rpms/wpa_supplicant
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to version 2.11

Browse Source 
Resolves: https://issues.redhat.com/browse/RHEL-58725
Resolves: https://issues.redhat.com/browse/RHEL-10237

Signed-off-by: Davide Caratti <dcaratti@redhat.com>
This commit is contained in:
Davide Caratti 2024-11-22 11:01:10 +01:00
parent c8b1d8d950
commit 4e9fa642cd
16 changed files with 77 additions and 1252 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -23,3 +23,4 @@ wpa_supplicant-0.6.8.tar.gz
/wpa_supplicant-2.9.tar.gz
/wpa_supplicant-2.9.20211112.gitc8b94bc7b347.tar.gz
/wpa_supplicant-2.10.tar.gz
/wpa_supplicant-2.11.tar.gz

52
0001-D-Bus-Add-wep_disabled-capability.patch
View File

@ -1,52 +0,0 @@
From 5b093570dca1855c5bf40bcbd8d149fa6f8ea8ff Mon Sep 17 00:00:00 2001
Message-Id: <5b093570dca1855c5bf40bcbd8d149fa6f8ea8ff.1650620058.git.davide.caratti@gmail.com>
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 7 Mar 2022 09:54:46 +0100
Subject: [PATCH] D-Bus: Add 'wep_disabled' capability
Since commit 200c7693c9a1 ('Make WEP functionality an optional build
parameter'), WEP support is optional and, indeed, off by default.
The distributions are now catching up and disabling WEP in their builds.
Unfortunately, there's no indication prior to an attempt to connect to a
WEP network that it's not going to work. Add a capability to communicate
that.
Unlike other capabilities, this one is negative. That is, it indicates
lack of a WEP support as opposed to its presence. This is necessary
because historically there has been no capability to indicate presence
of WEP support and therefore NetworkManager (and probably others) just
assumes it's there.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Acked-by: Davide Caratti <davide.caratti@gmail.com>
---
wpa_supplicant/dbus/dbus_new_handlers.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
index 1c9ded09a..0b1002bf1 100644
--- a/wpa_supplicant/dbus/dbus_new_handlers.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers.c
@@ -1121,7 +1121,7 @@ dbus_bool_t wpas_dbus_getter_global_capabilities(
const struct wpa_dbus_property_desc *property_desc,
DBusMessageIter *iter, DBusError *error, void *user_data)
{
- const char *capabilities[13];
+ const char *capabilities[14];
size_t num_items = 0;
struct wpa_global *global = user_data;
struct wpa_supplicant *wpa_s;
@@ -1177,6 +1177,9 @@ dbus_bool_t wpas_dbus_getter_global_capabilities(
#endif /* CONFIG_SUITEB192 */
if (ext_key_id_supported)
capabilities[num_items++] = "extended_key_id";
+#ifndef CONFIG_WEP
+ capabilities[num_items++] = "wep_disabled";
+#endif /* !CONFIG_WEP */
return wpas_dbus_simple_array_property_getter(iter,
DBUS_TYPE_STRING,
--
2.35.1

103
0001-EAP-peer-Workaround-for-servers-that-do-not-support-.patch
View File

@ -1,103 +0,0 @@
From 566ce69a8d0e64093309cbde80235aa522fbf84e Mon Sep 17 00:00:00 2001
Message-Id: <566ce69a8d0e64093309cbde80235aa522fbf84e.1652450572.git.davide.caratti@gmail.com>
From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Thu, 5 May 2022 00:07:44 +0300
Subject: [PATCH] EAP peer: Workaround for servers that do not support safe TLS
renegotiation
The TLS protocol design for renegotiation was identified to have a
significant security flaw in 2009 and an extension to secure this design
was published in 2010 (RFC 5746). However, some old RADIUS
authentication servers without support for this are still used commonly.
This is obviously not good from the security view point, but since there
are cases where the user of a network service has no realistic means for
getting the authentication server upgraded, TLS handshake may still need
to be allowed to be able to use the network.
OpenSSL 3.0 disabled the client side workaround by default and this
resulted in issues connection to some networks with insecure
authentication servers. With OpenSSL 3.0, the client is now enforcing
security by refusing to authenticate with such servers. The pre-3.0
behavior of ignoring this issue and leaving security to the server can
now be enabled with a new phase1 parameter allow_unsafe_renegotiation=1.
This should be used only when having to connect to a network that has an
insecure authentication server that cannot be upgraded.
The old (pre-2010) TLS renegotiation mechanism might open security
vulnerabilities if the authentication server were to allow TLS
renegotiation to be initiated. While this is unlikely to cause real
issues with EAP-TLS, there might be cases where use of PEAP or TTLS with
an authentication server that does not support RFC 5746 might result in
a security vulnerability.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---
src/crypto/tls.h | 1 +
src/crypto/tls_openssl.c | 5 +++++
src/eap_peer/eap_tls_common.c | 4 ++++
wpa_supplicant/wpa_supplicant.conf | 5 +++++
4 files changed, 15 insertions(+)
diff --git a/src/crypto/tls.h b/src/crypto/tls.h
index ccaac94c9..7ea32ee4a 100644
--- a/src/crypto/tls.h
+++ b/src/crypto/tls.h
@@ -112,6 +112,7 @@ struct tls_config {
#define TLS_CONN_ENABLE_TLSv1_1 BIT(15)
#define TLS_CONN_ENABLE_TLSv1_2 BIT(16)
#define TLS_CONN_TEAP_ANON_DH BIT(17)
+#define TLS_CONN_ALLOW_UNSAFE_RENEGOTIATION BIT(18)
/**
* struct tls_connection_params - Parameters for TLS connection
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 388c6b0f4..0d23f44ad 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -3081,6 +3081,11 @@ static int tls_set_conn_flags(struct tls_connection *conn, unsigned int flags,
SSL_clear_options(ssl, SSL_OP_NO_TICKET);
#endif /* SSL_OP_NO_TICKET */
+#ifdef SSL_OP_LEGACY_SERVER_CONNECT
+ if (flags & TLS_CONN_ALLOW_UNSAFE_RENEGOTIATION)
+ SSL_set_options(ssl, SSL_OP_LEGACY_SERVER_CONNECT);
+#endif /* SSL_OP_LEGACY_SERVER_CONNECT */
+
#ifdef SSL_OP_NO_TLSv1
if (flags & TLS_CONN_DISABLE_TLSv1_0)
SSL_set_options(ssl, SSL_OP_NO_TLSv1);
diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c
index 06c9b211e..6193b4bdb 100644
--- a/src/eap_peer/eap_tls_common.c
+++ b/src/eap_peer/eap_tls_common.c
@@ -102,6 +102,10 @@ static void eap_tls_params_flags(struct tls_connection_params *params,
params->flags |= TLS_CONN_SUITEB_NO_ECDH;
if (os_strstr(txt, "tls_suiteb_no_ecdh=0"))
params->flags &= ~TLS_CONN_SUITEB_NO_ECDH;
+ if (os_strstr(txt, "allow_unsafe_renegotiation=1"))
+ params->flags |= TLS_CONN_ALLOW_UNSAFE_RENEGOTIATION;
+ if (os_strstr(txt, "allow_unsafe_renegotiation=0"))
+ params->flags &= ~TLS_CONN_ALLOW_UNSAFE_RENEGOTIATION;
}
diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index a1dc769c9..b5304a77e 100644
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -1370,6 +1370,11 @@ fast_reauth=1
# tls_suiteb=0 - do not apply Suite B 192-bit constraints on TLS (default)
# tls_suiteb=1 - apply Suite B 192-bit constraints on TLS; this is used in
# particular when using Suite B with RSA keys of >= 3K (3072) bits
+# allow_unsafe_renegotiation=1 - allow connection with a TLS server that does
+# not support safe renegotiation (RFC 5746); please note that this
+# workaround should be only when having to authenticate with an old
+# authentication server that cannot be updated to use secure TLS
+# implementation.
#
# Following certificate/private key fields are used in inner Phase2
# authentication when using EAP-TTLS or EAP-PEAP.
--
2.35.1

