added core/wpa_supplicant

2025-02-16 23:57:11 +00:00 · 2019-07-28 02:33:02 +00:00 · 2019-07-28 02:33:02 +00:00 · 559ce7d494
commit 559ce7d494
parent 2540bf2f54
4 changed files with 197 additions and 0 deletions
--- a/core/wpa_supplicant/0001-supplicant-use-separate-flag-for-4-way-handshake-off.patch
+++ b/core/wpa_supplicant/0001-supplicant-use-separate-flag-for-4-way-handshake-off.patch
@ -0,0 +1,71 @@
+From 34755e9209567a834776c9f3f5a02ba8e146331b Mon Sep 17 00:00:00 2001
+From: Arend van Spriel <arend.vanspriel@broadcom.com>
+Date: Tue, 2 Jul 2019 00:13:49 +0200
+Subject: [PATCH] supplicant: use separate flag for 4-way handshake offload
+
+Commit d896874f8689 ("nl80211: Indicate 802.1X 4-way handshake
+offload in connect") used the req_key_mgmt_offload flag to
+indicate to the driver that it should offload the 802.1X handshake.
+However, this field was existing and used for a different offload
+API. This causes wpa_supplicant to send a connect request with the
+WANT_1X_HS flag and the subsequent set-pmk is rejected causing the
+connection to fail. So this patch fixes that by introducing a new
+flag req_handshake_offload so the offloads are no longer entangled.
+
+Reported-by: Stefan Wahren <wahrenst@gmx.net>
+Tested-by: Stefan Wahren <wahrenst@gmx.net>
+Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
+---
+ src/drivers/driver.h            | 8 ++++++++
+ src/drivers/driver_nl80211.c    | 2 +-
+ wpa_supplicant/wpa_supplicant.c | 2 +-
+ 3 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/src/drivers/driver.h b/src/drivers/driver.h
+index e7c8f318f..8d544badf 100644
+--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
+@@ -1045,6 +1045,14 @@ struct wpa_driver_associate_params {
+ 	 */
+ 	int req_key_mgmt_offload;
+ 
+	/**
+	 * req_handshake_offload - Request EAPOL handshake offload
+	 *
+	 * Request EAPOL handshake offload for this connection if the device
+	 * supports it.
+	 */
+	int req_handshake_offload;
+
+ 	/**
+ 	 * Flag for indicating whether this association includes support for
+ 	 * RRM (Radio Resource Measurements)
+diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
+index 54fe39000..987828c96 100644
+--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
+@@ -5605,7 +5605,7 @@ static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
+ 			return -1;
+ 	}
+ 
+-	if (params->req_key_mgmt_offload &&
+	if (params->req_handshake_offload &&
+ 	    (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) {
+ 		    wpa_printf(MSG_DEBUG, "  * WANT_1X_4WAY_HS");
+ 		    if (nla_put_flag(msg, NL80211_ATTR_WANT_1X_4WAY_HS))
+diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
+index 96a3691cf..a73db95f7 100644
+--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
+@@ -3220,7 +3220,7 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
+ 	     params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
+ 	     params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
+ 	     params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
+-		params.req_key_mgmt_offload = 1;
+		params.req_handshake_offload = 1;
+ 
+ 	if (wpa_s->conf->key_mgmt_offload) {
+ 		if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
+-- 
+2.22.0
+
--- a/core/wpa_supplicant/PKGBUILD
+++ b/core/wpa_supplicant/PKGBUILD
@ -0,0 +1,74 @@
+# Maintainer:  Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
+# Contributor: Thomas Bächler <thomas@archlinux.org>
+
+# ALARM: Kevin Mihelich <kevin@archlinuxarm.org>
+#  - patch to fix rpi wifi kernel panic (https://patchwork.ozlabs.org/patch/1125655/)
+
+pkgname=wpa_supplicant
+pkgver=2.8
+pkgrel=1.1
