From owner-dev-commits-ports-all@freebsd.org Mon Apr 12 18:24:10 2021 Return-Path: Delivered-To: dev-commits-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 06A615DA14F; Mon, 12 Apr 2021 18:24:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FJxvs6Ldpz4lSC; Mon, 12 Apr 2021 18:24:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C7B6C1C67E; Mon, 12 Apr 2021 18:24:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 13CIO9is017079; Mon, 12 Apr 2021 18:24:09 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 13CIO9sL017078; Mon, 12 Apr 2021 18:24:09 GMT (envelope-from git) Date: Mon, 12 Apr 2021 18:24:09 GMT Message-Id: <202104121824.13CIO9sL017078@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Cy Schubert Subject: git: 006592a7734c - main - security/wpa_supplicant-devel: Add PASN option MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 006592a7734cbf82253095281914b2aae4b75ee6 Auto-Submitted: auto-generated X-BeenThere: dev-commits-ports-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the ports repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Apr 2021 18:24:10 -0000 The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=006592a7734cbf82253095281914b2aae4b75ee6 commit 006592a7734cbf82253095281914b2aae4b75ee6 Author: Cy Schubert AuthorDate: 2021-04-12 17:50:55 +0000 Commit: Cy Schubert CommitDate: 2021-04-12 18:23:49 +0000 security/wpa_supplicant-devel: Add PASN option PASN (Pre association Security Negotiation), defined in 802.11az_D1.5, is the mechanism that allows for security association and allow Management Frame Protection (MFP) prior to association. See https://www.spinics.net/lists/hostap/msg06752.html. --- security/wpa_supplicant-devel/Makefile | 6 ++++-- .../files/patch-wpa__supplicant_pasn__supplicant.c | 14 ++++++++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/security/wpa_supplicant-devel/Makefile b/security/wpa_supplicant-devel/Makefile index 0c616585e151..c309ea5d394b 100644 --- a/security/wpa_supplicant-devel/Makefile +++ b/security/wpa_supplicant-devel/Makefile @@ -43,7 +43,7 @@ OPTIONS_DEFINE= WPS WPS_ER WPS_NOREG WPS_NFC WPS_UPNP PKCS12 SMARTCARD \ IEEE80211R DEBUG_FILE DEBUG_SYSLOG PRIVSEP \ DELAYED_MIC IEEE80211N IEEE80211AC INTERWORKING \ IEEE8021X_EAPOL EAPOL_TEST \ - HS20 NO_ROAMING P2P TDLS DBUS MATCH DOCS \ + HS20 NO_ROAMING P2P PASN TDLS DBUS MATCH DOCS \ SIM_SIMULATOR USIM_SIMULATOR OPTIONS_DEFAULT= BSD WIRED \ TLS PEAP TTLS MD5 MSCHAPV2 GTC LEAP OTP PSK \ @@ -77,6 +77,7 @@ INTERWORKING_DESC= Improve ext. network interworking (IEEE 802.11u) HS20_DESC= Hotspot 2.0 NO_ROAMING_DESC= Disable roaming P2P_DESC= Peer-to-Peer support +PASN_DESC= PASN support TDLS_DESC= Tunneled Direct Link Setup MATCH_DESC= Interface match mode @@ -158,7 +159,8 @@ post-patch: .for simple in WPS WPS_ER WPS_NFC WPS_UPNP PKCS12 SMARTCARD HT_OVERRIDES \ VHT_OVERRIDES TLSV12 IEEE80211AC IEEE80211N IEEE80211R IEEE80211W \ IEEE8021X_EAPOL EAPOL_TEST \ - INTERWORKING DEBUG_FILE DEBUG_SYSLOG HS20 NO_ROAMING PRIVSEP P2P TDLS + INTERWORKING DEBUG_FILE DEBUG_SYSLOG HS20 NO_ROAMING PRIVSEP P2P \ + PASN TDLS . if ${PORT_OPTIONS:M${simple}} @${ECHO_CMD} CONFIG_${simple}=y >> ${CFG} . endif diff --git a/security/wpa_supplicant-devel/files/patch-wpa__supplicant_pasn__supplicant.c b/security/wpa_supplicant-devel/files/patch-wpa__supplicant_pasn__supplicant.c new file mode 100644 index 000000000000..f8a71213a120 --- /dev/null +++ b/security/wpa_supplicant-devel/files/patch-wpa__supplicant_pasn__supplicant.c @@ -0,0 +1,14 @@ +--- wpa_supplicant/pasn_supplicant.c.orig 2021-04-10 02:48:08.000000000 -0700 ++++ wpa_supplicant/pasn_supplicant.c 2021-04-12 10:44:14.939212000 -0700 +@@ -1079,7 +1079,11 @@ + pasn->group = group; + pasn->freq = freq; + ++#ifdef CONFIG_TESTING_OPTIONS + if (wpa_s->conf->force_kdk_derivation || ++#else ++ if ( ++#endif + (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF && + ieee802_11_rsnx_capab(beacon_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF))) + pasn->kdk_len = WPA_KDK_MAX_LEN;