106
0001-EAP-peer-status-notification-for-server-not-supporti.patch
View File

@ -1,106 +0,0 @@
From a561d12d24c2c8bb0f825d4a3a55a5e47e845853 Mon Sep 17 00:00:00 2001
Message-Id: <a561d12d24c2c8bb0f825d4a3a55a5e47e845853.1652450863.git.davide.caratti@gmail.com>
From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Wed, 4 May 2022 23:55:38 +0300
Subject: [PATCH] EAP peer status notification for server not supporting RFC
5746
Add a notification message to indicate reason for TLS handshake failure
due to the server not supporting safe renegotiation (RFC 5746).
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---
src/ap/authsrv.c | 3 +++
src/crypto/tls.h | 3 ++-
src/crypto/tls_openssl.c | 15 +++++++++++++--
src/eap_peer/eap.c | 5 +++++
4 files changed, 23 insertions(+), 3 deletions(-)
diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c
index 516c1da74..fd9c96fad 100644
--- a/src/ap/authsrv.c
+++ b/src/ap/authsrv.c
@@ -169,6 +169,9 @@ static void authsrv_tls_event(void *ctx, enum tls_event ev,
wpa_printf(MSG_DEBUG, "authsrv: remote TLS alert: %s",
data->alert.description);
break;
+ case TLS_UNSAFE_RENEGOTIATION_DISABLED:
+ /* Not applicable to TLS server */
+ break;
}
}
#endif /* EAP_TLS_FUNCS */
diff --git a/src/crypto/tls.h b/src/crypto/tls.h
index 7ea32ee4a..7a2ee32df 100644
--- a/src/crypto/tls.h
+++ b/src/crypto/tls.h
@@ -22,7 +22,8 @@ enum tls_event {
TLS_CERT_CHAIN_SUCCESS,
TLS_CERT_CHAIN_FAILURE,
TLS_PEER_CERTIFICATE,
- TLS_ALERT
+ TLS_ALERT,
+ TLS_UNSAFE_RENEGOTIATION_DISABLED,
};
/*
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 0d23f44ad..912471ba2 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -4443,6 +4443,7 @@ int tls_connection_get_eap_fast_key(void *tls_ctx, struct tls_connection *conn,
static struct wpabuf *
openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data)
{
+ struct tls_context *context = conn->context;
int res;
struct wpabuf *out_data;
@@ -4472,7 +4473,19 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data)
wpa_printf(MSG_DEBUG, "SSL: SSL_connect - want to "
"write");
else {
+ unsigned long error = ERR_peek_last_error();
+
tls_show_errors(MSG_INFO, __func__, "SSL_connect");
+
+ if (context->event_cb &&
+ ERR_GET_LIB(error) == ERR_LIB_SSL &&
+ ERR_GET_REASON(error) ==
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED) {
+ context->event_cb(
+ context->cb_ctx,
+ TLS_UNSAFE_RENEGOTIATION_DISABLED,
+ NULL);
+ }
conn->failed++;
if (!conn->server && !conn->client_hello_generated) {
/* The server would not understand TLS Alert
@@ -4495,8 +4508,6 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data)
if ((conn->flags & TLS_CONN_SUITEB) && !conn->server &&
os_strncmp(SSL_get_cipher(conn->ssl), "DHE-", 4) == 0 &&
conn->server_dh_prime_len < 3072) {
- struct tls_context *context = conn->context;
-
/*
* This should not be reached since earlier cert_cb should have
* terminated the handshake. Keep this check here for extra
diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
index 429b20d3a..729388f4f 100644
--- a/src/eap_peer/eap.c
+++ b/src/eap_peer/eap.c
@@ -2172,6 +2172,11 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
eap_notify_status(sm, "remote TLS alert",
data->alert.description);
break;
+ case TLS_UNSAFE_RENEGOTIATION_DISABLED:
+ wpa_printf(MSG_INFO,
+ "TLS handshake failed due to the server not supporting safe renegotiation (RFC 5746); phase1 parameter allow_unsafe_renegotiation=1 can be used to work around this");
+ eap_notify_status(sm, "unsafe server renegotiation", "failure");
+ break;
}
os_free(hash_hex);
--
2.35.1

2
sources
View File

@ -1 +1 @@
SHA512 (wpa_supplicant-2.10.tar.gz) = 021c2a48f45d39c1dc6557730be5debaee071bc0ff82a271638beee6e32314e353e49d39e2f0dc8dff6e094dcc7008cfe1c32d0c7a34a1a345a12a3f1c1e11a1
SHA512 (wpa_supplicant-2.11.tar.gz) = 9a0a3a9d6fa2235903c40aa57b5955f0c9dd1dccfd0e3825a3b6f92b3e32db8d464b3ea0aef3285ba3ee109e7b190560cedd744902e954f0003cdba543e277b2

