Update to Linux 6.1 and Alpine 3.18

- Update base-layout to 3.4.3 - Update busybox to 1.36.1 - Update iptables to 1.8.9 - Update linux-lts to 6.1.53 - Update to openrc to 0.48 - Update rtl8821ce to snapshot of 20230915 - Replace rtwB88 with a third-party driver - Update rtw89 to snapshot of 20230913 - Import wpa_supplicant fixes from Arch Linux
author: PÁLI Gábor János <pali.gabor@gmail.com> 2023-08-03 10:10:44 +0200
committer: PÁLI Gábor János <pali.gabor@gmail.com> 2023-09-16 17:58:03 +0200
commit: 89279d87c5d3e0ea330be1f927e3f3bc59dbc2a7 (patch)
tree: 353bc9a026d0140151e760efbc4f6a6a6b24a020 /aports/wpa_supplicant/0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
parent: 084335e136581edc28137b152cc559778224570e (diff)
download: freebsd-wifibox-alpine-89279d87c5d3e0ea330be1f927e3f3bc59dbc2a7.zip
1 files changed, 56 insertions, 0 deletions
diff --git a/aports/wpa_supplicant/0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch b/aports/wpa_supplicant/0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
new file mode 100644
index 0000000..6509bcd
--- /dev/null
+++ b/aports/wpa_supplicant/0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
@@ -0,0 +1,56 @@
+From: Beniamino Galvani <bgalvani@redhat.com>
+Date: Mon, 4 Apr 2022 09:13:12 +0200
+Subject: AP: guard FT-SAE code with CONFIG_IEEE80211R_AP
+
+wpa_supplicant doesn't support FT in AP mode, but it still negotiates
+FT-SAE. This can lead to an authentication failure when the AP is
+started with key_mgmt="SAE FT-SAE" and the STA supports both.
+
+Ensure that FT-SAE is not negotiated when CONFIG_IEEE80211R_AP is not
+defined.
+
+Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
+---
+ src/ap/wpa_auth_ie.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c
+index 524922e..d63cbeb 100644
+--- a/src/ap/wpa_auth_ie.c
++++ b/src/ap/wpa_auth_ie.c
+@@ -228,11 +228,13 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
+ 		pos += RSN_SELECTOR_LEN;
+ 		num_suites++;
+ 	}
++#ifdef CONFIG_IEEE80211R_AP
+ 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
+ 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE);
+ 		pos += RSN_SELECTOR_LEN;
+ 		num_suites++;
+ 	}
++#endif /* CONFIG_IEEE80211R_AP */
+ #endif /* CONFIG_SAE */
+ 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
+ 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B);
+@@ -670,8 +672,10 @@ wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
+ #ifdef CONFIG_SAE
+ 		else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
+ 			selector = RSN_AUTH_KEY_MGMT_SAE;
++#ifdef CONFIG_IEEE80211R_AP
+ 		else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE)
+ 			selector = RSN_AUTH_KEY_MGMT_FT_SAE;
++#endif /* CONFIG_IEEE80211R_AP */
+ #endif /* CONFIG_SAE */
+ 		else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
+ 			selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
+@@ -778,8 +782,10 @@ wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
+ #ifdef CONFIG_SAE
+ 	else if (key_mgmt & WPA_KEY_MGMT_SAE)
+ 		sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
++#ifdef CONFIG_IEEE80211R_AP
+ 	else if (key_mgmt & WPA_KEY_MGMT_FT_SAE)
+ 		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE;
++#endif /* CONFIG_IEEE80211R_AP */
+ #endif /* CONFIG_SAE */
+ 	else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
+ 		sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;
author	PÁLI Gábor János <pali.gabor@gmail.com>	2023-08-03 10:10:44 +0200
committer	PÁLI Gábor János <pali.gabor@gmail.com>	2023-09-16 17:58:03 +0200
commit	89279d87c5d3e0ea330be1f927e3f3bc59dbc2a7 (patch)
tree	353bc9a026d0140151e760efbc4f6a6a6b24a020 /aports/wpa_supplicant/0002-AP-guard-FT-SAE-code-with-CONFIG_IEEE80211R_AP.patch
parent	084335e136581edc28137b152cc559778224570e (diff)
download	freebsd-wifibox-alpine-89279d87c5d3e0ea330be1f927e3f3bc59dbc2a7.zip