aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant
Commit message (Collapse)AuthorAgeFilesLines
* wpa_supplicant: fix WPA2 key replay security bugjethroRoss Burton2017-11-031-0/+943
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WPA2 is vulnerable to replay attacks which result in unauthenticated users having access to the network. * CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake * CVE-2017-13078: reinstallation of the group key in the Four-way handshake * CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake * CVE-2017-13080: reinstallation of the group key in the Group Key handshake * CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake * CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it * CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake * CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame * CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame Backport patches from upstream to resolve these CVEs. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Fix CVE-2015-8041Hongxu Jia2016-03-031-0/+64
| | | | | | | | | | | Backport patch from http://w1.fi/security/2015-5/ and rebase for wpa-supplicant 2.4 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Not needed in master since the upgrade to 2.5 Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Fix CVE-2015-4141, CVE-2015-4143, CVE-2015-4144, ↵Fan Xin2015-08-096-0/+346
| | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2015-4145, CVE-2015-4146 wpa-supplicant: backport patch to fix CVE-2015-4141, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146 Backport patch to fix CVE-2015-4141, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146. This patch is originally from: For CVE-2015-4141: http://w1.fi/security/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch For CVE-2015-4143: http://w1.fi/security/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch http://w1.fi/security/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch For CVE-2015-4144 and CVE-2015-4145: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch For CVE-2015-4146: http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch Signed-off-by: Fan Xin <fan.xin at jp.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Fix CVE-2015-4142fan.xin2015-07-011-0/+45
| | | | | | | | | | | wpa-supplicant: backport patch to fix CVE-2015-4142 Backport patch to fix CVE-2015-4142. This patch is originally from: http://w1.fi/security/2015-3/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: upgrade to 2.4Yue Tao2015-05-273-80/+47
| | | | | | | | | | 1. upgrade to 2.4 2. update the checksum, and license checksum since date in it is changed 3. Backport a patch to fix CVE-2015-1863 4. remove two deprecated patches Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Replace non-standard base defines with c99 compliant onesKhem Raj2015-04-081-0/+38
| | | | | | | | Makes it more portable Change-Id: I033787934cd91243ce8f8ce3a974a157aa5cfd6a Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: upgrade to 2.3Cristian Iorga2014-11-121-7/+7
| | | | | | | | - P2P WiFi improvements; - Bug fixes. Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: use PACKAGECONFIG for ssl selectionYasir-Khan2014-08-111-1/+1
| | | | | | | | Select between openssl or gnutls as ssl implementation via PACKAGECONFIG instead of explicitly adding both via DEPENDS. Signed-off-by: Yasir-Khan <yasir_khan@mentor.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* wpa-supplicant: upgrade to 2.1Cristian Iorga2014-02-282-82/+155
| | | | | | | | | | | | | | | - USE {BP} variable; - Updated naming scheme; - Updated copyright owners. - Update defconfig file, is now in sync with current version; as such, more functionality can be enabled for wpa-supplicant. - removed register-autoscan-correctly.patch, included in upstream. Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: enable CONFIG_CTRL_IFACE_DBUS_NEWSteve Sakoman2013-11-121-1/+1
| | | | | | | | | Without this option wifi support in connman will fail: src/technology.c:technology_get() No matching drivers found for wifi Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: enable required configuration options for connmanSimon Busch2013-07-271-1/+20
| | | | | | | | Details can be found in the connman documentation: https://git.kernel.org/cgit/network/connman/connman.git/tree/README#n280 Signed-off-by: Simon Busch <morphis@gravedo.de> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* wpa-supplicant: backport patch to fix dbus interface for autoscan functionalitySimon Busch2013-07-181-0/+51
| | | | | | | | | See https://lists.connman.net/pipermail/connman/2013-July/014871.html for details about the issue with connman and http://lists.shmoo.com/pipermail/hostap/2013-July/028167.html about the upstream submission of the patch. Signed-off-by: Simon Busch <morphis@gravedo.de> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* wpa-supplicant: avoid host contamination by libnl3Andreas Oberritter2013-03-121-0/+42
| | | | | | | | Removes hardcoded include path -I/usr/include/libnl3. OE's include path gets injected by do_configure. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* wpa-supplicant: upgrade to 2.0Constantin Musca2013-01-255-0/+1192
- as of February 11, 2012, the project has chosen to use only the BSD license option for future distribution - wpa-supplicant-1.0 dir was not version specific, as such it is generic now Signed-off-by: Constantin Musca <constantinx.musca@intel.com> Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>