192
wpa_supplicant-MACsec-Support-GCM-AES-256-cipher-suite.patch
View File

@ -1,192 +0,0 @@
From 46c635910a724ed14ee9ace549fed9790ed5980b Mon Sep 17 00:00:00 2001
Message-ID: <46c635910a724ed14ee9ace549fed9790ed5980b.1706279119.git.davide.caratti@gmail.com>
From: leiwei <quic_leiwei@quicinc.com>
Date: Mon, 15 Nov 2021 18:22:19 +0800
Subject: [PATCH] MACsec: Support GCM-AES-256 cipher suite
Allow macsec_csindex to be configured and select the cipher suite when
the participant acts as a key server.
Signed-off-by: leiwei <quic_leiwei@quicinc.com>
---
hostapd/config_file.c | 10 ++++++++++
hostapd/hostapd.conf | 4 ++++
src/ap/ap_config.h | 7 +++++++
src/ap/wpa_auth_kay.c | 4 +++-
src/pae/ieee802_1x_cp.c | 8 ++++----
src/pae/ieee802_1x_kay.c | 17 +++++++++++++----
src/pae/ieee802_1x_kay.h | 3 ++-
wpa_supplicant/config.c | 1 +
wpa_supplicant/config_file.c | 1 +
wpa_supplicant/config_ssid.h | 7 +++++++
wpa_supplicant/wpas_kay.c | 4 ++--
11 files changed, 54 insertions(+), 12 deletions(-)
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -849,6 +849,13 @@ struct hostapd_bss_config {
int mka_priority;
/**
+ * macsec_csindex - Cipher suite index for MACsec
+ *
+ * Range: 0-1 (default: 0)
+ */
+ int macsec_csindex;
+
+ /**
* mka_ckn - MKA pre-shared CKN
*/
#define MACSEC_CKN_MAX_LEN 32
--- a/src/ap/wpa_auth_kay.c
+++ b/src/ap/wpa_auth_kay.c
@@ -329,7 +329,9 @@ int ieee802_1x_alloc_kay_sm_hapd(struct
hapd->conf->macsec_replay_protect,
hapd->conf->macsec_replay_window,
hapd->conf->macsec_port,
- hapd->conf->mka_priority, hapd->conf->iface,
+ hapd->conf->mka_priority,
+ hapd->conf->macsec_csindex,
+ hapd->conf->iface,
hapd->own_addr);
/* ieee802_1x_kay_init() frees kay_ctx on failure */
if (!res)
--- a/src/pae/ieee802_1x_cp.c
+++ b/src/pae/ieee802_1x_cp.c
@@ -20,7 +20,7 @@
#define STATE_MACHINE_DATA struct ieee802_1x_cp_sm
#define STATE_MACHINE_DEBUG_PREFIX "CP"
-static u64 default_cs_id = CS_ID_GCM_AES_128;
+static u64 cs_id[] = { CS_ID_GCM_AES_128, CS_ID_GCM_AES_256 };
/* The variable defined in clause 12 in IEEE Std 802.1X-2010 */
enum connect_type { PENDING, UNAUTHENTICATED, AUTHENTICATED, SECURE };
@@ -210,7 +210,6 @@ SM_STATE(CP, SECURED)
sm->replay_protect = sm->kay->macsec_replay_protect;
sm->validate_frames = sm->kay->macsec_validate;
- /* NOTE: now no other than default cipher suite (AES-GCM-128) */
sm->current_cipher_suite = sm->cipher_suite;
secy_cp_control_current_cipher_suite(sm->kay, sm->current_cipher_suite);
@@ -473,8 +472,8 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_
sm->orx = false;
sm->otx = false;
- sm->current_cipher_suite = default_cs_id;
- sm->cipher_suite = default_cs_id;
+ sm->current_cipher_suite = cs_id[kay->macsec_csindex];
+ sm->cipher_suite = cs_id[kay->macsec_csindex];
sm->cipher_offset = CONFIDENTIALITY_OFFSET_0;
sm->confidentiality_offset = sm->cipher_offset;
sm->transmit_delay = MKA_LIFE_TIME;
@@ -491,6 +490,7 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
secy_cp_control_confidentiality_offset(sm->kay,
sm->confidentiality_offset);
+ secy_cp_control_current_cipher_suite(sm->kay, sm->current_cipher_suite);
SM_STEP_RUN(CP);
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -221,8 +221,16 @@ ieee802_1x_mka_dump_dist_sak_body(struct
wpa_printf(MSG_DEBUG, "\tKey Number............: %d",
be_to_host32(body->kn));
- /* TODO: Other than GCM-AES-128 case: MACsec Cipher Suite */
- wpa_hexdump(MSG_DEBUG, "\tAES Key Wrap of SAK...:", body->sak, 24);
+ if (body_len == 28) {
+ wpa_hexdump(MSG_DEBUG, "\tAES Key Wrap of SAK...:",
+ body->sak, 24);
+ } else if (body_len > CS_ID_LEN - sizeof(body->kn)) {
+ wpa_hexdump(MSG_DEBUG, "\tMACsec Cipher Suite...:",
+ body->sak, CS_ID_LEN);
+ wpa_hexdump(MSG_DEBUG, "\tAES Key Wrap of SAK...:",
+ body->sak + CS_ID_LEN,
+ body_len - CS_ID_LEN - sizeof(body->kn));
+ }
}
@@ -3456,7 +3464,8 @@ static void kay_l2_receive(void *ctx, co
struct ieee802_1x_kay *
ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
bool macsec_replay_protect, u32 macsec_replay_window,
- u16 port, u8 priority, const char *ifname, const u8 *addr)
+ u16 port, u8 priority, u32 macsec_csindex,
+ const char *ifname, const u8 *addr)
{
struct ieee802_1x_kay *kay;
@@ -3493,7 +3502,7 @@ ieee802_1x_kay_init(struct ieee802_1x_ka
kay->dist_time = 0;
kay->pn_exhaustion = PENDING_PN_EXHAUSTION;
- kay->macsec_csindex = DEFAULT_CS_INDEX;
+ kay->macsec_csindex = macsec_csindex;
kay->mka_algindex = DEFAULT_MKA_ALG_INDEX;
kay->mka_version = MKA_VERSION_ID;
--- a/src/pae/ieee802_1x_kay.h
+++ b/src/pae/ieee802_1x_kay.h
@@ -240,7 +240,8 @@ u64 mka_sci_u64(struct ieee802_1x_mka_sc
struct ieee802_1x_kay *
ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
bool macsec_replay_protect, u32 macsec_replay_window,
- u16 port, u8 priority, const char *ifname, const u8 *addr);
+ u16 port, u8 priority, u32 macsec_csindex,
+ const char *ifname, const u8 *addr);
void ieee802_1x_kay_deinit(struct ieee802_1x_kay *kay);
struct ieee802_1x_mka_participant *
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -2612,6 +2612,7 @@ static const struct parse_data ssid_fiel
{ INT(macsec_replay_window) },
{ INT_RANGE(macsec_port, 1, 65534) },
{ INT_RANGE(mka_priority, 0, 255) },
+ { INT_RANGE(macsec_csindex, 0, 1) },
{ FUNC_KEY(mka_cak) },
{ FUNC_KEY(mka_ckn) },
#endif /* CONFIG_MACSEC */
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -810,6 +810,7 @@ static void wpa_config_write_network(FIL
INT(macsec_replay_window);
INT(macsec_port);
INT_DEF(mka_priority, DEFAULT_PRIO_NOT_KEY_SERVER);
+ INT(macsec_csindex);
#endif /* CONFIG_MACSEC */
#ifdef CONFIG_HS20
INT(update_identifier);
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
@@ -912,6 +912,13 @@ struct wpa_ssid {
int mka_priority;
/**
+ * macsec_csindex - Cipher suite index for MACsec
+ *
+ * Range: 0-1 (default: 0)
+ */
+ int macsec_csindex;
+
+ /**
* mka_ckn - MKA pre-shared CKN
*/
#define MACSEC_CKN_MAX_LEN 32
--- a/wpa_supplicant/wpas_kay.c
+++ b/wpa_supplicant/wpas_kay.c
@@ -241,8 +241,8 @@ int ieee802_1x_alloc_kay_sm(struct wpa_s
res = ieee802_1x_kay_init(kay_ctx, policy, ssid->macsec_replay_protect,
ssid->macsec_replay_window, ssid->macsec_port,
- ssid->mka_priority, wpa_s->ifname,
- wpa_s->own_addr);
+ ssid->mka_priority, ssid->macsec_csindex,
+ wpa_s->ifname, wpa_s->own_addr);
/* ieee802_1x_kay_init() frees kay_ctx on failure */
if (res == NULL)
return -1;

198
wpa_supplicant-PEAP-client-Update-Phase-2-authentication-requiremen.patch
View File

