From nobody Tue Sep 12 05:53:13 2023 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RlCRt2GPSz4sYXQ; Tue, 12 Sep 2023 05:53:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RlCRs4sqmz3dcb; Tue, 12 Sep 2023 05:53:13 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694497993; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+R+E5b+gGb+kjc10V4agQVL/LZ++K4kFlz1iyKrWVrE=; b=EXWxUq1HwUn5kdN4QXnDzf6ZpJZbueZaTttoDj7YLmyfJj3iJPimjLcAeFIydpo4BwoOnP FzK6RIxud/nQT2ldH9QchRCh5UdybdwipWjArg0hlrha+oj1F6uhLC/8x2xW/JAgU61xQy azGQr8O1AA9g6qPgkve8VbWK1Kcrfhj6FD7ZKmK21ZQ503YFisgZqOVT1Tjh7YmD/4s47n DqneDcBtRg3E6G5GBHbPkaLer7cQwrG720Vue9dHnMjPE4BMoRZmd9OdetpyxyUP0nqCr2 xvMynz2+4Bmd5jk+MXatLz8JLpjTPHNI3L3OwXyWJv8NpaxySePu4jONYUy/0A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694497993; a=rsa-sha256; cv=none; b=HEs+0FtbXZrHdLtrh7jY30LQ1TUuhT5CSXF7Mkt0kS8WyXhiZFTEhEnwN278z6RJX3mmnG 6ppjYqAEUeZT4kh0bbN6glE4C5xhlXErob3KBABZKtrHCRpjvYuZb9NOgInNJaop7PFicI lhOZrChGa2dAuslcArZQHzker2nVK0CQKJH9x44u8xKtoPsqIuzUrXaI0gA94L2dAdjfFa 0tpsHw70jIh5EuC4pxtr7yF7WRaRXLyTOr5BHYBJixDKGOl7LKzfXD7KmuaG+M3s1q5IiR DZuw/D5A3o1UaAg2mAsvmFeYAjPBB/2nix6u2i67PJnJQyMJzSUz3L7m6BJWkQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694497993; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+R+E5b+gGb+kjc10V4agQVL/LZ++K4kFlz1iyKrWVrE=; b=vck2pUOBXXW39/ElKC1ui0QkOF4elrDq+ra/lHLAnIJjC0CGbp7F4u3fqaCYLCW1PyoxNh YZvPVHjVzhAksIdjnmlKw1X3JVRrymbzW4ZezVUgcgTttcbONqRxFGHK+/b5b7Y05i2c48 B1vYN8yumTEi2wl2H64auM7bckg/15bw3FvqKlNoao19zabkdslGVdixNvcD+dXjT3YFXy alSFw9jtfm0oHQ4SoGq440xeEgJ0KWqCfFNkJ5W4Syh+eg2EmqEPjH5OIv3rcmEhxkADMe aV0YPQ1soZRgO90ERue5v42aOQ68PdH65N7jDiOwHqfM2kNwEJzeRjRJ/P4xcQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RlCRs3zy9z4qh; Tue, 12 Sep 2023 05:53:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 38C5rD6w086982; Tue, 12 Sep 2023 05:53:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 38C5rDHv086979; Tue, 12 Sep 2023 05:53:13 GMT (envelope-from git) Date: Tue, 12 Sep 2023 05:53:13 GMT Message-Id: <202309120553.38C5rDHv086979@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Cy Schubert Subject: git: 218c7064c3d8 - main - security/wpa_supplicant-devel: wpa: Enable receiving priority tagged (VID 0) frames List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 218c7064c3d83484a007ee54cc6556d58c657b4b Auto-Submitted: auto-generated The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=218c7064c3d83484a007ee54cc6556d58c657b4b commit 218c7064c3d83484a007ee54cc6556d58c657b4b Author: R. Christian McDonald AuthorDate: 2023-09-12 05:25:52 +0000 Commit: Cy Schubert CommitDate: 2023-09-12 05:51:26 +0000 security/wpa_supplicant-devel: wpa: Enable receiving priority tagged (VID 0) frames Certain internet service providers transmit vlan 0 priority tagged EAPOL frames from the ONT towards the residential gateway. VID 0 should be