git: 810299b8d772 - main - security/wpa_supplicant210: Clone wpa_supplicant to wpa_supplicant210
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 21 Jul 2024 13:06:48 UTC
The branch main has been updated by cy:
URL: https://cgit.FreeBSD.org/ports/commit/?id=810299b8d772af83bf99cd9026b1b1e8f8a9e86a
commit 810299b8d772af83bf99cd9026b1b1e8f8a9e86a
Author: Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2024-07-21 12:54:28 +0000
Commit: Cy Schubert <cy@FreeBSD.org>
CommitDate: 2024-07-21 13:06:29 +0000
security/wpa_supplicant210: Clone wpa_supplicant to wpa_supplicant210
We clone security/wpa_supplicant to security/wpa_supplicant210 in
preparation for the wpa_supplicant update to 2.11. In case anyone is
having issues with it they can fall back to security/wpa_supplicant210.
---
security/Makefile | 1 +
security/wpa_supplicant210/Makefile | 226 +++++++++++++
security/wpa_supplicant210/distinfo | 3 +
security/wpa_supplicant210/files/Packet32.c | 366 +++++++++++++++++++++
security/wpa_supplicant210/files/Packet32.h | 65 ++++
security/wpa_supplicant210/files/ntddndis.h | 32 ++
.../files/patch-src_common_dhcp.h | 25 ++
.../files/patch-src_drivers_driver__bsd.c | 281 ++++++++++++++++
.../files/patch-src_drivers_driver__ndis.c | 89 +++++
.../patch-src_l2__packet_l2__packet__freebsd.c | 72 ++++
.../files/patch-src_utils_os__unix.c | 15 +
.../files/patch-src_wps_wps__upnp.c | 12 +
.../files/patch-wpa__supplicant_Makefile | 17 +
.../patch-wpa__supplicant_ctrl__iface__unix.c | 36 ++
.../files/patch-wpa__supplicant_main.c | 33 ++
.../files/patch-wpa__supplicant_pasn__supplicant.c | 14 +
.../files/patch-wpa__supplicant_wpa__supplicant.c | 16 +
security/wpa_supplicant210/files/pkg-message.in | 11 +
security/wpa_supplicant210/files/wpa_supplicant.in | 54 +++
security/wpa_supplicant210/pkg-descr | 12 +
security/wpa_supplicant210/pkg-plist | 5 +
21 files changed, 1385 insertions(+)
diff --git a/security/Makefile b/security/Makefile
index 06c16a8abb62..44bcadc9ed54 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -1385,6 +1385,7 @@
SUBDIR += wolfssl
SUBDIR += wpa_supplicant
SUBDIR += wpa_supplicant-devel
+ SUBDIR += wpa_supplicant210
SUBDIR += wpa_supplicant29
SUBDIR += xca
SUBDIR += xhash
diff --git a/security/wpa_supplicant210/Makefile b/security/wpa_supplicant210/Makefile
new file mode 100644
index 000000000000..64c26a652871
--- /dev/null
+++ b/security/wpa_supplicant210/Makefile
@@ -0,0 +1,226 @@
+PORTNAME= wpa_supplicant
+PORTVERSION= 2.10
+PORTREVISION= 10
+CATEGORIES= security net
+MASTER_SITES= https://w1.fi/releases/
+PKGNAMESUFFIX= 210
+
+MAINTAINER= cy@FreeBSD.org
+COMMENT= Supplicant (client) for WPA/802.1x protocols
+WWW= https://w1.fi/wpa_supplicant/
+
+LICENSE= BSD3CLAUSE
+LICENSE_FILE= ${WRKSRC}/README
+
+USES= cpe gmake pkgconfig:build readline ssl
+BUILD_WRKSRC= ${WRKSRC}/wpa_supplicant
+INSTALL_WRKSRC= ${WRKSRC}/src
+CFLAGS+= ${CPPFLAGS} # USES=readline only augments CPPFLAGS and LDFLAGS
+CFLAGS+= -I${OPENSSLINC}
+CFLAGS+= -Wno-deprecated-declarations
+LDFLAGS+= -L${OPENSSLLIB} -lutil
+MAKE_ENV= V=1
+
+SUB_FILES= pkg-message
+PORTDOCS= README ChangeLog
+
+CFG= ${BUILD_WRKSRC}/.config
+
+.if !exists(/etc/rc.d/wpa_supplicant)
+USE_RC_SUBR= wpa_supplicant
+.endif
+
+OPTIONS_MULTI= DRV EAP
+OPTIONS_MULTI_DRV= BSD WIRED NDIS TEST NONE #ROBOSWITCH
