Commit Graph

40 Commits

Author SHA1 Message Date
Cy Schubert
0ec68024a0 MFV r337818:
WPA: Ignore unauthenticated encrypted EAPOL-Key data

Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.

When using WPA2, EAPOL-Key frames that had the Encrypted flag set but
not the MIC flag, had their data field decrypted without first verifying
the MIC. In case the data field was encrypted using RC4 (i.e., when
negotiating TKIP as the pairwise cipher), this meant that
unauthenticated but decrypted data would then be processed. An adversary
could abuse this as a decryption oracle to recover sensitive information
in the data field of EAPOL-Key messages (e.g., the group key).
(CVE-2018-14526)

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>

Obtained from:  git://w1.fi/hostap.git
MFC after:      1 day
Security:       CVE-2018-14526
Security:       VuXML: 6bedc863-9fbe-11e8-945f-206a8a720317
2018-08-14 20:24:10 +00:00
Cy Schubert
dfbd3c8d91 Remove a redundant declaration.
While at it add a blank line, conforming with the convention
used in this file.

X-MFC-with:	r336203
2018-07-20 02:25:39 +00:00
Cy Schubert
64987377c2 To reduce our diff between our sources and our upline, sync up
with upline. Also making it easier to read.

Obtained from:	diffing base with ports
X-MFC-with:	r336203
2018-07-20 02:17:19 +00:00
Cy Schubert
e581761876 MFV: r336486
Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.

Obtained from:	https://w1.fi/security/2017-1/\
		rebased-v2.6-0002-Prevent-reinstallation-\
		of-an-already-in-use-group-ke.patch
X-MFC-with:	r336203
2018-07-20 02:04:10 +00:00
Cy Schubert
84c260fb1b Revert r336501. It was a of the wrong rev from the vendor branch. 2018-07-20 01:53:28 +00:00
Cy Schubert
1b911983db MFV r336490:
Prevent installation of an all-zero TK.
This is also upline git commit 53bb18cc8b7a4da72e47e4b3752d0d2135cffb23.

Obtained from:	https://w1.fi/security/2017-1/\
		rebased-v2.6-0004-Prevent-installation-\
		of-an-all-zero-TK.patch
X-MFC-with:	r336203
2018-07-19 20:10:34 +00:00
Cy Schubert
e2b89ca9cb MFV: r336486
Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.

Obtained from:	https://w1.fi/security/2017-1/\
		rebased-v2.6-0002-Prevent-reinstallation-\
		of-an-already-in-use-group-ke.patch
X-MFC-with:	r336203
2018-07-19 19:22:26 +00:00
Cy Schubert
8d6dfc9ece MFV: r336485
Address: hostapd: Avoid key reinstallation in FT handshake

Obtained from:	https://w1.fi/security/2017-1/\
		rebased-v2.6-0001-hostapd-Avoid-key-\
		reinstallation-in-FT-handshake.patch
X-MFC-with:	r336203
2018-07-19 19:04:30 +00:00
Cy Schubert
780fb4a2fa MFV r324714:
Update wpa 2.5 --> 2.6.

MFC after:	1 month
2018-07-11 18:53:18 +00:00
Hans Petter Selasky
5fd1ea0810 Re-apply r190640.
- Restore local change to include <net/bpf.h> inside pcap.h.
This fixes ports build problems.
- Update local copy of dlt.h with new DLT types.
- Revert no longer needed <net/bpf.h> includes which were added
as part of r334277.