@ -1,198 +0,0 @@
From 8e6485a1bcb0baffdea9e55255a81270b768439c Mon Sep 17 00:00:00 2001
Message-ID: <8e6485a1bcb0baffdea9e55255a81270b768439c.1708356763.git.davide.caratti@gmail.com>
From: Jouni Malinen <j@w1.fi>
Date: Sat, 8 Jul 2023 19:55:32 +0300
Subject: [PATCH] PEAP client: Update Phase 2 authentication requirements
The previous PEAP client behavior allowed the server to skip Phase 2
authentication with the expectation that the server was authenticated
during Phase 1 through TLS server certificate validation. Various PEAP
specifications are not exactly clear on what the behavior on this front
is supposed to be and as such, this ended up being more flexible than
the TTLS/FAST/TEAP cases. However, this is not really ideal when
unfortunately common misconfiguration of PEAP is used in deployed
devices where the server trust root (ca_cert) is not configured or the
user has an easy option for allowing this validation step to be skipped.
Change the default PEAP client behavior to be to require Phase 2
authentication to be successfully completed for cases where TLS session
resumption is not used and the client certificate has not been
configured. Those two exceptions are the main cases where a deployed
authentication server might skip Phase 2 and as such, where a more
strict default behavior could result in undesired interoperability
issues. Requiring Phase 2 authentication will end up disabling TLS
session resumption automatically to avoid interoperability issues.
Allow Phase 2 authentication behavior to be configured with a new phase1
configuration parameter option:
'phase2_auth' option can be used to control Phase 2 (i.e., within TLS
tunnel) behavior for PEAP:
* 0 = do not require Phase 2 authentication
* 1 = require Phase 2 authentication when client certificate
(private_key/client_cert) is no used and TLS session resumption was
not used (default)
* 2 = require Phase 2 authentication in all cases
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/eap_peer/eap_config.h | 8 ++++++
src/eap_peer/eap_peap.c | 40 +++++++++++++++++++++++++++---
src/eap_peer/eap_tls_common.c | 6 +++++
src/eap_peer/eap_tls_common.h | 5 ++++
wpa_supplicant/wpa_supplicant.conf | 7 ++++++
5 files changed, 63 insertions(+), 3 deletions(-)
--- a/src/eap_peer/eap_config.h
+++ b/src/eap_peer/eap_config.h
@@ -469,6 +469,14 @@ struct eap_peer_config {
* 1 = use cryptobinding if server supports it
* 2 = require cryptobinding
*
+ * phase2_auth option can be used to control Phase 2 (i.e., within TLS
+ * tunnel) behavior for PEAP:
+ * 0 = do not require Phase 2 authentication
+ * 1 = require Phase 2 authentication when client certificate
+ * (private_key/client_cert) is no used and TLS session resumption was
+ * not used (default)
+ * 2 = require Phase 2 authentication in all cases
+ *
* EAP-WSC (WPS) uses following options: pin=Device_Password and
* uuid=Device_UUID
*
--- a/src/eap_peer/eap_peap.c
+++ b/src/eap_peer/eap_peap.c
@@ -67,6 +67,7 @@ struct eap_peap_data {
u8 cmk[20];
int soh; /* Whether IF-TNCCS-SOH (Statement of Health; Microsoft NAP)
* is enabled. */
+ enum { NO_AUTH, FOR_INITIAL, ALWAYS } phase2_auth;
};
@@ -114,6 +115,19 @@ static void eap_peap_parse_phase1(struct
wpa_printf(MSG_DEBUG, "EAP-PEAP: Require cryptobinding");
}
+ if (os_strstr(phase1, "phase2_auth=0")) {
+ data->phase2_auth = NO_AUTH;
+ wpa_printf(MSG_DEBUG,
+ "EAP-PEAP: Do not require Phase 2 authentication");
+ } else if (os_strstr(phase1, "phase2_auth=1")) {
+ data->phase2_auth = FOR_INITIAL;
+ wpa_printf(MSG_DEBUG,
+ "EAP-PEAP: Require Phase 2 authentication for initial connection");
+ } else if (os_strstr(phase1, "phase2_auth=2")) {
+ data->phase2_auth = ALWAYS;
+ wpa_printf(MSG_DEBUG,
+ "EAP-PEAP: Require Phase 2 authentication for all cases");
+ }
#ifdef EAP_TNC
if (os_strstr(phase1, "tnc=soh2")) {
data->soh = 2;
@@ -142,6 +156,7 @@ static void * eap_peap_init(struct eap_s
data->force_peap_version = -1;
data->peap_outer_success = 2;
data->crypto_binding = OPTIONAL_BINDING;
+ data->phase2_auth = FOR_INITIAL;
if (config && config->phase1)
eap_peap_parse_phase1(data, config->phase1);
@@ -454,6 +469,20 @@ static int eap_tlv_validate_cryptobindin
}
+static bool peap_phase2_sufficient(struct eap_sm *sm,
+ struct eap_peap_data *data)
+{
+ if ((data->phase2_auth == ALWAYS ||
+ (data->phase2_auth == FOR_INITIAL &&
+ !tls_connection_resumed(sm->ssl_ctx, data->ssl.conn) &&
+ !data->ssl.client_cert_conf) ||
+ data->phase2_eap_started) &&
+ !data->phase2_eap_success)
+ return false;
+ return true;
+}
+
+
/**
* eap_tlv_process - Process a received EAP-TLV message and generate a response
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
@@ -568,6 +597,11 @@ static int eap_tlv_process(struct eap_sm
" - force failed Phase 2");
resp_status = EAP_TLV_RESULT_FAILURE;
ret->decision = DECISION_FAIL;
+ } else if (!peap_phase2_sufficient(sm, data)) {
+ wpa_printf(MSG_INFO,
+ "EAP-PEAP: Server indicated Phase 2 success, but sufficient Phase 2 authentication has not been completed");
+ resp_status = EAP_TLV_RESULT_FAILURE;
+ ret->decision = DECISION_FAIL;
} else {
resp_status = EAP_TLV_RESULT_SUCCESS;
ret->decision = DECISION_UNCOND_SUCC;
@@ -887,8 +921,7 @@ continue_req:
/* EAP-Success within TLS tunnel is used to indicate
* shutdown of the TLS channel. The authentication has
* been completed. */
- if (data->phase2_eap_started &&
- !data->phase2_eap_success) {
+ if (!peap_phase2_sufficient(sm, data)) {
wpa_printf(MSG_DEBUG, "EAP-PEAP: Phase 2 "
"Success used to indicate success, "
"but Phase 2 EAP was not yet "
@@ -1199,8 +1232,9 @@ static struct wpabuf * eap_peap_process(
static bool eap_peap_has_reauth_data(struct eap_sm *sm, void *priv)
{
struct eap_peap_data *data = priv;
+
return tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
- data->phase2_success;
+ data->phase2_success && data->phase2_auth != ALWAYS;
}
--- a/src/eap_peer/eap_tls_common.c
+++ b/src/eap_peer/eap_tls_common.c
@@ -239,6 +239,12 @@ static int eap_tls_params_from_conf(stru
sm->ext_cert_check = !!(params->flags & TLS_CONN_EXT_CERT_CHECK);
+ if (!phase2)
+ data->client_cert_conf = params->client_cert ||
+ params->client_cert_blob ||
+ params->private_key ||
+ params->private_key_blob;
+
return 0;
}
--- a/src/eap_peer/eap_tls_common.h
+++ b/src/eap_peer/eap_tls_common.h
@@ -79,6 +79,11 @@ struct eap_ssl_data {
* tls_v13 - Whether TLS v1.3 or newer is used
*/
int tls_v13;
+
+ /**
+ * client_cert_conf: Whether client certificate has been configured
+ */
+ bool client_cert_conf;
};
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -1330,6 +1330,13 @@ fast_reauth=1
# * 0 = do not use cryptobinding (default)
# * 1 = use cryptobinding if server supports it
# * 2 = require cryptobinding
+# 'phase2_auth' option can be used to control Phase 2 (i.e., within TLS
+# tunnel) behavior for PEAP:
+# * 0 = do not require Phase 2 authentication
+# * 1 = require Phase 2 authentication when client certificate
+# (private_key/client_cert) is no used and TLS session resumption was
+# not used (default)
+# * 2 = require Phase 2 authentication in all cases
# EAP-WSC (WPS) uses following options: pin=<Device Password> or
# pbc=1.
#

50
wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch Normal file
View File

@ -0,0 +1,50 @@
From 2514856652f9a393e505d542cb8f039f8bac10f5 Mon Sep 17 00:00:00 2001
From: Janne Grunau <janne-fdr@jannau.net>
Date: Sun, 4 Aug 2024 13:24:42 +0200
Subject: [PATCH 1/1] Revert "Mark authorization completed on driver indication
during 4-way HS offload"
This reverts commit 41638606054a09867fe3f9a2b5523aa4678cbfa5.
---
wpa_supplicant/events.c | 25 ++++++++-----------------
1 file changed, 8 insertions(+), 17 deletions(-)
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 46e7cf1ab..7b3ef7205 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -4441,23 +4441,14 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
eapol_sm_notify_eap_success(wpa_s->eapol, true);
} else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
- if (already_authorized) {
- /*
- * We are done; the driver will take care of RSN 4-way
- * handshake.
- */
- wpa_supplicant_cancel_auth_timeout(wpa_s);
- wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
- eapol_sm_notify_portValid(wpa_s->eapol, true);
- eapol_sm_notify_eap_success(wpa_s->eapol, true);
- } else {
- /* Update port, WPA_COMPLETED state from the
- * EVENT_PORT_AUTHORIZED handler when the driver is done
- * with the 4-way handshake.
- */
- wpa_msg(wpa_s, MSG_DEBUG,
- "ASSOC INFO: wait for driver port authorized indication");
- }
+ /*
+ * We are done; the driver will take care of RSN 4-way
+ * handshake.
+ */
+ wpa_supplicant_cancel_auth_timeout(wpa_s);
+ wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
+ eapol_sm_notify_portValid(wpa_s->eapol, true);
+ eapol_sm_notify_eap_success(wpa_s->eapol, true);
} else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
/*
--
2.45.2