+OPTIONS_MULTI_EAP= TLS PEAP TTLS MD5 MSCHAPV2 GTC LEAP OTP PSK FAST \
+ SIM PWD PAX AKA AKA_PRIME SAKE GPSK TNC IKEV2 EKE
+OPTIONS_DEFINE= WPS WPS_ER WPS_NOREG WPS_NFC WPS_UPNP PKCS12 SMARTCARD \
+ HT_OVERRIDES VHT_OVERRIDES TLSV12 IEEE80211W \
+ IEEE80211R DEBUG_FILE DEBUG_SYSLOG PRIVSEP \
+ DELAYED_MIC IEEE80211N IEEE80211AC INTERWORKING \
+ IEEE8021X_EAPOL EAPOL_TEST \
+ HS20 NO_ROAMING P2P TDLS DBUS MATCH DOCS \
+ SIM_SIMULATOR USIM_SIMULATOR WEP
+OPTIONS_DEFAULT= BSD WIRED \
+ TLS PEAP TTLS MD5 MSCHAPV2 GTC LEAP OTP PSK \
+ WPS PKCS12 SMARTCARD IEEE80211R DEBUG_SYSLOG \
+ INTERWORKING HS20 DBUS MATCH IEEE80211R IEEE80211W \
+ IEEE8021X_EAPOL WPS_ER WPS_NFC WPS_UPNP \
+ FAST PWD PAX SAKE GPSK TNC IKEV2 EKE WEP
+OPTIONS_SUB=
+
+WPS_DESC= Wi-Fi Protected Setup
+WPS_ER_DESC= Enable WPS External Registrar
+WPS_NOREG_DESC= Disable open network credentials when registrar
+WPS_NFC_DESC= Near Field Communication (NFC) configuration
+WPS_UPNP_DESC= Universal Plug and Play support
+PKCS12_DESC= PKCS\#12 (PFS) support
+SMARTCARD_DESC= Private key on smartcard support
+HT_OVERRIDES_DESC= Disable HT/HT40, mask MCS rates, etc
+VHT_OVERRIDES_DESC= Disable VHT, mask MCS rates, etc
+TLSV12_DESC= Build with TLS v1.2 instead of TLS v1.0
+IEEE80211AC_DESC= Very High Throughput, AP mode (IEEE 802.11ac)
+IEEE80211N_DESC= High Throughput, AP mode (IEEE 802.11n)
+IEEE80211R_DESC= Fast BSS Transition (IEEE 802.11r-2008)
+IEEE80211W_DESC= Management Frame Protection (IEEE 802.11w)
+IEEE8021X_EAPOL_DESC= EAP over LAN support
+EAPOL_TEST_DESC= Development testing
+DEBUG_FILE_DESC= Support for writing debug log to a file
+DEBUG_SYSLOG_DESC= Send debug messages to syslog instead of stdout
+PRIVSEP_DESC= Privilege separation
+DELAYED_MIC_DESC= Mitigate TKIP attack, random delay on MIC errors
+INTERWORKING_DESC= Improve ext. network interworking (IEEE 802.11u)
+HS20_DESC= Hotspot 2.0
+NO_ROAMING_DESC= Disable roaming
+P2P_DESC= Peer-to-Peer support
+TDLS_DESC= Tunneled Direct Link Setup
+MATCH_DESC= Interface match mode
+
+DRV_DESC= Driver options
+BSD_DESC= BSD net80211 interface
+NDIS_DESC= Windows NDIS interface
+WIRED_DESC= Wired ethernet interface
+ROBOSWITCH_DESC= Broadcom Roboswitch interface
+TEST_DESC= Development testing interface
+NONE_DESC= The 'no driver' interface, e.g. WPS ER only
+
+EAP_DESC= Extensible Authentication Protocols
+TLS_DESC= Transport Layer Security
+PEAP_DESC= Protected Extensible Authentication Protocol
+TTLS_DESC= Tunneled Transport Layer Security
+MD5_DESC= MD5 hash (deprecated, no key generation)
+MSCHAPV2_DESC= Microsoft CHAP version 2 (RFC 2759)
+GTC_DESC= Generic Token Card
+LEAP_DESC= Lightweight Extensible Authentication Protocol
+OTP_DESC= One-Time Password
+PSK_DESC= Pre-Shared key
+FAST_DESC= Flexible Authentication via Secure Tunneling
+AKA_DESC= Autentication and Key Agreement (UMTS)
+AKA_PRIME_DESC= AKA Prime variant (RFC 5448)
+EKE_DESC= Encrypted Key Exchange
+WEP_DESC= WEP support
+SIM_DESC= Subscriber Identity Module
+SIM_SIMULATOR_DESC= SIM simulator (Milenage) for EAP-SIM
+USIM_SIMULATOR_DESC= SIM simulator (Milenage) for EAP-AKA
+IKEV2_DESC= Internet Key Exchange version 2
+PWD_DESC= Shared password (RFC 5931)
+PAX_DESC= Password Authenticated Exchange
+SAKE_DESC= Shared-Secret Authentication & Key Establishment
+GPSK_DESC= Generalized Pre-Shared Key
+TNC_DESC= Trusted Network Connect