ignored, and the frame processed according to the priority set in the 802.1P bits and the encapsulated EtherType (i.e. EAPOL). The pcap filter utilized by l2_packet is inadquate for this use case. Here we modify the pcap filter to accept both unencapsulated and encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the original filter behavior while also matching on encapsulated EAPOL. Sponsored by: Rubicon Communications, LLC ("Netgate") Reviewed by: cy Obtained from: src bb5d6d14d81b PR: 273696 MFH: 2023Q3 --- security/wpa_supplicant-devel/Makefile | 2 +- .../patch-src_l2__packet_l2__packet__freebsd.c | 30 ++++++++++++++++++++-- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/security/wpa_supplicant-devel/Makefile b/security/wpa_supplicant-devel/Makefile index ccc6c1b32cdd..c45a6aff8251 100644 --- a/security/wpa_supplicant-devel/Makefile +++ b/security/wpa_supplicant-devel/Makefile @@ -1,6 +1,6 @@ PORTNAME= wpa_supplicant PORTVERSION= ${COMMIT_DATE} -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security net PKGNAMESUFFIX= -devel diff --git a/security/wpa_supplicant-devel/files/patch-src_l2__packet_l2__packet__freebsd.c b/security/wpa_supplicant-devel/files/patch-src_l2__packet_l2__packet__freebsd.c index 224ca67ee95f..74a89e71f0f8 100644 --- a/security/wpa_supplicant-devel/files/patch-src_l2__packet_l2__packet__freebsd.c +++ b/security/wpa_supplicant-devel/files/patch-src_l2__packet_l2__packet__freebsd.c @@ -1,5 +1,5 @@ --- src/l2_packet/l2_packet_freebsd.c.orig 2023-09-05 10:38:47.000000000 -0700 -+++ src/l2_packet/l2_packet_freebsd.c 2023-09-11 22:12:22.076149000 -0700 ++++ src/l2_packet/l2_packet_freebsd.c 2023-09-11 22:20:43.328481000 -0700 @@ -8,7 +8,10 @@ */ @@ -12,7 +12,15 @@ #include #endif /* __APPLE__ */ #include -@@ -76,24 +79,28 @@ +@@ -20,6 +23,7 @@ + #include + #endif /* __sun__ */ + ++#include + #include + #include + #include +@@ -76,24 +80,33 @@ { struct l2_packet_data *l2 = eloop_ctx; pcap_t *pcap = sock_ctx; @@ -43,6 +51,24 @@ buf = (unsigned char *) (ethhdr + 1); - len = hdr.caplen - sizeof(*ethhdr); + len = hdr->caplen - sizeof(*ethhdr); ++ /* handle 8021Q encapsulated frames */ ++ if (ethhdr->h_proto == htons(ETH_P_8021Q)) { ++ buf += ETHER_VLAN_ENCAP_LEN; ++ len -= ETHER_VLAN_ENCAP_LEN; ++ } } l2->rx_callback(l2->rx_callback_ctx, ethhdr->h_source, buf, len); } +@@ -122,10 +135,10 @@ + os_snprintf(pcap_filter, sizeof(pcap_filter), + "not ether src " MACSTR " and " + "( ether dst " MACSTR " or ether dst " MACSTR " ) and " +- "ether proto 0x%x", ++ "( ether proto 0x%x or ( vlan 0 and ether proto 0x%x ) )", + MAC2STR(l2->own_addr), /* do not receive own packets */ + MAC2STR(l2->own_addr), MAC2STR(pae_group_addr), +- protocol); ++ protocol, protocol); + if (pcap_compile(l2->pcap, &pcap_fp, pcap_filter, 1, pcap_netp) < 0) { + fprintf(stderr, "pcap_compile: %s\n", pcap_geterr(l2->pcap)); + return -1;