7
wpa_supplicant-assoc-timeout.patch
View File

@ -1,7 +1,6 @@
diff -up wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c.assoc-timeout wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c
--- wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c.assoc-timeout 2010-09-07 10:43:39.000000000 -0500
+++ wpa_supplicant-0.7.3/wpa_supplicant/wpa_supplicant.c 2010-12-07 18:57:45.163457000 -0600
@@ -1262,10 +1262,10 @@ void wpa_supplicant_associate(struct wpa
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -4619,10 +4619,10 @@ static void wpas_start_assoc_cb(struct w
if (assoc_failed) {
/* give IBSS a bit more time */

22
wpa_supplicant-config.patch
View File

@ -9,7 +9,7 @@ Subject: [PATCH] defconfig: Fedora configuration
--- a/wpa_supplicant/defconfig
+++ b/wpa_supplicant/defconfig
@@ -146,7 +146,7 @@ CONFIG_EAP_PAX=y
@@ -149,7 +149,7 @@ CONFIG_EAP_PAX=y
CONFIG_EAP_LEAP=y
# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
@ -18,7 +18,7 @@ Subject: [PATCH] defconfig: Fedora configuration
# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
# This requires CONFIG_EAP_AKA to be enabled, too.
@@ -338,6 +338,7 @@ CONFIG_BACKEND=file
@@ -350,6 +350,7 @@ CONFIG_BACKEND=file
# Select which ciphers to use by default with OpenSSL if the user does not
# specify them.
#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW"
@ -26,8 +26,8 @@ Subject: [PATCH] defconfig: Fedora configuration
# If CONFIG_TLS=internal is used, additional library and include paths are
# needed for LibTomMath. Alternatively, an integrated, minimal version of
@@ -390,7 +391,7 @@ CONFIG_CTRL_IFACE_DBUS_INTRO=y
#CONFIG_DYNAMIC_EAP_METHODS=y
@@ -418,7 +419,7 @@ CONFIG_CTRL_IFACE_DBUS_INTRO=y
#CONFIG_NO_LOAD_DYNAMIC_EAP=y
# IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode
-CONFIG_IEEE80211R=y
@ -35,7 +35,7 @@ Subject: [PATCH] defconfig: Fedora configuration
# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
CONFIG_DEBUG_FILE=y
@@ -469,7 +470,7 @@ CONFIG_DEBUG_SYSLOG=y
@@ -497,7 +498,7 @@ CONFIG_DEBUG_SYSLOG=y
# Should we attempt to use the getrandom(2) call that provides more reliable
# yet secure randomness source than /dev/random on Linux 3.17 and newer.
# Requires glibc 2.25 to build, falls back to /dev/random if unavailable.
@ -44,7 +44,7 @@ Subject: [PATCH] defconfig: Fedora configuration
# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode)
CONFIG_IEEE80211AC=y
@@ -587,7 +588,7 @@ CONFIG_IBSS_RSN=y
@@ -625,7 +626,7 @@ CONFIG_IBSS_RSN=y
#CONFIG_PMKSA_CACHE_EXTERNAL=y
# Mesh Networking (IEEE 802.11s)
@ -53,7 +53,7 @@ Subject: [PATCH] defconfig: Fedora configuration
# Background scanning modules
# These can be used to request wpa_supplicant to perform background scanning
@@ -601,7 +602,7 @@ CONFIG_BGSCAN_SIMPLE=y
@@ -639,7 +640,7 @@ CONFIG_BGSCAN_SIMPLE=y
# Opportunistic Wireless Encryption (OWE)
# Experimental implementation of draft-harkins-owe-07.txt
@ -62,10 +62,10 @@ Subject: [PATCH] defconfig: Fedora configuration
# Device Provisioning Protocol (DPP) (also known as Wi-Fi Easy Connect)
CONFIG_DPP=y
@@ -633,3 +634,6 @@ CONFIG_DPP2=y
# design is still subject to change. As such, this should not yet be enabled in
# production use.
#CONFIG_PASN=y
@@ -686,3 +687,6 @@ CONFIG_DPP2=y
# Wi-Fi Aware unsynchronized service discovery (NAN USD)
#CONFIG_NAN_USD=y
+#
+CONFIG_SUITEB192=y
+

4
wpa_supplicant-gui-qt4.patch
View File

@ -11,7 +11,7 @@ different locations.
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -35,6 +35,9 @@ export INCDIR ?= /usr/local/include
@@ -46,6 +46,9 @@ export INCDIR ?= /usr/local/include
export BINDIR ?= /usr/local/sbin
PKG_CONFIG ?= pkg-config
@ -21,7 +21,7 @@ different locations.
CFLAGS += $(EXTRA_CFLAGS)
CFLAGS += -I$(abspath ../src)
CFLAGS += -I$(abspath ../src/utils)
@@ -2039,10 +2042,10 @@ wpa_gui:
@@ -2156,10 +2159,10 @@ wpa_gui:
@echo "wpa_gui has been removed - see wpa_gui-qt4 for replacement"
wpa_gui-qt4/Makefile:

106
wpa_supplicant-macsec_linux-Add-support-for-MACsec-hardware-offload.patch
View File

@ -1,106 +0,0 @@
From 40c139664439b2576e1506fbca14a7b79425a9dd Mon Sep 17 00:00:00 2001
Message-ID: <40c139664439b2576e1506fbca14a7b79425a9dd.1706279171.git.davide.caratti@gmail.com>
From: Emeel Hakim <ehakim@nvidia.com>
Date: Tue, 14 Feb 2023 10:26:57 +0200
Subject: [PATCH] macsec_linux: Add support for MACsec hardware offload
This uses libnl3 to communicate with the macsec module available on
Linux. A recent enough version of libnl is needed for the hardware
offload support.
Signed-off-by: Emeel Hakim <ehakim@nvidia.com>
---
src/drivers/driver_macsec_linux.c | 49 +++++++++++++++++++++++++++++++
1 file changed, 49 insertions(+)
diff --git a/src/drivers/driver_macsec_linux.c b/src/drivers/driver_macsec_linux.c
index b609bbf38..c79e8733a 100644
--- a/src/drivers/driver_macsec_linux.c
+++ b/src/drivers/driver_macsec_linux.c
@@ -32,6 +32,10 @@
#define UNUSED_SCI 0xffffffffffffffff
+#if LIBNL_VER_NUM >= LIBNL_VER(3, 6)
+#define LIBNL_HAS_OFFLOAD
+#endif
+
struct cb_arg {
struct macsec_drv_data *drv;
u32 *pn;
@@ -73,6 +77,11 @@ struct macsec_drv_data {
bool replay_protect;
bool replay_protect_set;
+#ifdef LIBNL_HAS_OFFLOAD
+ enum macsec_offload offload;
+ bool offload_set;
+#endif /* LIBNL_HAS_OFFLOAD */
+
u32 replay_window;
u8 encoding_sa;
@@ -228,6 +237,15 @@ static int try_commit(struct macsec_drv_data *drv)
drv->replay_window);
}
+#ifdef LIBNL_HAS_OFFLOAD
+ if (drv->offload_set) {
+ wpa_printf(MSG_DEBUG, DRV_PREFIX
+ "%s: try_commit offload=%d",
+ drv->ifname, drv->offload);
+ rtnl_link_macsec_set_offload(drv->link, drv->offload);
+ }
+#endif /* LIBNL_HAS_OFFLOAD */
+
if (drv->encoding_sa_set) {
wpa_printf(MSG_DEBUG, DRV_PREFIX
"%s: try_commit encoding_sa=%d",
@@ -455,6 +473,36 @@ static int macsec_drv_set_replay_protect(void *priv, bool enabled,
}
+/**
+ * macsec_drv_set_offload - Set offload status
+ * @priv: Private driver interface data
+ * @offload: 0 = MACSEC_OFFLOAD_OFF
+ * 1 = MACSEC_OFFLOAD_PHY
+ * 2 = MACSEC_OFFLOAD_MAC
+ * Returns: 0 on success, -1 on failure (or if not supported)
+ */
+static int macsec_drv_set_offload(void *priv, u8 offload)
+{
+#ifdef LIBNL_HAS_OFFLOAD
+ struct macsec_drv_data *drv = priv;
+
+ wpa_printf(MSG_DEBUG, "%s -> %02" PRIx8, __func__, offload);
+
+ drv->offload_set = true;
+ drv->offload = offload;
+
+ return try_commit(drv);
+#else /* LIBNL_HAS_OFFLOAD */
+ if (offload == 0)
+ return 0;
+ wpa_printf(MSG_INFO,
+ "%s: libnl version does not include support for MACsec offload",
+ __func__);
+ return -1;
+#endif /* LIBNL_HAS_OFFLOAD */
+}
+
+
/**
* macsec_drv_set_current_cipher_suite - Set current cipher suite
* @priv: Private driver interface data
@@ -1648,6 +1696,7 @@ const struct wpa_driver_ops wpa_driver_macsec_linux_ops = {
.enable_protect_frames = macsec_drv_enable_protect_frames,
.enable_encrypt = macsec_drv_enable_encrypt,
.set_replay_protect = macsec_drv_set_replay_protect,
+ .set_offload = macsec_drv_set_offload,
.set_current_cipher_suite = macsec_drv_set_current_cipher_suite,
.enable_controlled_port = macsec_drv_enable_controlled_port,
.get_receive_lowest_pn = macsec_drv_get_receive_lowest_pn,
--
2.43.0

