wpa-supplicant: fix the bug for PATCHTOOL = "patch"

When switch PATCHTOOL to patch, applying 'key-replay-cve-multiple.patch' failed: checking file src/ap/ieee802_11.c checking file src/ap/wpa_auth.c checking file src/ap/wpa_auth.h checking file src/ap/wpa_auth_ft.c checking file src/ap/wpa_auth_i.h checking file src/common/wpa_common.h checking file src/rsn_supp/wpa.c checking file src/rsn_supp/wpa_i.h checking file src/rsn_supp/wpa.c Hunk #1 FAILED at 709. Hunk #2 FAILED at 757. Hunk #3 succeeded at 840 (offset -12 lines). Hunk #4 FAILED at 868. Hunk #5 FAILED at 900. Hunk #6 FAILED at 924. Hunk #7 succeeded at 1536 (offset -38 lines). Hunk #8 FAILED at 2386. Hunk #9 FAILED at 2920. Hunk #10 succeeded at 2940 (offset -46 lines). Hunk #11 FAILED at 2998. 8 out of 11 hunks FAILED checking file src/rsn_supp/wpa_i.h Hunk #1 FAILED at 32. 1 out of 1 hunk FAILED checking file src/common/wpa_common.h Hunk #1 succeeded at 215 with fuzz 1. checking file src/rsn_supp/wpa.c checking file src/rsn_supp/wpa_i.h checking file src/ap/wpa_auth.c Hunk #1 succeeded at 1898 (offset -3 lines). Hunk #2 succeeded at 2470 (offset -3 lines). checking file src/rsn_supp/tdls.c checking file wpa_supplicant/wnm_sta.c checking file src/rsn_supp/wpa.c Hunk #1 succeeded at 2378 (offset -62 lines). checking file src/rsn_supp/wpa_ft.c checking file src/rsn_supp/wpa_i.h Hunk #1 succeeded at 123 (offset -5 lines). So split the wpa-supplicant/key-replay-cve-multiple to 8 patches. (From OE-Core rev: 4e9bc513c22b9a52c48588ef276e2ab7f7781526) Signed-off-by: Hong Liu <hongl.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Hong Liu <hongl.fnst@cn.fujitsu.com> 2018-06-05 16:10:56 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-06-15 17:56:24 +0100
commit: 61e587b32d10c796503f98f16eb3d66f24835708 (patch)
tree: 3915b26534a782f7017a588c5b86f4f1b3285fa4 /meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple7.patch
parent: c8a1e372f3aa962b483b4f2280c7c44392c8b2f7 (diff)
download: poky-61e587b32d10c796503f98f16eb3d66f24835708.tar.gz
1 files changed, 60 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple7.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple7.patch
new file mode 100644
index 0000000000..2e12bc7555
--- /dev/null
+++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple7.patch
@@ -0,0 +1,60 @@
+The WPA2 four-way handshake protocol is vulnerable to replay attacks which can
+result in unauthenticated clients gaining access to the network.
+Backport a number of patches from upstream to fix this.
+CVE: CVE-2017-13077
+CVE: CVE-2017-13078
+CVE: CVE-2017-13079
+CVE: CVE-2017-13080
+CVE: CVE-2017-13081
+CVE: CVE-2017-13082
+CVE: CVE-2017-13086
+CVE: CVE-2017-13087
+CVE: CVE-2017-13088
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+From 53c5eb58e95004f86e65ee9fbfccbc291b139057 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Fri, 22 Sep 2017 11:25:02 +0300
+Subject: [PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending
+ request
+Commit 03ed0a52393710be6bdae657d1b36efa146520e5 ('WNM: Ignore WNM-Sleep
+Mode Response if WNM-Sleep Mode has not been used') started ignoring the
+response when no WNM-Sleep Mode Request had been used during the
+association. This can be made tighter by clearing the used flag when
+successfully processing a response. This adds an additional layer of
+protection against unexpected retransmissions of the response frame.