+
+PRIVSEP_PLIST_FILES= sbin/wpa_priv
+DBUS_PLIST_FILES= share/dbus-1/system-services/fi.w1.wpa_supplicant1.service \
+ etc/dbus-1/system.d/dbus-wpa_supplicant.conf
+
+.include <bsd.port.pre.mk>
+
+.if ${PORT_OPTIONS:MNDIS} && ${PORT_OPTIONS:MPRIVSEP}
+BROKEN= Fails to compile with both NDIS and PRIVSEP
+.endif
+
+.if ${PORT_OPTIONS:MIEEE80211AC} && ${PORT_OPTIONS:MIEEE80211N}
+BROKEN= Fails to compile with both IEEE80211AC and IEEE80211N
+.endif
+
+.if ${PORT_OPTIONS:MSIM} || ${PORT_OPTIONS:MAKA} || ${PORT_OPTIONS:MAKA_PRIME}
+LIB_DEPENDS+= libpcsclite.so:devel/pcsc-lite
+CFLAGS+= -I${LOCALBASE}/include/PCSC
+LDFLAGS+= -L${LOCALBASE}/lib
+.endif
+
+.if ${PORT_OPTIONS:MDBUS}
+LIB_DEPENDS+= libdbus-1.so:devel/dbus
+.endif
+
+post-patch:
+ @${CP} ${FILESDIR}/Packet32.[ch] ${FILESDIR}/ntddndis.h \
+ ${WRKSRC}/src/utils
+ # Set driver(s)
+.for item in BSD NDIS WIRED ROBOSWITCH TEST NONE
+. if ${PORT_OPTIONS:M${item}}
+ @${ECHO_CMD} CONFIG_DRIVER_${item}=y >> ${CFG}
+. endif
+.endfor
+ # Set EAP protocol(s)
+.for item in MD5 MSCHAPV2 TLS PEAP TTLS FAST GTC OTP PSK PWD PAX LEAP SIM \
+ AKA AKA_PRIME SAKE GPSK TNC IKEV2 EKE WEP
+. if ${PORT_OPTIONS:M${item}}
+ @${ECHO_CMD} CONFIG_EAP_${item:tu}=y >> ${CFG}
+. endif
+.endfor
+.if ${PORT_OPTIONS:MSIM} || ${PORT_OPTIONS:MAKA} || ${PORT_OPTIONS:MAKA_PRIME}
+ @${ECHO_CMD} CONFIG_PCSC=y >> ${CFG}
+.endif
+.for simple in WPS WPS_ER WPS_NFC WPS_UPNP PKCS12 SMARTCARD HT_OVERRIDES \
+ VHT_OVERRIDES TLSV12 IEEE80211AC IEEE80211N IEEE80211R IEEE80211W \
+ IEEE8021X_EAPOL EAPOL_TEST \
+ INTERWORKING DEBUG_FILE DEBUG_SYSLOG HS20 NO_ROAMING PRIVSEP P2P TDLS
+. if ${PORT_OPTIONS:M${simple}}
+ @${ECHO_CMD} CONFIG_${simple}=y >> ${CFG}
+. endif
+.endfor
+.for item in READLINE PEERKEY
+ @${ECHO_CMD} CONFIG_${item}=y >> ${CFG}
+.endfor
+.if ${PORT_OPTIONS:MIEEE80211AC} || ${PORT_OPTIONS:MIEEE80211N}
+ @${ECHO_CMD} CONFIG_AP=y >> ${CFG}
+.endif
+.if ${PORT_OPTIONS:MGPSK}
+ # GPSK desired, assume highest SHA desired too
+ @${ECHO_CMD} CONFIG_EAP_GPSK_SHA256=y >> ${CFG}
+.endif
+.if ${PORT_OPTIONS:MWPS_NOREG}
+ @${ECHO_CMD} CONFIG_WPS_REG_DISABLE_OPEN=y >> ${CFG}
+.endif
+.if ${PORT_OPTIONS:MDELAYED_MIC}
+ @${ECHO_CMD} CONFIG_DELAYED_MIC_ERROR_REPORT=y >> ${CFG}
+.endif
+.if ${PORT_OPTIONS:MDBUS}
+ @${ECHO_CMD} CONFIG_CTRL_IFACE_DBUS_NEW=y >> ${CFG}
+ @${ECHO_CMD} CONFIG_CTRL_IFACE_DBUS_INTRO=y >> ${CFG}
+.endif
+.if ${PORT_OPTIONS:MMATCH}
+ @${ECHO_CMD} CONFIG_MATCH_IFACE=y >> ${CFG}
+.endif
+.if ${PORT_OPTIONS:MUSIM_SIMULATOR}
+ @${ECHO_CMD} CONFIG_USIM_SIMULATOR=y >> ${CFG}
+.endif
+.if ${PORT_OPTIONS:MSIM_SIMULATOR}
+ @${ECHO_CMD} CONFIG_SIM_SIMULATOR=y >> ${CFG}
+.endif
+ @${ECHO_CMD} CONFIG_OS=unix >> ${CFG}
+ @${ECHO_CMD} CONFIG_CTRL_IFACE=unix >> ${CFG}
+ @${ECHO_CMD} CONFIG_BACKEND=file >> ${CFG}
+ @${ECHO_CMD} CONFIG_L2_PACKET=freebsd >> ${CFG}
+ @${ECHO_CMD} CONFIG_TLS=openssl >> ${CFG}
+
+post-build-EAPOL_TEST-on:
+ cd ${BUILD_WRKSRC} && ${GMAKE} eapol_test
+
+do-install:
+ (cd ${BUILD_WRKSRC} && ${INSTALL_PROGRAM} wpa_supplicant wpa_cli \
+ wpa_passphrase ${STAGEDIR}${PREFIX}/sbin)
+ ${INSTALL_DATA} ${BUILD_WRKSRC}/wpa_supplicant.conf \
+ ${STAGEDIR}${PREFIX}/etc/wpa_supplicant.conf.sample
+
+do-install-EAPOL_TEST-on:
+ ${INSTALL_PROGRAM} ${BUILD_WRKSRC}/eapol_test ${STAGEDIR}${PREFIX}/sbin
+
+do-install-DOCS-on:
