r336203:
MFV r324714:
Update wpa 2.5 --> 2.6.
r336499:
MFV: r336485
Address: hostapd: Avoid key reinstallation in FT handshake
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0001-hostapd-Avoid-key-\
reinstallation-in-FT-handshake.patch
r336501:
MFV: r336486
Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0002-Prevent-reinstallation-\
of-an-already-in-use-group-ke.patch
r336502:
MFV r336487:
Import upline security patch: Extend protection of GTK/IGTK
reinstallation of WNM-Sleep Mode cases. This git commit
87e2db16bafcbc60b8d0016175814a73c1e8ed45.
This commit is is simply a pops change as r324696 already plugged
this vulnerability. To maintain consistency with the vendor branch
props will be changed.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-\
reinstallation-of-WNM-.patch
r336506:
MFV r336490:
Prevent installation of an all-zero TK.
This is also upline git commit 53bb18cc8b7a4da72e47e4b3752d0d2135cffb23.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0004-Prevent-installation-\
of-an-all-zero-TK.patch
r336510:
MFV r336493:
Fix PTK rekeying to generate a new ANonce.
This is also upline git commit 0adc9b28b39d414d5febfff752f6a1576f785c85.
This commit is a NOP, just changing props as the heavy lifting was
done by r324696. This just brings us into line with the vendor branch.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0005-Fix-PTK-rekeying-to-\
generate-a-new-ANonce.patch
r336512:
MFV r336494:
TDLS: Reject TPK-TK reconfiguration.
This is also upline git commmit ff89af96e5a35c86f50330d2b86c18323318a60c.
Once again this is a NOP as this is a props change to sync up with
the vendor branch. The real commit is in r324696.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0006-TDLS-Reject-TPK-TK-\
reconfiguration.patch
r336513:
MFV r336495:
Another props change. The real work was done by r324696. We're simply
syncing up with the vendor branch again.
mport upline security patch: WNM: Ignore WNM-Sleep Mode Request in
wnm_sleep_mode=0 case. This is also upline git commit
114f2830d2c2aee6db23d48240e93415a256a37c.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-\
Response-without-pending-r.patch
r336515:
MFV r336496:
A props change to sync up with the vendor branch. The real work was
done by r324696.
FILS: Do not allow multiple (Re)Association Response frames.
This is also upline git commit e760851176c77ae6de19821bb1d5bf3ae2cb5187.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0008-FT-Do-not-allow-multiple-\
Reassociation-Response-fram.patch
r336528:
Revert r336501. It was a of the wrong rev from the vendor branch.
r336529:
MFV: r336486
Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0002-Prevent-reinstallation-\
of-an-already-in-use-group-ke.patch
r336530:
To reduce our diff between our sources and our upline, sync up
with upline. Also making it easier to read.
Obtained from: diffing base with ports
r336531:
Remove a redundant declaration.
While at it add a blank line, conforming with the convention
used in this file.
c5461dc746