Suggested by:	antoine@, delphij@, np@
MFC after:	3 weeks
Sponsored by:	Mellanox Technologies
2018-05-31 09:11:21 +00:00
Hans Petter Selasky
b00ab7548b MFV r333789: libpcap 1.9.0 (pre-release)
MFC after:	1 month
Sponsored by:	Mellanox Technologies
2018-05-28 08:12:18 +00:00
Gordon Tetlow
a2063804a2 Update wpa_supplicant/hostapd for 2017-01 vulnerability release.
hostapd: Avoid key reinstallation in FT handshake
Prevent reinstallation of an already in-use group key
Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
Fix TK configuration to the driver in EAPOL-Key 3/4 retry case
Prevent installation of an all-zero TK
Fix PTK rekeying to generate a new ANonce
TDLS: Reject TPK-TK reconfiguration
WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
WNM: Ignore WNM-Sleep Mode Response without pending request
FT: Do not allow multiple Reassociation Response frames
TDLS: Ignore incoming TDLS Setup Response retries

Submitted by:	jhb
Obtained from:	https://w1.fi/security/2017-01/ (against later version)
Security:	FreeBSD-SA-17:07
Security:	CERT VU#228519
Security:	CVE-2017-13077
Security:	CVE-2017-13078
Security:	CVE-2017-13079
Security:	CVE-2017-13080
Security:	CVE-2017-13081
Security:	CVE-2017-13082
Security:	CVE-2017-13086
Security:	CVE-2017-13087
Security:	CVE-2017-13088
Differential Revision:	https://reviews.freebsd.org/D12693
2017-10-17 17:22:36 +00:00
Adrian Chadd
ce276fe26d [wpa] use IFM_IEEE80211_ADHOC for now on FreeBSD for IBSS operation.
PR:		bin/203086
Submitted by:	avos
2015-11-26 17:28:40 +00:00
Adrian Chadd
7424f50fa8 [wpa] bring up interface in ap_mode=2
This is required for WPA-NONE operation.

PR:		bin/203086
Submitted by:	avos@
2015-11-26 17:26:28 +00:00
Adrian Chadd
e1f2d1f39f [wpa] handle IBSS mediatype.
same as the previous commit to ifconfig - handle a mediatype of IBSS
without failing/complaining.

Internally inside wpa_s things treat IBSS/ADHOC as equivalent.
2015-11-26 02:00:37 +00:00
Rui Paulo
325151a32e Update hostapd/wpa_supplicant to version 2.5.
Tested by several people on current@/wireless@.

Relnotes:	yes
2015-10-18 21:38:25 +00:00
Rui Paulo
5b9c547c07 Merge wpa_supplicant/hostapd 2.4.
Major changes are: SAE, Suite B, RFC 7268, EAP-PKE, ACS, and tons of
bug fixes.

Relnotes:	yes
2015-04-21 01:45:11 +00:00
John-Mark Gurney
a061720cbb convert to using pidfile... This prevents multiple wpa_supplicants
running at the same time causing problems w/ wifi not working..

the patch will be submitted upstream...  The next step if someone wants
to push it upstream is to break os_unix.c up so that all these other
utilities don't need libutil..

Reviewed by:	rpaulo
2014-06-22 10:00:33 +00:00
Rui Paulo
6f51bc45db Enable all cryptocaps because net80211 can do software encryption.
MFC after:	1 week
2014-03-29 23:25:09 +00:00
Ed Maste
3901c6c9af Revert to upstream literal $FreeBSD tag
radiotap.h in upstream wpa originally came from the FreeBSD CVS
repository.  The copy in vendor/ matched the upstream one; with this
change the contrib copy now matches too.

Discussed with:	jhb@
2013-10-30 18:33:40 +00:00
Rui Paulo
bfd13d9679 Fix previous commit: both flags must be set. 2013-08-07 15:55:12 +00:00
Rui Paulo
e7b969bbee Make sure IFM_AVALID is also set when checking ifm_status.
Submitted by:	yongari
2013-08-07 04:03:30 +00:00
Rui Paulo
43673d4bfc Fix a timing issue with the wired driver.
After configuring the interface, wait for the link to become active.
Many ethernet drivers reset the chip when we set multicast filters
(causing significant delays due to link re-negotiation) and, by the time
we start sending packets, they are discared instead of going to the ether.