+ @${MKDIR} ${STAGEDIR}${DOCSDIR}
+ (cd ${BUILD_WRKSRC} && \
+ ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR})
+
+do-install-PRIVSEP-on:
+ ${INSTALL_PROGRAM} ${BUILD_WRKSRC}/wpa_priv ${STAGEDIR}${PREFIX}/sbin
+
+do-install-DBUS-on:
+ @${MKDIR} ${STAGEDIR}${PREFIX}/share/dbus-1/system-services/
+ @${MKDIR} ${STAGEDIR}${PREFIX}/etc/dbus-1/system.d/
+ ${INSTALL_DATA} ${BUILD_WRKSRC}/dbus/fi.w1.wpa_supplicant1.service \
+ ${STAGEDIR}${PREFIX}/share/dbus-1/system-services/
+ ${INSTALL_DATA} ${BUILD_WRKSRC}/dbus/dbus-wpa_supplicant.conf \
+ ${STAGEDIR}${PREFIX}/etc/dbus-1/system.d/
+
+.include <bsd.port.post.mk>
diff --git a/security/wpa_supplicant210/distinfo b/security/wpa_supplicant210/distinfo
new file mode 100644
index 000000000000..5cdea91002ec
--- /dev/null
+++ b/security/wpa_supplicant210/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1642435837
+SHA256 (wpa_supplicant-2.10.tar.gz) = 20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f
+SIZE (wpa_supplicant-2.10.tar.gz) = 3511622
diff --git a/security/wpa_supplicant210/files/Packet32.c b/security/wpa_supplicant210/files/Packet32.c
new file mode 100644
index 000000000000..95cae8c5c975
--- /dev/null
+++ b/security/wpa_supplicant210/files/Packet32.c
@@ -0,0 +1,366 @@
+/*-
+ * Copyright (c) 2005
+ * Bill Paul <wpaul@windriver.com>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Bill Paul.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This file implements a small portion of the Winpcap API for the
+ * Windows NDIS interface in wpa_supplicant. It provides just enough
+ * routines to fool wpa_supplicant into thinking it's really running
+ * in a Windows environment.
+ */
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/socket.h>
+#include <sys/ioctl.h>
+#include <sys/errno.h>
+#include <sys/sysctl.h>
+#include <sys/fcntl.h>
+#include <net/if.h>
+#include <net/if_dl.h>
+#include <net/if_var.h>
+
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+#include <net/route.h>
+
+#ifdef __FreeBSD__
+#include <net80211/ieee80211_ioctl.h>
+#endif
+#ifdef __DragonFly__
+#include <netproto/802_11/ieee80211_ioctl.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <pcap.h>
+
+#include "Packet32.h"
+
+#define OID_802_11_ADD_KEY 0x0d01011D
+
+typedef ULONGLONG NDIS_802_11_KEY_RSC;
+typedef UCHAR NDIS_802_11_MAC_ADDRESS[6];
+
+typedef struct NDIS_802_11_KEY {
+ ULONG Length;
+ ULONG KeyIndex;
+ ULONG KeyLength;
+ NDIS_802_11_MAC_ADDRESS BSSID;
+ NDIS_802_11_KEY_RSC KeyRSC;
+ UCHAR KeyMaterial[1];
+} NDIS_802_11_KEY;
+
+typedef struct NDIS_802_11_KEY_COMPAT {
+ ULONG Length;
+ ULONG KeyIndex;
+ ULONG KeyLength;
+ NDIS_802_11_MAC_ADDRESS BSSID;
+ UCHAR Pad[6]; /* Make struct layout match Windows. */
+ NDIS_802_11_KEY_RSC KeyRSC;
+#ifdef notdef
+ UCHAR KeyMaterial[1];
+#endif
+} NDIS_802_11_KEY_COMPAT;
+
+#define TRUE 1
+#define FALSE 0
+
+struct adapter {
+ int socket;
+ char name[IFNAMSIZ];
+ int prev_roaming;
+};
+
+PCHAR
+PacketGetVersion(void)
+{
+ return("FreeBSD WinPcap compatibility shim v1.0");
+}
+
+void *
+PacketOpenAdapter(CHAR *iface)
+{
+ struct adapter *a;
+ int s;
+ int ifflags;
+ struct ifreq ifr;
+ struct ieee80211req ireq;
+
+ s = socket(PF_INET, SOCK_DGRAM, 0);
+
+ if (s == -1)
+ return(NULL);
+
+ a = malloc(sizeof(struct adapter));
+ if (a == NULL)
+ return(NULL);
+
+ a->socket = s;
+ if (strncmp(iface, "\\Device\\NPF_", 12) == 0)