+epoch=2
+pkgdesc='A utility providing key negotiation for WPA wireless networks'
+url='http://hostap.epitest.fi/wpa_supplicant'
+arch=(x86_64)
+license=(GPL)
+depends=(openssl libdbus readline libnl)
+install=wpa_supplicant.install
+source=(https://w1.fi/releases/${pkgname}-${pkgver}.tar.gz{,.asc}
+        0001-supplicant-use-separate-flag-for-4-way-handshake-off.patch
+        config
+)
+validpgpkeys=('EC4AA0A991A5F2464582D52D2B6EF432EFC895FA') # Jouni Malinen
+sha256sums=('a689336a12a99151b9de5e25bfccadb88438f4f4438eb8db331cd94346fd3d96'
+            'SKIP'
+            '537df0e47b20b1c6cd71b8f73bc3223e258b2425b3795e10f82c577ae27d4720'
+            '23aee0597750ec21b37654b5163e2f577c1204fc33bdfbf7bc2fb470e8a467db')
+
+prepare() {
+  cd "$srcdir/$pkgname-$pkgver"
+  local i; for i in "${source[@]}"; do
+    case $i in
+      *.patch)
+        msg2 "Applying patch $i"
+        patch -p1 -i "$srcdir/$i"
+        ;;
+    esac
+  done
+
+  cd "$srcdir/$pkgname-$pkgver/$pkgname"
+  cp "$srcdir/config" ./.config
+}
+
+build() {
+  cd "$srcdir/$pkgname-$pkgver/$pkgname"
+
+  make LIBDIR=/usr/lib BINDIR=/usr/bin
+  make LIBDIR=/usr/lib BINDIR=/usr/bin eapol_test
+}
+
+package() {
+  cd "$srcdir/$pkgname-$pkgver/$pkgname"
+  make LIBDIR=/usr/lib BINDIR=/usr/bin DESTDIR="$pkgdir" install
+  install -Dm755 eapol_test "$pkgdir/usr/bin/eapol_test"
+
+  install -d -m755 "$pkgdir/etc/wpa_supplicant"
+  install -Dm644 wpa_supplicant.conf \
+    "$pkgdir/usr/share/doc/wpa_supplicant/wpa_supplicant.conf"
+
+
+install -d -m755 "$pkgdir/usr/share/dbus-1/system-services"
+install -m644 \
+dbus/fi.w1.wpa_supplicant1.service \
+"$pkgdir/usr/share/dbus-1/system-services/"
+
+ install -Dm644 dbus/dbus-wpa_supplicant.conf \
+"$pkgdir/etc/dbus-1/system.d/wpa_supplicant.conf"
+
+  install -d -m755 "$pkgdir/usr/share/man/man"{5,8}
+  install -m644 doc/docbook/*.5 "$pkgdir/usr/share/man/man5/"
+  install -m644 doc/docbook/*.8 "$pkgdir/usr/share/man/man8/"
+  rm -f "$pkgdir/usr/share/man/man8/wpa_"{priv,gui}.8
+
+  install -d -m755 "$pkgdir/usr/lib/systemd/system"
+  install -m644 systemd/*.service "$pkgdir/usr/lib/systemd/system/"
+}
--- a/core/wpa_supplicant/config
+++ b/core/wpa_supplicant/config
@ -0,0 +1,45 @@
+CONFIG_AP=y
+CONFIG_AUTOSCAN_EXPONENTIAL=y
+CONFIG_AUTOSCAN_PERIODIC=y
+CONFIG_BACKEND=file
+CONFIG_BGSCAN_SIMPLE=y
+CONFIG_CTRL_IFACE=y
+CONFIG_CTRL_IFACE_BUS=y
+CONFIG_CTRL_IFACE_DBUS_INTRO=y
+CONFIG_CTRL_IFACE_DBUS_NEW=y
+CONFIG_DEBUG_FILE=y
+CONFIG_DRIVER_NL80211=y
+CONFIG_DRIVER_WEXT=y
+CONFIG_DRIVER_WIRED=y
+CONFIG_EAP_FAST=y
+CONFIG_EAP_GTC=y
+CONFIG_EAP_LEAP=y
+CONFIG_EAP_MD5=y
+CONFIG_EAP_MSCHAPV2=y
+CONFIG_EAP_OTP=y
+CONFIG_EAP_PEAP=y
+CONFIG_EAP_PWD=y
+CONFIG_EAP_TLS=y
+CONFIG_EAP_TTLS=y
+CONFIG_HS20=y
+CONFIG_HT_OVERRIDES=y
+CONFIG_IBSS_RSN=y
+CONFIG_IEEE80211AC=y
+CONFIG_IEEE80211N=y
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211W=y
+CONFIG_IEEE8021X_EAPOL=y
+CONFIG_INTERWORKING=y
+CONFIG_IPV6=y
+CONFIG_LIBNL32=y
+CONFIG_NO_RANDOM_POOL=y
+CONFIG_P2P=y
+CONFIG_PEERKEY=y
+CONFIG_PKCS12=y
+CONFIG_READLINE=y
+CONFIG_SMARTCARD=y
+CONFIG_TDLS=y
+CONFIG_VHT_OVERRIDES=y
+CONFIG_WIFI_DISPLAY=y
+CONFIG_WPS=y
+CONFIG_WPS_NFC=y
--- a/core/wpa_supplicant/wpa_supplicant.install
+++ b/core/wpa_supplicant/wpa_supplicant.install
@ -0,0 +1,7 @@
+post_upgrade() {
+  if [[ $(vercmp "$2" '1:2.6-3') -lt 0 ]]; then
+    echo ':: The /etc/wpa_supplicant/wpa_supplicant.conf is file no longer managed by pacman'
+    echo '   and if it was modified, it has been renamed to wpa_supplicant.conf.pacsave.'
+    echo '   Move it to the original location if needed.'
+  fi
+}