Tested by:	dumbbell
2013-08-07 01:01:58 +00:00
Hiren Panchasara
3eb0227259 Move to MSG_DEBUG to print it via syslog only when requested.
Reviewed by:	rpaulo, adrian
Approved by:	sbruno (mentor)
2013-07-08 16:03:18 +00:00
Rui Paulo
a61123749d Delete .gitignore files. 2013-07-04 23:05:28 +00:00
Rui Paulo
d4f2939c85 Restore the dbus directory that was not meant to be deleted in r252729. 2013-07-04 23:01:24 +00:00
Rui Paulo
521fc850a0 Remove unused files / directories. 2013-07-04 21:31:28 +00:00
Rui Paulo
f05cddf940 Merge hostapd / wpa_supplicant 2.0.
Reviewed by:	adrian (driver_bsd + usr.sbin/wpa)
2013-07-04 21:12:58 +00:00
Sergey Kandaurov
c222608952 Import change e4ac6417c7504e1c55ec556ce908974c04e29e3c from upstream wpa:
From: Guy Eilam <guy@wizery.com>
  Date: Mon, 21 Feb 2011 20:44:46 +0000 (+0200)
  Subject: utils: Corrected a typo in header's name definition

  utils: Corrected a typo in header's name definition

  Corrected a typo in the BASE64_H definition that
  might cause the header file to be included more than once.

  Signed-off-by: Guy Eilam <guy@wizery.com>

Submitted by:	<dt71@gmx.com>
MFC after:	3 days
2013-06-17 14:46:54 +00:00
Dimitry Andric
5f33039834 Import change 40eebf235370b6fe6353784ccf01ab92eed062a5 from upstream wpa:
From: Jouni Malinen <j@w1.fi>
  Date: Fri, 15 Jul 2011 13:42:06 +0300
  Subject: [PATCH] MD5: Fix clearing of temporary stack memory to use correct length

  sizeof of the structure instead of the pointer was supposed to be used
  here. Fix this to clear the full structure at the end of MD5Final().

Found by:	clang ToT
Reviewed by:	rpaulo
MFC after:	3 days
2013-02-16 12:52:40 +00:00
Colin Percival
43f13bea35 MFS security patches which seem to have accidentally not reached HEAD:
Fix insufficient message length validation for EAP-TLS messages.

Fix Linux compatibility layer input validation error.

Security:	FreeBSD-SA-12:07.hostapd
Security:	FreeBSD-SA-12:08.linux
Security:	CVE-2012-4445, CVE-2012-4576
With hat:	so@
2012-11-23 01:48:31 +00:00
Rui Paulo
b894cc9352 Remove unused files. 2010-11-03 10:46:39 +00:00
Rui Paulo
e28a4053b1 Merge wpa_supplicant and hostapd 0.7.3. 2010-11-03 10:43:38 +00:00
Rui Paulo
4f95cb6e9c Remove unused files. 2010-06-14 15:52:50 +00:00
Rui Paulo
3157ba2193 MFV hostapd & wpa_supplicant 0.6.10. 2010-06-14 15:37:48 +00:00
Doug Barton
c0c0c35c3b Add some notes and clarify a few sections:
1. Add a note to double-check the man page
2. Remove windows-specific items in the ctrl_interface section
3. Add a note that ap_scan must be set to 1 for use with wlan
4. Clarify the wording for scan_ssid related to APs that hide ssid
5. Clarify the wording for the priority option
2009-03-16 23:56:28 +00:00
Sam Leffler
1e0f47c327 remove gcc-ism; tsinfo isn't used anyway 2009-03-15 01:38:37 +00:00
Sam Leffler
470736a061 fix portability; linux does not have sa_len/sun_len 2009-03-13 19:05:34 +00:00
Sam Leffler
2aef0ff7d9 bring in local changes for:
CONFIG_DEBUG_SYSLOG
CONFIG_TERMINATE_ONLASTIF
EAP_SERVER
2009-03-02 02:26:53 +00:00
Sam Leffler
39beb93c3f connect vendor wpa area to contrib 2009-03-02 02:23:47 +00:00