+ iface += 12;
+ else if (strncmp(iface, "\\DEVICE\\", 8) == 0)
+ iface += 8;
+ snprintf(a->name, IFNAMSIZ, "%s", iface);
+
+ /* Turn off net80211 roaming */
+ bzero((char *)&ireq, sizeof(ireq));
+ strncpy(ireq.i_name, iface, sizeof (ifr.ifr_name));
+ ireq.i_type = IEEE80211_IOC_ROAMING;
+ if (ioctl(a->socket, SIOCG80211, &ireq) == 0) {
+ a->prev_roaming = ireq.i_val;
+ ireq.i_val = IEEE80211_ROAMING_MANUAL;
+ if (ioctl(a->socket, SIOCS80211, &ireq) < 0)
+ fprintf(stderr,
+ "Could not set IEEE80211_ROAMING_MANUAL\n");
+ }
+
+ bzero((char *)&ifr, sizeof(ifr));
+ strncpy(ifr.ifr_name, iface, sizeof (ifr.ifr_name));
+ if (ioctl(a->socket, SIOCGIFFLAGS, (caddr_t)&ifr) < 0) {
+ free(a);
+ close(s);
+ return(NULL);
+ }
+ ifr.ifr_flags |= IFF_UP;
+ if (ioctl(a->socket, SIOCSIFFLAGS, (caddr_t)&ifr) < 0) {
+ free(a);
+ close(s);
+ return(NULL);
+ }
+
+ return(a);
+}
+
+int
+PacketRequest(void *iface, BOOLEAN set, PACKET_OID_DATA *oid)
+{
+ struct adapter *a;
+ uint32_t retval;
+ struct ifreq ifr;
+ NDIS_802_11_KEY *old;
+ NDIS_802_11_KEY_COMPAT *new;
+ PACKET_OID_DATA *o = NULL;
+
+ if (iface == NULL)
+ return(-1);
+
+ a = iface;
+ bzero((char *)&ifr, sizeof(ifr));
+
+ /*
+ * This hack is necessary to work around a difference
+ * betwee the GNU C and Microsoft C compilers. The NDIS_802_11_KEY
+ * structure has a uint64_t in it, right after an array of
+ * chars. The Microsoft compiler inserts padding right before
+ * the 64-bit value to align it on a 64-bit boundary, but
+ * GCC only aligns it on a 32-bit boundary. Trying to pass
+ * the GCC-formatted structure to an NDIS binary driver
+ * fails because some of the fields appear to be at the
+ * wrong offsets.
+ *
+ * To get around this, if we detect someone is trying to do
+ * a set operation on OID_802_11_ADD_KEY, we shuffle the data
+ * into a properly padded structure and pass that into the
+ * driver instead. This allows the driver_ndis.c code supplied
+ * with wpa_supplicant to work unmodified.
+ */
+
+ if (set == TRUE && oid->Oid == OID_802_11_ADD_KEY) {
+ old = (NDIS_802_11_KEY *)&oid->Data;
+ o = malloc(sizeof(PACKET_OID_DATA) +
+ sizeof(NDIS_802_11_KEY_COMPAT) + old->KeyLength);
+ if (o == NULL)
+ return(0);
+ bzero((char *)o, sizeof(PACKET_OID_DATA) +
+ sizeof(NDIS_802_11_KEY_COMPAT) + old->KeyLength);
+ o->Oid = oid->Oid;
+ o->Length = sizeof(NDIS_802_11_KEY_COMPAT) + old->KeyLength;
+ new = (NDIS_802_11_KEY_COMPAT *)&o->Data;
+ new->KeyRSC = old->KeyRSC;
+ new->Length = o->Length;
+ new->KeyIndex = old->KeyIndex;
+ new->KeyLength = old->KeyLength;
+ bcopy(old->BSSID, new->BSSID, sizeof(NDIS_802_11_MAC_ADDRESS));
+ bcopy(old->KeyMaterial, (char *)new +
+ sizeof(NDIS_802_11_KEY_COMPAT), new->KeyLength);
+ ifr.ifr_data = (caddr_t)o;
+ } else
+ ifr.ifr_data = (caddr_t)oid;
+
+ strlcpy(ifr.ifr_name, a->name, sizeof(ifr.ifr_name));
+
+ if (set == TRUE)
+ retval = ioctl(a->socket, SIOCSDRVSPEC, &ifr);
+ else
+ retval = ioctl(a->socket, SIOCGDRVSPEC, &ifr);
+
+ if (o != NULL)
+ free(o);
+
+ if (retval)
+ return(0);
+
+ return(1);
+}
+
+int
+PacketGetAdapterNames(CHAR *namelist, ULONG *len)
+{
+ int mib[6];
+ size_t needed;
+ struct if_msghdr *ifm;
+ struct sockaddr_dl *sdl;
+ char *buf, *lim, *next;
+ char *plist;
+ int spc;
+ int i, ifcnt = 0;
+
+ plist = namelist;
+ spc = 0;
+
+ bzero(plist, *len);
+