93
wpa_supplicant-macsec_linux-Support-cipher-suite-configuration.patch
View File

@ -1,93 +0,0 @@
From 7e941e7a1560699a18c5890cb6e1309161bc01af Mon Sep 17 00:00:00 2001
Message-ID: <7e941e7a1560699a18c5890cb6e1309161bc01af.1706279136.git.davide.caratti@gmail.com>
From: leiwei <quic_leiwei@quicinc.com>
Date: Mon, 15 Nov 2021 18:43:33 +0800
Subject: [PATCH] macsec_linux: Support cipher suite configuration
Set the cipher suite for the link. Unlike the other parameters, this
needs to be done with the first rtnl_link_add() call (NLM_F_CREATE))
instead of the update in try_commit() since the kernel is rejecting
changes to the cipher suite after the link is first added.
Signed-off-by: leiwei <quic_leiwei@quicinc.com>
---
src/drivers/driver_macsec_linux.c | 25 ++++++++++++++++++++++---
1 file changed, 22 insertions(+), 3 deletions(-)
--- a/src/drivers/driver_macsec_linux.c
+++ b/src/drivers/driver_macsec_linux.c
@@ -77,6 +77,9 @@ struct macsec_drv_data {
u8 encoding_sa;
bool encoding_sa_set;
+
+ u64 cipher_suite;
+ bool cipher_suite_set;
};
@@ -460,8 +463,14 @@ static int macsec_drv_set_replay_protect
*/
static int macsec_drv_set_current_cipher_suite(void *priv, u64 cs)
{
+ struct macsec_drv_data *drv = priv;
+
wpa_printf(MSG_DEBUG, "%s -> %016" PRIx64, __func__, cs);
- return 0;
+
+ drv->cipher_suite_set = true;
+ drv->cipher_suite = cs;
+
+ return try_commit(drv);
}
@@ -1063,7 +1072,8 @@ static int macsec_drv_disable_receive_sa
}
-static struct rtnl_link * lookup_sc(struct nl_cache *cache, int parent, u64 sci)
+static struct rtnl_link * lookup_sc(struct nl_cache *cache, int parent, u64 sci,
+ u64 cs)
{
struct rtnl_link *needle;
void *match;
@@ -1074,6 +1084,8 @@ static struct rtnl_link * lookup_sc(stru
rtnl_link_set_link(needle, parent);
rtnl_link_macsec_set_sci(needle, sci);
+ if (cs)
+ rtnl_link_macsec_set_cipher_suite(needle, cs);
match = nl_cache_find(cache, (struct nl_object *) needle);
rtnl_link_put(needle);
@@ -1098,6 +1110,7 @@ static int macsec_drv_create_transmit_sc
char *ifname;
u64 sci;
int err;
+ u64 cs = 0;
wpa_printf(MSG_DEBUG, DRV_PREFIX
"%s: create_transmit_sc -> " SCISTR " (conf_offset=%d)",
@@ -1122,6 +1135,12 @@ static int macsec_drv_create_transmit_sc
drv->created_link = true;
+ if (drv->cipher_suite_set) {
+ cs = drv->cipher_suite;
+ drv->cipher_suite_set = false;
+ rtnl_link_macsec_set_cipher_suite(link, cs);
+ }
+
err = rtnl_link_add(drv->sk, link, NLM_F_CREATE);
if (err == -NLE_BUSY) {
wpa_printf(MSG_INFO,
@@ -1137,7 +1156,7 @@ static int macsec_drv_create_transmit_sc
rtnl_link_put(link);
nl_cache_refill(drv->sk, drv->link_cache);
- link = lookup_sc(drv->link_cache, drv->parent_ifi, sci);
+ link = lookup_sc(drv->link_cache, drv->parent_ifi, sci, cs);
if (!link) {
wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't find link");
return -1;

363
wpa_supplicant-mka-Allow-configuration-of-MACsec-hardware-offload.patch
View File

