(MSG_DEBUG, "%s: scheduled DISCONNECT spam handler", __FUNCTION__);
-+ }
-+ }
-+
- wpa_supplicant_mark_disassoc(wpa_s);
-
- if (authenticating && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
-diff -up wpa_supplicant-0.6.8/wpa_supplicant/wpa_supplicant.c.disconnect-spam wpa_supplicant-0.6.8/wpa_supplicant/wpa_supplicant.c
---- wpa_supplicant-0.6.8/wpa_supplicant/wpa_supplicant.c.disconnect-spam 2010-05-06 18:10:51.340288662 -0700
-+++ wpa_supplicant-0.6.8/wpa_supplicant/wpa_supplicant.c 2010-05-06 18:12:06.090413976 -0700
-@@ -382,6 +382,9 @@ static void wpa_supplicant_cleanup(struc
-
- wpa_supplicant_cancel_scan(wpa_s);
- wpa_supplicant_cancel_auth_timeout(wpa_s);
-+ if (eloop_is_timeout_registered(wpa_disconnect_spam_handle, wpa_s, NULL))
-+ eloop_cancel_timeout(wpa_disconnect_spam_handle, wpa_s, NULL);
-+
- eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
- #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
- eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
-@@ -461,6 +464,23 @@ const char * wpa_supplicant_state_txt(in
- #endif /* CONFIG_BGSCAN */
-
-
-+void wpa_disconnect_spam_handle(void *eloop_ctx, void *timeout_ctx)
-+{
-+ struct wpa_supplicant *wpa_s = eloop_ctx;
-+ const u8 bssid[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
-+
-+ wpa_printf(MSG_DEBUG, "%s: %d disconnect events in 6 seconds",
-+ __FUNCTION__, wpa_s->disconnect_count);
-+
-+ if (wpa_s->disconnect_count >= 3) {
-+ wpa_printf(MSG_DEBUG, "%s: forcing SSID/BSSID reset", __FUNCTION__);
-+ wpa_drv_disassociate(wpa_s, bssid, WLAN_REASON_DEAUTH_LEAVING);
-+ wpa_supplicant_req_scan(wpa_s, 1, 0);
-+ }
-+ wpa_s->disconnect_count = 0;
-+}
-+
-+
- /**
- * wpa_supplicant_set_state - Set current connection state
- * @wpa_s: Pointer to wpa_supplicant data
-@@ -478,6 +498,18 @@ void wpa_supplicant_set_state(struct wpa
- if (state != WPA_SCANNING)
- wpa_supplicant_notify_scanning(wpa_s, 0);
-
-+ if (state != WPA_DISCONNECTED && state != WPA_SCANNING) {
-+ /* If the state isn't disconnected, cancel any registered
-+ * disconnect spam handler, which should only live while
-+ * disconnect events are coming in quickly.
-+ */
-+ wpa_s->disconnect_count = 0;
-+ if (eloop_is_timeout_registered(wpa_disconnect_spam_handle, wpa_s, NULL)) {
-+ wpa_printf(MSG_DEBUG, "%s: canceling DISCONNECT spam handler", __FUNCTION__);
-+ eloop_cancel_timeout(wpa_disconnect_spam_handle, wpa_s, NULL);
-+ }
-+ }
-+
- if (state == WPA_COMPLETED && wpa_s->new_connection) {
- #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
- struct wpa_ssid *ssid = wpa_s->current_ssid;
-diff -up wpa_supplicant-0.6.8/wpa_supplicant/wpa_supplicant_i.h.disconnect-spam wpa_supplicant-0.6.8/wpa_supplicant/wpa_supplicant_i.h
---- wpa_supplicant-0.6.8/wpa_supplicant/wpa_supplicant_i.h.disconnect-spam 2009-02-15 10:00:00.000000000 -0800
-+++ wpa_supplicant-0.6.8/wpa_supplicant/wpa_supplicant_i.h 2010-05-06 18:10:51.358288792 -0700
-@@ -397,6 +397,8 @@ struct wpa_supplicant {
- int wps_success; /* WPS success event received */
- struct wps_er *wps_er;
- int blacklist_cleared;
-+
-+ int disconnect_count;
-
- struct wpabuf *pending_eapol_rx;
- struct os_time pending_eapol_rx_time;
-@@ -461,6 +463,7 @@ void wpa_clear_keys(struct wpa_supplican
- int sec, int usec);
- void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
- enum wpa_states state);
-+void wpa_disconnect_spam_handle(void *eloop_ctx, void *timeout_ctx);
- struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s);
- const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s);
- void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s);
-
diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec
index 4fba716..ba2ad45 100644
--- a/wpa_supplicant.spec
+++ b/wpa_supplicant.spec
@@ -3,8 +3,8 @@
Summary: Linux WPA Supplicant (IEEE 802.1X, WPA, WPA2, RSN, IEEE 802.11i)
Name: wpa_supplicant
-Version: 2.6
-Release: 4
+Version: 2.7
+Release: 0.1
# wpa_supplicant itself is dual-licensed under GPLv2 and BSD license, but as we
# link against GPL libraries, we must use GPLv2 license
License: GPLv2
@@ -12,32 +12,12 @@ Group: Communications
URL: http://hostap.epitest.fi/wpa_supplicant/
Source0: http://hostap.epitest.fi/releases/wpa_supplicant-%{version}.tar.gz
Source7: %{name}.tmpfiles
+Patch0: wpa_supplicant-2.7-fix-undefined-remove-ie.patch
Patch1: wpa_supplicant-2.2-omv-defconfig.patch
-# should be safe to just bump MAX_WEP_KEY_LEN to 32
-# http://lists.shmoo.com/pipermail/hostap/2005-October/011787.html
-Patch2: wpa_supplicant-0.6.3-WEP232.patch
-#(tpg) not needed ?