+ needed = 0;
+ mib[0] = CTL_NET;
+ mib[1] = PF_ROUTE;
+ mib[2] = 0; /* protocol */
+ mib[3] = 0; /* wildcard address family */
+ mib[4] = NET_RT_IFLIST;
+ mib[5] = 0; /* no flags */
+
+ if (sysctl (mib, 6, NULL, &needed, NULL, 0) < 0)
+ return(FALSE);
+
+ buf = malloc (needed);
+ if (buf == NULL)
+ return(FALSE);
+
+ if (sysctl (mib, 6, buf, &needed, NULL, 0) < 0) {
+ free(buf);
+ return(FALSE);
+ }
+
+ lim = buf + needed;
+
+ /* Generate interface name list. */
+
+ next = buf;
+ while (next < lim) {
+ ifm = (struct if_msghdr *)next;
+ if (ifm->ifm_type == RTM_IFINFO) {
+ sdl = (struct sockaddr_dl *)(ifm + 1);
+ if (strnstr(sdl->sdl_data, "wlan", sdl->sdl_nlen)) {
+ if ((spc + sdl->sdl_nlen) > *len) {
+ free(buf);
+ return(FALSE);
+ }
+ strncpy(plist, sdl->sdl_data, sdl->sdl_nlen);
+ plist += (sdl->sdl_nlen + 1);
+ spc += (sdl->sdl_nlen + 1);
+ ifcnt++;
+ }
+ }
+ next += ifm->ifm_msglen;
+ }
+
+
+ /* Insert an extra "" as a spacer */
+
+ plist++;
+ spc++;
+
+ /*
+ * Now generate the interface description list. There
+ * must be a unique description for each interface, and
+ * they have to match what the ndis_events program will
+ * feed in later. To keep this simple, we just repeat
+ * the interface list over again.
+ */
+
+ next = buf;
+ while (next < lim) {
+ ifm = (struct if_msghdr *)next;
+ if (ifm->ifm_type == RTM_IFINFO) {
+ sdl = (struct sockaddr_dl *)(ifm + 1);
+ if (strnstr(sdl->sdl_data, "wlan", sdl->sdl_nlen)) {
+ if ((spc + sdl->sdl_nlen) > *len) {
+ free(buf);
+ return(FALSE);
+ }
+ strncpy(plist, sdl->sdl_data, sdl->sdl_nlen);
+ plist += (sdl->sdl_nlen + 1);
+ spc += (sdl->sdl_nlen + 1);
+ ifcnt++;
+ }
+ }
+ next += ifm->ifm_msglen;
+ }
+
+ free (buf);
+
+ *len = spc + 1;
+
+ return(TRUE);
+}
+
+void
+PacketCloseAdapter(void *iface)
+{
+ struct adapter *a;
+ struct ifreq ifr;
+ struct ieee80211req ireq;
+
+ if (iface == NULL)
+ return;
+
+ a = iface;
+
+ /* Reset net80211 roaming */
+ bzero((char *)&ireq, sizeof(ireq));
+ strncpy(ireq.i_name, a->name, sizeof (ifr.ifr_name));
+ ireq.i_type = IEEE80211_IOC_ROAMING;
+ ireq.i_val = a->prev_roaming;
+ ioctl(a->socket, SIOCS80211, &ireq);
+
+ bzero((char *)&ifr, sizeof(ifr));
+ strncpy(ifr.ifr_name, a->name, sizeof (ifr.ifr_name));
+ ioctl(a->socket, SIOCGIFFLAGS, (caddr_t)&ifr);
+ ifr.ifr_flags &= ~IFF_UP;
+ ioctl(a->socket, SIOCSIFFLAGS, (caddr_t)&ifr);
+ close(a->socket);
+ free(a);
+
+ return;
+}
diff --git a/security/wpa_supplicant210/files/Packet32.h b/security/wpa_supplicant210/files/Packet32.h
new file mode 100644
index 000000000000..c75e5f9dfe91
--- /dev/null
+++ b/security/wpa_supplicant210/files/Packet32.h
@@ -0,0 +1,65 @@
+/*-
+ * Copyright (c) 2005
+ * Bill Paul <wpaul@windriver.com>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Bill Paul.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _PACKET32_H_
+#define _PACKET32_H_
+
+#include <sys/types.h>
+#include <ntddndis.h>
+
+struct PACKET_OID_DATA {
+ uint32_t Oid;
+ uint32_t Length;
+ uint8_t Data[1];
+};
+
+
+typedef struct PACKET_OID_DATA PACKET_OID_DATA;
+
+extern PCHAR PacketGetVersion(void);
+extern void *PacketOpenAdapter(CHAR *);
+extern int PacketRequest(void *, BOOLEAN, PACKET_OID_DATA *);
+extern int PacketGetAdapterNames(CHAR *, ULONG *);
+extern void PacketCloseAdapter(void *);
+
+/*
+ * This is for backwards compatibility on FreeBSD 5.