@ -1,363 +0,0 @@
From 6d24673ab89d9002990ee51e7c87d308ca07cd01 Mon Sep 17 00:00:00 2001
Message-ID: <6d24673ab89d9002990ee51e7c87d308ca07cd01.1706279162.git.davide.caratti@gmail.com>
From: Emeel Hakim <ehakim@nvidia.com>
Date: Tue, 14 Feb 2023 10:26:56 +0200
Subject: [PATCH] mka: Allow configuration of MACsec hardware offload
Add new configuration parameter macsec_offload to allow user to set up
MACsec hardware offload feature.
Signed-off-by: Emeel Hakim <ehakim@nvidia.com>
---
hostapd/config_file.c | 10 ++++++++++
hostapd/hostapd.conf | 8 ++++++++
src/ap/ap_config.h | 13 +++++++++++++
src/ap/wpa_auth_kay.c | 1 +
src/drivers/driver.h | 10 ++++++++++
src/pae/ieee802_1x_cp.c | 7 +++++++
src/pae/ieee802_1x_kay.c | 7 +++++--
src/pae/ieee802_1x_kay.h | 6 ++++--
src/pae/ieee802_1x_secy_ops.c | 20 ++++++++++++++++++++
src/pae/ieee802_1x_secy_ops.h | 1 +
wpa_supplicant/config.c | 1 +
wpa_supplicant/config_file.c | 1 +
wpa_supplicant/config_ssid.h | 12 ++++++++++++
wpa_supplicant/driver_i.h | 8 ++++++++
wpa_supplicant/wpa_cli.c | 1 +
wpa_supplicant/wpa_supplicant.conf | 9 +++++++++
wpa_supplicant/wpas_kay.c | 10 +++++++++-
17 files changed, 120 insertions(+), 5 deletions(-)
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -833,6 +833,19 @@ struct hostapd_bss_config {
u32 macsec_replay_window;
/**
+ * macsec_offload - Enable MACsec offload
+ *
+ * This setting applies only when MACsec is in use, i.e.,
+ * - macsec_policy is enabled
+ * - the key server has decided to enable MACsec
+ *
+ * 0 = MACSEC_OFFLOAD_OFF (default)
+ * 1 = MACSEC_OFFLOAD_PHY
+ * 2 = MACSEC_OFFLOAD_MAC
+ */
+ int macsec_offload;
+
+ /**
* macsec_port - MACsec port (in SCI)
*
* Port component of the SCI.
--- a/src/ap/wpa_auth_kay.c
+++ b/src/ap/wpa_auth_kay.c
@@ -328,6 +328,7 @@ int ieee802_1x_alloc_kay_sm_hapd(struct
res = ieee802_1x_kay_init(kay_ctx, policy,
hapd->conf->macsec_replay_protect,
hapd->conf->macsec_replay_window,
+ hapd->conf->macsec_offload,
hapd->conf->macsec_port,
hapd->conf->mka_priority,
hapd->conf->macsec_csindex,
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -4168,6 +4168,16 @@ struct wpa_driver_ops {
int (*set_replay_protect)(void *priv, bool enabled, u32 window);
/**
+ * set_offload - Set MACsec hardware offload
+ * @priv: Private driver interface data
+ * @offload: 0 = MACSEC_OFFLOAD_OFF
+ * 1 = MACSEC_OFFLOAD_PHY
+ * 2 = MACSEC_OFFLOAD_MAC
+ * Returns: 0 on success, -1 on failure (or if not supported)
+ */
+ int (*set_offload)(void *priv, u8 offload);
+
+ /**
* set_current_cipher_suite - Set current cipher suite
* @priv: Private driver interface data
* @cs: EUI64 identifier
--- a/src/pae/ieee802_1x_cp.c
+++ b/src/pae/ieee802_1x_cp.c
@@ -84,6 +84,7 @@ struct ieee802_1x_cp_sm {
/* not defined IEEE Std 802.1X-2010 */
struct ieee802_1x_kay *kay;
+ u8 offload;
};
static void ieee802_1x_cp_retire_when_timeout(void *eloop_ctx,
@@ -188,6 +189,7 @@ SM_STATE(CP, AUTHENTICATED)
sm->protect_frames = false;
sm->replay_protect = false;
sm->validate_frames = Checked;
+ sm->offload = sm->kay->macsec_offload;
sm->port_valid = false;
sm->controlled_port_enabled = true;
@@ -197,6 +199,7 @@ SM_STATE(CP, AUTHENTICATED)
secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt);
secy_cp_control_validate_frames(sm->kay, sm->validate_frames);
secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window);
+ secy_cp_control_offload(sm->kay, sm->offload);
}
@@ -208,6 +211,7 @@ SM_STATE(CP, SECURED)
sm->protect_frames = sm->kay->macsec_protect;
sm->replay_protect = sm->kay->macsec_replay_protect;
+ sm->offload = sm->kay->macsec_offload;
sm->validate_frames = sm->kay->macsec_validate;
sm->current_cipher_suite = sm->cipher_suite;
@@ -223,6 +227,7 @@ SM_STATE(CP, SECURED)
secy_cp_control_encrypt(sm->kay, sm->kay->macsec_encrypt);
secy_cp_control_validate_frames(sm->kay, sm->validate_frames);
secy_cp_control_replay(sm->kay, sm->replay_protect, sm->replay_window);
+ secy_cp_control_offload(sm->kay, sm->offload);
}
@@ -462,6 +467,7 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_
sm->validate_frames = kay->macsec_validate;
sm->replay_protect = kay->macsec_replay_protect;
sm->replay_window = kay->macsec_replay_window;
+ sm->offload = kay->macsec_offload;
sm->controlled_port_enabled = false;
@@ -491,6 +497,7 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_
secy_cp_control_confidentiality_offset(sm->kay,
sm->confidentiality_offset);
secy_cp_control_current_cipher_suite(sm->kay, sm->current_cipher_suite);
+ secy_cp_control_offload(sm->kay, sm->offload);
SM_STEP_RUN(CP);
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -3464,8 +3464,8 @@ static void kay_l2_receive(void *ctx, co
struct ieee802_1x_kay *
ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
bool macsec_replay_protect, u32 macsec_replay_window,
- u16 port, u8 priority, u32 macsec_csindex,
- const char *ifname, const u8 *addr)
+ u8 macsec_offload, u16 port, u8 priority,
+ u32 macsec_csindex, const char *ifname, const u8 *addr)
{
struct ieee802_1x_kay *kay;
@@ -3524,6 +3524,7 @@ ieee802_1x_kay_init(struct ieee802_1x_ka
kay->macsec_validate = Disabled;
kay->macsec_replay_protect = false;
kay->macsec_replay_window = 0;
+ kay->macsec_offload = 0;
kay->macsec_confidentiality = CONFIDENTIALITY_NONE;
kay->mka_hello_time = MKA_HELLO_TIME;
} else {
@@ -3540,6 +3541,7 @@ ieee802_1x_kay_init(struct ieee802_1x_ka
kay->macsec_validate = Strict;
kay->macsec_replay_protect = macsec_replay_protect;
kay->macsec_replay_window = macsec_replay_window;
+ kay->macsec_offload = macsec_offload;
kay->mka_hello_time = MKA_HELLO_TIME;
}
@@ -3740,6 +3742,7 @@ ieee802_1x_kay_create_mka(struct ieee802
secy_cp_control_protect_frames(kay, kay->macsec_protect);
secy_cp_control_replay(kay, kay->macsec_replay_protect,
kay->macsec_replay_window);
+ secy_cp_control_offload(kay, kay->macsec_offload);
if (secy_create_transmit_sc(kay, participant->txsc))
goto fail;
--- a/src/pae/ieee802_1x_kay.h
+++ b/src/pae/ieee802_1x_kay.h
@@ -166,6 +166,7 @@ struct ieee802_1x_kay_ctx {
int (*delete_transmit_sa)(void *ctx, struct transmit_sa *sa);
int (*enable_transmit_sa)(void *ctx, struct transmit_sa *sa);
int (*disable_transmit_sa)(void *ctx, struct transmit_sa *sa);
+ int (*set_offload)(void *ctx, u8 offload);
};
struct ieee802_1x_kay {
@@ -206,6 +207,7 @@ struct ieee802_1x_kay {
bool is_key_server;
bool is_obliged_key_server;
char if_name[IFNAMSIZ];
+ u8 macsec_offload;
unsigned int macsec_csindex; /* MACsec cipher suite table index */
int mka_algindex; /* MKA alg table index */
@@ -240,8 +242,8 @@ u64 mka_sci_u64(struct ieee802_1x_mka_sc
struct ieee802_1x_kay *
ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
bool macsec_replay_protect, u32 macsec_replay_window,
- u16 port, u8 priority, u32 macsec_csindex,
- const char *ifname, const u8 *addr);
+ u8 macsec_offload, u16 port, u8 priority,
+ u32 macsec_csindex, const char *ifname, const u8 *addr);
void ieee802_1x_kay_deinit(struct ieee802_1x_kay *kay);
struct ieee802_1x_mka_participant *
--- a/src/pae/ieee802_1x_secy_ops.c
+++ b/src/pae/ieee802_1x_secy_ops.c
@@ -85,6 +85,26 @@ int secy_cp_control_replay(struct ieee80
}
+int secy_cp_control_offload(struct ieee802_1x_kay *kay, u8 offload)
+{
+ struct ieee802_1x_kay_ctx *ops;
+
+ if (!kay) {
+ wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
+ return -1;
+ }
+
+ ops = kay->ctx;
+ if (!ops || !ops->set_offload) {
+ wpa_printf(MSG_ERROR,
+ "KaY: secy set_offload operation not supported");
+ return -1;
+ }
+
+ return ops->set_offload(ops->ctx, offload);
+}
+
+
int secy_cp_control_current_cipher_suite(struct ieee802_1x_kay *kay, u64 cs)
{
struct ieee802_1x_kay_ctx *ops;
--- a/src/pae/ieee802_1x_secy_ops.h
+++ b/src/pae/ieee802_1x_secy_ops.h
@@ -23,6 +23,7 @@ int secy_cp_control_validate_frames(stru
int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, bool flag);
int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, bool enabled);
int secy_cp_control_replay(struct ieee802_1x_kay *kay, bool flag, u32 win);
+int secy_cp_control_offload(struct ieee802_1x_kay *kay, u8 offload);
int secy_cp_control_current_cipher_suite(struct ieee802_1x_kay *kay, u64 cs);
int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay,
enum confidentiality_offset co);
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -2610,6 +2610,7 @@ static const struct parse_data ssid_fiel
{ INT_RANGE(macsec_integ_only, 0, 1) },
{ INT_RANGE(macsec_replay_protect, 0, 1) },
{ INT(macsec_replay_window) },
+ { INT_RANGE(macsec_offload, 0, 2) },
{ INT_RANGE(macsec_port, 1, 65534) },
{ INT_RANGE(mka_priority, 0, 255) },
{ INT_RANGE(macsec_csindex, 0, 1) },
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -808,6 +808,7 @@ static void wpa_config_write_network(FIL
INT(macsec_integ_only);
INT(macsec_replay_protect);
INT(macsec_replay_window);
+ INT(macsec_offload);
INT(macsec_port);
INT_DEF(mka_priority, DEFAULT_PRIO_NOT_KEY_SERVER);
INT(macsec_csindex);
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
@@ -896,6 +896,18 @@ struct wpa_ssid {
u32 macsec_replay_window;
/**
+ * macsec_offload - Enable MACsec hardware offload
+ *
+ * This setting applies only when MACsec is in use, i.e.,
+ * - the key server has decided to enable MACsec
+ *
+ * 0 = MACSEC_OFFLOAD_OFF (default)
+ * 1 = MACSEC_OFFLOAD_PHY
+ * 2 = MACSEC_OFFLOAD_MAC
+ */
+ int macsec_offload;
+
+ /**
* macsec_port - MACsec port (in SCI)
*
* Port component of the SCI.
--- a/wpa_supplicant/driver_i.h
+++ b/wpa_supplicant/driver_i.h
@@ -804,6 +804,14 @@ static inline int wpa_drv_set_replay_pro
window);
}
+static inline int wpa_drv_set_offload(struct wpa_supplicant *wpa_s, u8 offload)
+{
+ if (!wpa_s->driver->set_offload)
+ return -1;
+ return wpa_s->driver->set_offload(wpa_s->drv_priv, offload);
+
+}
+
static inline int wpa_drv_set_current_cipher_suite(struct wpa_supplicant *wpa_s,
u64 cs)
{
--- a/wpa_supplicant/wpa_cli.c
+++ b/wpa_supplicant/wpa_cli.c
@@ -1473,6 +1473,7 @@ static const char *network_fields[] = {
"macsec_integ_only",
"macsec_replay_protect",
"macsec_replay_window",
+ "macsec_offload",
"macsec_port",
"mka_priority",
#endif /* CONFIG_MACSEC */
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -1094,6 +1094,15 @@ fast_reauth=1
# 0: No replay window, strict check (default)
# 1..2^32-1: number of packets that could be misordered
#
+# macsec_offload - Enable MACsec hardware offload
+#
+# This setting applies only when MACsec is in use, i.e.,
+# - the key server has decided to enable MACsec
+#
+# 0 = MACSEC_OFFLOAD_OFF (default)
+# 1 = MACSEC_OFFLOAD_PHY
+# 2 = MACSEC_OFFLOAD_MAC
+#
# macsec_port: IEEE 802.1X/MACsec port
# Port component of the SCI
# Range: 1-65534 (default: 1)
--- a/wpa_supplicant/wpas_kay.c
+++ b/wpa_supplicant/wpas_kay.c
@@ -98,6 +98,12 @@ static int wpas_set_receive_lowest_pn(vo
}
+static int wpas_set_offload(void *wpa_s, u8 offload)
+{
+ return wpa_drv_set_offload(wpa_s, offload);
+}
+
+
static unsigned int conf_offset_val(enum confidentiality_offset co)
{
switch (co) {
@@ -220,6 +226,7 @@ int ieee802_1x_alloc_kay_sm(struct wpa_s
kay_ctx->enable_protect_frames = wpas_enable_protect_frames;
kay_ctx->enable_encrypt = wpas_enable_encrypt;
kay_ctx->set_replay_protect = wpas_set_replay_protect;
+ kay_ctx->set_offload = wpas_set_offload;
kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite;
kay_ctx->enable_controlled_port = wpas_enable_controlled_port;
kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn;
@@ -240,7 +247,8 @@ int ieee802_1x_alloc_kay_sm(struct wpa_s
kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa;
res = ieee802_1x_kay_init(kay_ctx, policy, ssid->macsec_replay_protect,
- ssid->macsec_replay_window, ssid->macsec_port,
+ ssid->macsec_replay_window,
+ ssid->macsec_offload, ssid->macsec_port,
ssid->mka_priority, ssid->macsec_csindex,
wpa_s->ifname, wpa_s->own_addr);
/* ieee802_1x_kay_init() frees kay_ctx on failure */

