337832 |
15-Aug-2018 |
delphij |
Fix unauthenticated EAPOL-Key decryption vulnerability. [SA-18:11.hostapd]
Approved by: so |
324739 |
19-Oct-2017 |
gordon |
Update wpa_supplicant/hostapd for 2017-01 vulnerability release.
Note this is a different patchset than what was applied to head and stable/11 due to the much older version of wpa_supplicant/hostapd in stable/10.
hostapd: Avoid key reinstallation in FT handshake Prevent reinstallation of an already in-use group key Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases Fix TK configuration to the driver in EAPOL-Key 3/4 retry case Prevent installation of an all-zero TK Fix PTK rekeying to generate a new ANonce TDLS: Reject TPK-TK reconfiguration WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used WNM: Ignore WNM-Sleep Mode Response without pending request FT: Do not allow multiple Reassociation Response frames TDLS: Ignore incoming TDLS Setup Response retries
Submitted by: jhb Obtained from: https://w1.fi/security/2017-01/ (against later version) Security: FreeBSD-SA-17:07 Security: CERT VU#228519 Security: CVE-2017-13077 Security: CVE-2017-13078 Security: CVE-2017-13079 Security: CVE-2017-13080 Security: CVE-2017-13081 Security: CVE-2017-13082 Security: CVE-2017-13086 Security: CVE-2017-13087 Security: CVE-2017-13088 Differential Revision: https://reviews.freebsd.org/D12724 |
264390 |
12-Apr-2014 |
rpaulo |
MFC r263925 Enable all cryptocaps because net80211 can do software encryption. |
256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
254062 |
07-Aug-2013 |
rpaulo |
Fix previous commit: both flags must be set.
|
254021 |
07-Aug-2013 |
rpaulo |
Make sure IFM_AVALID is also set when checking ifm_status.
Submitted by: yongari
|
254019 |
07-Aug-2013 |
rpaulo |
Fix a timing issue with the wired driver.
After configuring the interface, wait for the link to become active. Many ethernet drivers reset the chip when we set multicast filters (causing significant delays due to link re-negotiation) and, by the time we start sending packets, they are discared instead of going to the ether.
Tested by: dumbbell
|
253040 |
08-Jul-2013 |
hiren |
Move to MSG_DEBUG to print it via syslog only when requested.
Reviewed by: rpaulo, adrian Approved by: sbruno (mentor)
|
252734 |
04-Jul-2013 |
rpaulo |
Delete .gitignore files.
|
252729 |
04-Jul-2013 |
rpaulo |
Remove unused files / directories.
|
252726 |
04-Jul-2013 |
rpaulo |
Merge hostapd / wpa_supplicant 2.0.
Reviewed by: adrian (driver_bsd + usr.sbin/wpa)
|
251848 |
17-Jun-2013 |
pluknet |
Import change e4ac6417c7504e1c55ec556ce908974c04e29e3c from upstream wpa:
From: Guy Eilam <guy@wizery.com> Date: Mon, 21 Feb 2011 20:44:46 +0000 (+0200) Subject: utils: Corrected a typo in header's name definition
utils: Corrected a typo in header's name definition
Corrected a typo in the BASE64_H definition that might cause the header file to be included more than once.
Signed-off-by: Guy Eilam <guy@wizery.com>
Submitted by: <dt71@gmx.com> MFC after: 3 days
|
246875 |
16-Feb-2013 |
dim |
Import change 40eebf235370b6fe6353784ccf01ab92eed062a5 from upstream wpa:
From: Jouni Malinen <j@w1.fi> Date: Fri, 15 Jul 2011 13:42:06 +0300 Subject: [PATCH] MD5: Fix clearing of temporary stack memory to use correct length
sizeof of the structure instead of the pointer was supposed to be used here. Fix this to clear the full structure at the end of MD5Final().
Found by: clang ToT Reviewed by: rpaulo MFC after: 3 days
|
243419 |
23-Nov-2012 |
cperciva |
MFS security patches which seem to have accidentally not reached HEAD:
Fix insufficient message length validation for EAP-TLS messages.
Fix Linux compatibility layer input validation error.
Security: FreeBSD-SA-12:07.hostapd Security: FreeBSD-SA-12:08.linux Security: CVE-2012-4445, CVE-2012-4576 With hat: so@
|
214736 |
03-Nov-2010 |
rpaulo |
Remove unused files.
|
214734 |
03-Nov-2010 |
rpaulo |
Merge wpa_supplicant and hostapd 0.7.3.
|
209160 |
14-Jun-2010 |
rpaulo |
Remove unused files.
|
209158 |
14-Jun-2010 |
rpaulo |
MFV hostapd & wpa_supplicant 0.6.10.
|
189262 |
02-Mar-2009 |
sam |
bring in local changes for: CONFIG_DEBUG_SYSLOG CONFIG_TERMINATE_ONLASTIF EAP_SERVER
|
189261 |
02-Mar-2009 |
sam |
connect vendor wpa area to contrib
|
189254 |
01-Mar-2009 |
sam |
remove unused bits
|
189251 |
01-Mar-2009 |
sam |
import wpa_supplicant+hostapd 0.6.8
|