+ */
+
+#ifndef SIOCGDRVSPEC
+#define SIOCSDRVSPEC _IOW('i', 123, struct ifreq) /* set driver-specific
+ parameters */
+#define SIOCGDRVSPEC _IOWR('i', 123, struct ifreq) /* get driver-specific
+ parameters */
+#endif
+
+#endif /* _PACKET32_H_ */
diff --git a/security/wpa_supplicant210/files/ntddndis.h b/security/wpa_supplicant210/files/ntddndis.h
new file mode 100644
index 000000000000..0af0ce858b03
--- /dev/null
+++ b/security/wpa_supplicant210/files/ntddndis.h
@@ -0,0 +1,32 @@
+#ifndef _NTDDNDIS_H_
+#define _NTDDNDIS_H_
+
+/*
+ * Fake up some of the Windows type definitions so that the NDIS
+ * interface module in wpa_supplicant will build.
+ */
+
+#define ULONG uint32_t
+#define USHORT uint16_t
+#define UCHAR uint8_t
+#define LONG int32_t
+#define SHORT int16_t
+#if __FreeBSD__
+#define CHAR char
+#else
+#define CHAR int8_t
+#endif
+#define ULONGLONG uint64_t
+#define LONGLONG int64_t
+#define BOOLEAN uint8_t
+typedef void * LPADAPTER;
+typedef char * PTSTR;
+typedef char * PCHAR;
+
+#define TRUE 1
+#define FALSE 0
+
+#define OID_802_3_CURRENT_ADDRESS 0x01010102
+#define OID_802_3_MULTICAST_LIST 0x01010103
+
+#endif /* _NTDDNDIS_H_ */
diff --git a/security/wpa_supplicant210/files/patch-src_common_dhcp.h b/security/wpa_supplicant210/files/patch-src_common_dhcp.h
new file mode 100644
index 000000000000..f88d1921a380
--- /dev/null
+++ b/security/wpa_supplicant210/files/patch-src_common_dhcp.h
@@ -0,0 +1,25 @@
+--- src/common/dhcp.h.orig 2018-12-02 11:34:59.000000000 -0800
++++ src/common/dhcp.h 2018-12-06 00:01:11.429254000 -0800
+@@ -9,6 +9,22 @@
+ #ifndef DHCP_H
+ #define DHCP_H
+
++/*
++ * Translate Linux to FreeBSD
++ */
++#define iphdr ip
++#define ihl ip_hl
++#define verson ip_v
++#define tos ip_tos
++#define tot_len ip_len
++#define id ip_id
++#define frag_off ip_off
++#define ttl ip_ttl
++#define protocol ip_p
++#define check ip_sum
++#define saddr ip_src
++#define daddr ip_dst
++
+ #include <netinet/ip.h>
+ #if __FAVOR_BSD
+ #include <netinet/udp.h>
diff --git a/security/wpa_supplicant210/files/patch-src_drivers_driver__bsd.c b/security/wpa_supplicant210/files/patch-src_drivers_driver__bsd.c
new file mode 100644
index 000000000000..dd72e1710cbd
--- /dev/null
+++ b/security/wpa_supplicant210/files/patch-src_drivers_driver__bsd.c
@@ -0,0 +1,281 @@
+--- src/drivers/driver_bsd.c.orig 2022-01-16 12:51:29.000000000 -0800
++++ src/drivers/driver_bsd.c 2023-09-10 23:07:12.329586000 -0700
+@@ -14,6 +14,7 @@
+ #include "driver.h"
+ #include "eloop.h"
+ #include "common/ieee802_11_defs.h"
++#include "common/ieee802_11_common.h"
+ #include "common/wpa_common.h"
+
+ #include <ifaddrs.h>
+@@ -293,8 +294,9 @@
+ }
+
+ static int
+-bsd_get_iface_flags(struct bsd_driver_data *drv)
++bsd_ctrl_iface(void *priv, int enable)
+ {
++ struct bsd_driver_data *drv = priv;
+ struct ifreq ifr;
+
+ os_memset(&ifr, 0, sizeof(ifr));
+@@ -306,7 +308,34 @@
+ return -1;
+ }
+ drv->flags = ifr.ifr_flags;
++
++
++ if (enable) {
++ if (ifr.ifr_flags & IFF_UP)
++ goto nochange;
++ ifr.ifr_flags |= IFF_UP;
++ } else {
++ if (!(ifr.ifr_flags & IFF_UP))
++ goto nochange;
++ ifr.ifr_flags &= ~IFF_UP;
++ }
++
++ if (ioctl(drv->global->sock, SIOCSIFFLAGS, &ifr) < 0) {
++ wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s",
++ strerror(errno));
++ return -1;
++ }
++
++ wpa_printf(MSG_DEBUG, "%s: if %s (changed) enable %d IFF_UP %d ",
++ __func__, drv->ifname, enable, ((ifr.ifr_flags & IFF_UP) != 0));
++
++ drv->flags = ifr.ifr_flags;
+ return 0;
