From 7ba6f033772a6d8cb8de531e67c43be901ce4f00 Mon Sep 17 00:00:00 2001 From: "John W. Linville" Date: Mon, 3 Oct 2016 10:03:17 -0400 Subject: [PATCH] Update to version 2.6 from upstream - Remove patch for CVE-2016-4476, now included in base tarball --- .gitignore | 2 +- ...a-Credential-with-invalid-passphrase.patch | 82 ------------------- hostapd.spec | 14 ++-- sources | 2 +- 4 files changed, 8 insertions(+), 92 deletions(-) delete mode 100644 WPS-Reject-a-Credential-with-invalid-passphrase.patch diff --git a/.gitignore b/.gitignore index 076f0aa..bb0428d 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -/hostapd-2.5.tar.gz +/hostapd-2.6.tar.gz diff --git a/WPS-Reject-a-Credential-with-invalid-passphrase.patch b/WPS-Reject-a-Credential-with-invalid-passphrase.patch deleted file mode 100644 index df27ac1..0000000 --- a/WPS-Reject-a-Credential-with-invalid-passphrase.patch +++ /dev/null @@ -1,82 +0,0 @@ -From ecbb0b3dc122b0d290987cf9c84010bbe53e1022 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Fri, 4 Mar 2016 17:20:18 +0200 -Subject: [PATCH] WPS: Reject a Credential with invalid passphrase - -WPA/WPA2-Personal passphrase is not allowed to include control -characters. Reject a Credential received from a WPS Registrar both as -STA (Credential) and AP (AP Settings) if the credential is for WPAPSK or -WPA2PSK authentication type and includes an invalid passphrase. - -This fixes an issue where hostapd or wpa_supplicant could have updated -the configuration file PSK/passphrase parameter with arbitrary data from -an external device (Registrar) that may not be fully trusted. Should -such data include a newline character, the resulting configuration file -could become invalid and fail to be parsed. - -Signed-off-by: Jouni Malinen ---- - src/utils/common.c | 12 ++++++++++++ - src/utils/common.h | 1 + - src/wps/wps_attr_process.c | 10 ++++++++++ - 3 files changed, 23 insertions(+) - -diff --git a/src/utils/common.c b/src/utils/common.c -index 450e2c6..27b7c02 100644 ---- a/src/utils/common.c -+++ b/src/utils/common.c -@@ -697,6 +697,18 @@ int is_hex(const u8 *data, size_t len) - } - - -+int has_ctrl_char(const u8 *data, size_t len) -+{ -+ size_t i; -+ -+ for (i = 0; i < len; i++) { -+ if (data[i] < 32 || data[i] == 127) -+ return 1; -+ } -+ return 0; -+} -+ -+ - size_t merge_byte_arrays(u8 *res, size_t res_len, - const u8 *src1, size_t src1_len, - const u8 *src2, size_t src2_len) -diff --git a/src/utils/common.h b/src/utils/common.h -index 701dbb2..a972240 100644 ---- a/src/utils/common.h -+++ b/src/utils/common.h -@@ -488,6 +488,7 @@ const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len); - - char * wpa_config_parse_string(const char *value, size_t *len); - int is_hex(const u8 *data, size_t len); -+int has_ctrl_char(const u8 *data, size_t len); - size_t merge_byte_arrays(u8 *res, size_t res_len, - const u8 *src1, size_t src1_len, - const u8 *src2, size_t src2_len); -diff --git a/src/wps/wps_attr_process.c b/src/wps/wps_attr_process.c -index eadb22f..e8c4579 100644 ---- a/src/wps/wps_attr_process.c -+++ b/src/wps/wps_attr_process.c -@@ -229,6 +229,16 @@ static int wps_workaround_cred_key(struct wps_credential *cred) - cred->key_len--; - #endif /* CONFIG_WPS_STRICT */ - } -+ -+ -+ if (cred->auth_type & (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK) && -+ (cred->key_len < 8 || has_ctrl_char(cred->key, cred->key_len))) { -+ wpa_printf(MSG_INFO, "WPS: Reject credential with invalid WPA/WPA2-Personal passphrase"); -+ wpa_hexdump_ascii_key(MSG_INFO, "WPS: Network Key", -+ cred->key, cred->key_len); -+ return -1; -+ } -+ - return 0; - } - --- -1.9.1 - diff --git a/hostapd.spec b/hostapd.spec index 628a707..8557f10 100644 --- a/hostapd.spec +++ b/hostapd.spec @@ -1,8 +1,8 @@ %global _hardened_build 1 Name: hostapd -Version: 2.5 -Release: 5%{?dist} +Version: 2.6 +Release: 1%{?dist} Summary: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator License: BSD URL: http://w1.fi/hostapd @@ -13,9 +13,6 @@ Source2: %{name}.conf Source3: %{name}.sysconfig Source4: %{name}.init -# CVE-2016-4476 (not actually necessary, since WPS not enabled) -Patch0: WPS-Reject-a-Credential-with-invalid-passphrase.patch - BuildRequires: libnl3-devel BuildRequires: openssl-devel BuildRequires: perl-generators @@ -54,9 +51,6 @@ Logwatch scripts for hostapd. %prep %setup -q -# CVE-2016-4476 -%patch0 -p1 - %build cd hostapd cat defconfig | sed \ @@ -175,6 +169,10 @@ fi %{_sysconfdir}/logwatch/scripts/services/%{name} %changelog +* Mon Oct 03 2016 John W. Linville - 2.6-1 +- Update to version 2.6 from upstream +- Remove patch for CVE-2016-4476, now included in base tarball + * Fri Jul 15 2016 John W. Linville - 2.5-5 - Bump NVR and rebuild to resolve GLIBC_2.24 symbol issue diff --git a/sources b/sources index 8cc9f9c..731204d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -69f9cec3f76d74f402864a43e4f8624f hostapd-2.5.tar.gz +eaa56dce9bd8f1d195eb62596eab34c7 hostapd-2.6.tar.gz