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ wpa_supplicant/wnm_sta.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
+index 1b3409c..67a07ff 100644
+--- a/wpa_supplicant/wnm_sta.c
+++ b/wpa_supplicant/wnm_sta.c
+@@ -260,7 +260,7 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
+ 
+        if (!wpa_s->wnmsleep_used) {
+                wpa_printf(MSG_DEBUG,
+-                          "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode has not been used in this association");
+                          "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode operation has not been requested");
+                return;
+        }
+ 
+@@ -299,6 +299,8 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
+                return;
+        }
+ 
+       wpa_s->wnmsleep_used = 0;
+
+        if (wnmsleep_ie->status == WNM_STATUS_SLEEP_ACCEPT ||
+            wnmsleep_ie->status == WNM_STATUS_SLEEP_EXIT_ACCEPT_GTK_UPDATE) {
+                wpa_printf(MSG_DEBUG, "Successfully recv WNM-Sleep Response "
+-- 
+2.7.4
+\ No newline at end of file
author	Hong Liu <hongl.fnst@cn.fujitsu.com>	2018-06-05 16:10:56 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-06-15 17:56:24 +0100
commit	61e587b32d10c796503f98f16eb3d66f24835708 (patch)
tree	3915b26534a782f7017a588c5b86f4f1b3285fa4 /meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple7.patch
parent	c8a1e372f3aa962b483b4f2280c7c44392c8b2f7 (diff)
download	poky-61e587b32d10c796503f98f16eb3d66f24835708.tar.gz

diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple7.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple7.patch new file mode 100644 index 0000000000..2e12bc7555 --- /dev/null +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple7.patch
@@ -0,0 +1,60 @@
	1	The WPA2 four-way handshake protocol is vulnerable to replay attacks which can
	2	result in unauthenticated clients gaining access to the network.
	3
	4	Backport a number of patches from upstream to fix this.
	5
	6	CVE: CVE-2017-13077
	7	CVE: CVE-2017-13078
	8	CVE: CVE-2017-13079
	9	CVE: CVE-2017-13080
	10	CVE: CVE-2017-13081
	11	CVE: CVE-2017-13082
	12	CVE: CVE-2017-13086
	13	CVE: CVE-2017-13087
	14	CVE: CVE-2017-13088
	15
	16	Upstream-Status: Backport
	17	Signed-off-by: Ross Burton <ross.burton@intel.com>
	18
	19	From 53c5eb58e95004f86e65ee9fbfccbc291b139057 Mon Sep 17 00:00:00 2001
	20	From: Jouni Malinen <j@w1.fi>
	21	Date: Fri, 22 Sep 2017 11:25:02 +0300
	22	Subject: [PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending
	23	request
	24
	25	Commit 03ed0a52393710be6bdae657d1b36efa146520e5 ('WNM: Ignore WNM-Sleep
	26	Mode Response if WNM-Sleep Mode has not been used') started ignoring the
	27	response when no WNM-Sleep Mode Request had been used during the
	28	association. This can be made tighter by clearing the used flag when
	29	successfully processing a response. This adds an additional layer of
	30	protection against unexpected retransmissions of the response frame.
	31
	32	Signed-off-by: Jouni Malinen <j@w1.fi>
	33	---
	34	wpa_supplicant/wnm_sta.c \| 4 +++-
	35	1 file changed, 3 insertions(+), 1 deletion(-)
	36
	37	diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
	38	index 1b3409c..67a07ff 100644
	39	--- a/wpa_supplicant/wnm_sta.c
	40	+++ b/wpa_supplicant/wnm_sta.c
	41	@@ -260,7 +260,7 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
	42
	43	if (!wpa_s->wnmsleep_used) {
	44	wpa_printf(MSG_DEBUG,
	45	- "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode has not been used in this association");
	46	+ "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode operation has not been requested");
	47	return;
	48	}
	49
	50	@@ -299,6 +299,8 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
	51	return;
	52	}
	53
	54	+ wpa_s->wnmsleep_used = 0;
	55	+
	56	if (wnmsleep_ie->status == WNM_STATUS_SLEEP_ACCEPT \|\|
	57	wnmsleep_ie->status == WNM_STATUS_SLEEP_EXIT_ACCEPT_GTK_UPDATE) {
	58	wpa_printf(MSG_DEBUG, "Successfully recv WNM-Sleep Response "
	59	--
	60	2.7.4 \ No newline at end of file