++
++nochange:
++ wpa_printf(MSG_DEBUG, "%s: if %s (no change) enable %d IFF_UP %d ",
++ __func__, drv->ifname, enable, ((ifr.ifr_flags & IFF_UP) != 0));
++ return 0;
+ }
+
+ static int
+@@ -525,7 +554,7 @@
+ __func__);
+ return -1;
+ }
+- return 0;
++ return bsd_ctrl_iface(priv, 1);
+ }
+
+ static void
+@@ -853,14 +882,18 @@
+ drv = bsd_get_drvindex(global, ifm->ifm_index);
+ if (drv == NULL)
+ return;
+- if ((ifm->ifm_flags & IFF_UP) == 0 &&
+- (drv->flags & IFF_UP) != 0) {
++ if (((ifm->ifm_flags & IFF_UP) == 0 ||
++ (ifm->ifm_flags & IFF_RUNNING) == 0) &&
++ (drv->flags & IFF_UP) != 0 &&
++ (drv->flags & IFF_RUNNING) != 0) {
+ wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' DOWN",
+ drv->ifname);
+ wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED,
+ NULL);
+ } else if ((ifm->ifm_flags & IFF_UP) != 0 &&
+- (drv->flags & IFF_UP) == 0) {
++ (ifm->ifm_flags & IFF_RUNNING) != 0 &&
++ ((drv->flags & IFF_UP) == 0 ||
++ (drv->flags & IFF_RUNNING) == 0)) {
+ wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' UP",
+ drv->ifname);
+ wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
+@@ -1025,7 +1058,8 @@
+ if (l2_packet_get_own_addr(drv->sock_xmit, params->own_addr))
+ goto bad;
+
+- if (bsd_get_iface_flags(drv) < 0)
++ /* mark down during setup */
++ if (bsd_ctrl_iface(drv, 0) < 0)
+ goto bad;
+
+ if (bsd_set_mediaopt(drv, IFM_OMASK, IFM_IEEE80211_HOSTAP) < 0) {
+@@ -1050,12 +1084,13 @@
+ {
+ struct bsd_driver_data *drv = priv;
+
++ if (drv->ifindex != 0)
++ bsd_ctrl_iface(drv, 0);
+ if (drv->sock_xmit != NULL)
+ l2_packet_deinit(drv->sock_xmit);
+ os_free(drv);
+ }
+
+-
+ static int
+ bsd_set_sta_authorized(void *priv, const u8 *addr,
+ unsigned int total_flags, unsigned int flags_or,
+@@ -1197,13 +1232,41 @@
+ }
+
+ static int
++wpa_driver_bsd_set_rsn_wpa_ie(struct bsd_driver_data * drv,
++ struct wpa_driver_associate_params *params, const u8 *ie)
++{
++ int privacy;
++ size_t ie_len = ie[1] ? ie[1] + 2 : 0;
++
++ /* XXX error handling is wrong but unclear what to do... */
++ if (wpa_driver_bsd_set_wpa_ie(drv, ie, ie_len) < 0)
++ return -1;
++
++ privacy = !(params->pairwise_suite == WPA_CIPHER_NONE &&
++ params->group_suite == WPA_CIPHER_NONE &&
++ params->key_mgmt_suite == WPA_KEY_MGMT_NONE);
++ wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__,
++ privacy);
++
++ if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0)
++ return -1;
++
++ if (ie_len &&
++ set80211param(drv, IEEE80211_IOC_WPA,
++ ie[0] == WLAN_EID_RSN ? 2 : 1) < 0)
++ return -1;
++
++ return 0;
++}
++
++static int
+ wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params)
+ {
+ struct bsd_driver_data *drv = priv;
+ struct ieee80211req_mlme mlme;
+ u32 mode;
+- int privacy;
+ int ret = 0;
++ const u8 *wpa_ie, *rsn_ie;
+
+ wpa_printf(MSG_DEBUG,
+ "%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u"
+@@ -1220,7 +1283,10 @@
+ mode = 0 /* STA */;
+ break;
+ case IEEE80211_MODE_IBSS:
++#if 0
+ mode = IFM_IEEE80211_IBSS;
++#endif
++ mode = IFM_IEEE80211_ADHOC;
+ break;
+ case IEEE80211_MODE_AP:
+ mode = IFM_IEEE80211_HOSTAP;
+@@ -1249,24 +1315,33 @@
+ ret = -1;
+ if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0)
+ ret = -1;
+- /* XXX error handling is wrong but unclear what to do... */
+- if (wpa_driver_bsd_set_wpa_ie(drv, params->wpa_ie, params->wpa_ie_len) < 0)
+- return -1;
+
+- privacy = !(params->pairwise_suite == WPA_CIPHER_NONE &&
+- params->group_suite == WPA_CIPHER_NONE &&
*** 569 LINES SKIPPED ***