7
wpa_supplicant-quiet-scan-results-message.patch
View File

@ -7,11 +7,9 @@ Subject: [PATCH 1/2] quiet an annoying and frequent syslog message
wpa_supplicant/events.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index abe3b47..72a0412 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -1555,11 +1555,11 @@ static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s,
@@ -2504,11 +2504,11 @@ static int _wpa_supplicant_event_scan_re
if (wpa_s->last_scan_req == MANUAL_SCAN_REQ &&
wpa_s->manual_scan_use_id && wpa_s->own_scan_running &&
own_request && !(data && data->scan_info.external_scan)) {
@ -25,6 +23,3 @@ index abe3b47..72a0412 100644
}
wpas_notify_scan_results(wpa_s);
--
2.9.3

23
wpa_supplicant.spec
View File

@ -8,8 +8,8 @@
Summary: WPA/WPA2/IEEE 802.1X Supplicant
Name: wpa_supplicant
Epoch: 1
Version: 2.10
Release: 5%{?dist}
Version: 2.11
Release: 1%{?dist}
License: BSD
Source0: http://w1.fi/releases/%{name}-%{version}.tar.gz
Source1: wpa_supplicant.conf
@ -29,19 +29,8 @@ Patch2: wpa_supplicant-flush-debug-output.patch
Patch3: wpa_supplicant-quiet-scan-results-message.patch
# distro specific customization for Qt4 build tools, not suitable for upstream
Patch4: wpa_supplicant-gui-qt4.patch
# backport fix for bz2063730
Patch5: 0001-D-Bus-Add-wep_disabled-capability.patch
# backport fix for bz2077973
Patch6: 0001-EAP-peer-Workaround-for-servers-that-do-not-support-.patch
Patch7: 0001-EAP-peer-status-notification-for-server-not-supporti.patch
# support macsec HW offload
Patch8: wpa_supplicant-MACsec-Support-GCM-AES-256-cipher-suite.patch
Patch9: wpa_supplicant-macsec_linux-Support-cipher-suite-configuration.patch
Patch10: wpa_supplicant-mka-Allow-configuration-of-MACsec-hardware-offload.patch
Patch11: wpa_supplicant-macsec_linux-Add-support-for-MACsec-hardware-offload.patch
# fix PEAP client to require successful Phase2 authentication when needed (CVE-2023-52160)
Patch12: wpa_supplicant-PEAP-client-Update-Phase-2-authentication-requiremen.patch
# backport fix for a regression introduced with upstream version 2.11
Patch5: wpa_supplicant-Revert-Mark-authorization-completed-on-driver-indica.patch
URL: http://w1.fi/wpa_supplicant/
@ -202,6 +191,10 @@ chmod -R 0644 wpa_supplicant/examples/*.py
%changelog
* Thu Nov 28 2024 Davide Caratti <dcaratti@redhat.com> - 1:2.11-1
- Update to upstream version 2.11 (plus a follow-up backport)
Resolves: RHEL-10237, RHEL-58725
* Thu Feb 22 2024 Davide Caratti <dcaratti@redhat.com> - 1:2.10-5
- Support macsec HW offload.
Resolves: RHEL-22440