-#Patch3: wpa_supplicant-2.5-openssl-1.1.patch
-Patch5: wpa_supplicant-1.0-mdv-dbus-service-file-args.patch
-Patch7: wpa_supplicant-0.7.3-copy-wpa_scan_results_free-for-wpa_priv.patch
+Patch2: wpa_supplicant-1.0-mga-dbus-service-file-args.patch
+# fedora patches
# quiet an annoying and frequent syslog message
-Patch8: wpa_supplicant-2.2-quiet-scan-results-message.patch
-# recover from streams of driver disconnect messages (iwl3945)
-# rediff ?
-#Patch9: wpa_supplicant-squelch-driver-disconnect-spam.patch
-# works around busted drivers by increasing association timeout
-Patch10: wpa_supplicant-assoc-timeout.patch
-# (tpg) this is not needed, right ?
-#Patch11: wpa_supplicant-0.7.3-fix-wpa_priv-eloop_signal_handler-casting.patch
-Patch13: wpa_supplicant-1.0-do-not-call-dbus-functions-with-NULL-path.patch
-Patch14: 0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
-Patch15: 0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
-Patch16: 0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
-Patch17: 0004-Prevent-installation-of-an-all-zero-TK.patch
-Patch18: 0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
-Patch19: 0006-TDLS-Reject-TPK-TK-reconfiguration.patch
-Patch20: 0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
-Patch21: 0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
+Patch3: wpa_supplicant-2.2-quiet-scan-results-message.patch
BuildRequires: pkgconfig(dbus-1)
BuildRequires: pkgconfig(gnutls) >= 3.0
@@ -45,11 +25,10 @@ BuildRequires: pkgconfig(libpcsclite)
BuildRequires: doxygen
BuildRequires: pkgconfig(libnl-3.0)
BuildRequires: readline-devel
-BuildRequires: libgcrypt-devel
BuildRequires: pkgconfig(openssl)
+BuildRequires: pkgconfig(libsystemd)
Requires: systemd >= 218
Obsoletes: wpa_supplicant-gui < 2.4
-# http://ndiswrapper.sourceforge.net/wiki/index.php/WPA
%description
wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with
@@ -77,14 +56,14 @@ list of supported EAP methods (IEEE 802.1X Supplicant), supported
drivers and interoperability testing.
%prep
-%setup -q
+%setup -1
%apply_patches
-pushd wpa_supplicant
+cd wpa_supplicant
# (blino) comment all "network = { }" blocks
perl -pi -e '$_ = "# $_" if /^\s*network\s*=\s*{/ .. /^\s*}/' wpa_supplicant.conf
cp defconfig .config
-popd
+cd -
export CC=%{__cc}
export CXX=%{__cxx}
@@ -97,21 +76,21 @@ export BINDIR=%{_sbindir}
export LIBDIR=%{_libdir}
-pushd wpa_supplicant
+cd wpa_supplicant
%make
%make eapol_test
-popd
+cd -
%install
mkdir -p %{buildroot}%{_sbindir}
mkdir -p %{buildroot}%{_sysconfdir}/dbus-1/system.d/
mkdir -p %{buildroot}%{_datadir}/dbus-1/system-services/
-install -d %{buildroot}%{_systemunitdir}/
-install -m0644 %{name}/systemd/*.service -D %{buildroot}%{_systemunitdir}/
+install -d %{buildroot}%{_unitdir}/
+install -m0644 %{name}/systemd/*.service -D %{buildroot}%{_unitdir}/
install -m0644 %{SOURCE7} -D %{buildroot}%{_tmpfilesdir}/%{name}.conf
-pushd wpa_supplicant
+cd wpa_supplicant
# binaries
install -d %{buildroot}%{_sbindir}
@@ -139,17 +118,17 @@ install -d -m 755 %{buildroot}%{_mandir}/man{5,8}
install -m 644 doc/docbook/*.8 %{buildroot}%{_mandir}/man8
install -m 644 doc/docbook/*.5 %{buildroot}%{_mandir}/man5
-popd
+cd -
%files
%doc wpa_supplicant/README wpa_supplicant/eap_testing.txt wpa_supplicant/todo.txt
%doc wpa_supplicant/README-WPS
%doc wpa_supplicant/examples/*.conf
%attr(0600,root,daemon) %config(noreplace) %{_sysconfdir}/%{name}/wpa_supplicant.conf
-%{_systemunitdir}/%{name}.service
-%{_systemunitdir}/%{name}-nl80211@.service
-%{_systemunitdir}/%{name}-wired@.service
-%{_systemunitdir}/%{name}@.service
+%{_unitdir}/%{name}.service
+%{_unitdir}/%{name}-nl80211@.service
+%{_unitdir}/%{name}-wired@.service
+%{_unitdir}/%{name}@.service
%{_tmpfilesdir}/%{name}.conf
%{_sbindir}/wpa_cli
%{_sbindir}/wpa_passphrase