History log of /freebsd-head/contrib/wpa/
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
12309a187e8e0fd5643493f2027805e20411891f 09-Jun-2020 cy <cy@FreeBSD.org> Post CVE-2020-12695 cleanup patch:

Resolve a Linuxism to fix the build.

MFC after: 3 days
X-MFC with: r361957, r361958, r361959
rc/wps/wps_upnp.c
96c7316a348a37c22bb817620ab82bed923b0985 09-Jun-2020 cy <cy@FreeBSD.org> MFV r361938:

Upstream commit message:

[PATCH 3/3] WPS UPnP: Handle HTTP initiation failures for events more
properly

While it is appropriate to try to retransmit the event to another
callback URL on a failure to initiate the HTTP client connection, there
is no point in trying the exact same operation multiple times in a row.
Replve the event_retry() calls with event_addr_failure() for these cases
to avoid busy loops trying to repeat the same failing operation.

These potential busy loops would go through eloop callbacks, so the
process is not completely stuck on handling them, but unnecessary CPU
would be used to process the continues retries that will keep failing
for the same reason.

Obtained from: https://w1.fi/security/2020-1/\
0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
MFC after: 3 days
Security: VU#339275 and CVE-2020-12695
rc/wps/wps_upnp_event.c
57dd0bae15b3ead5beb2d4533ac38f33b89da8e6 09-Jun-2020 cy <cy@FreeBSD.org> MFV r361937:

Upstream commit message:

[PATCH 2/3] WPS UPnP: Fix event message generation using a long URL path

More than about 700 character URL ended up overflowing the wpabuf used
for building the event notification and this resulted in the wpabuf
buffer overflow checks terminating the hostapd process. Fix this by
allocating the buffer to be large enough to contain the full URL path.
However, since that around 700 character limit has been the practical
limit for more than ten years, start explicitly enforcing that as the
limit or the callback URLs since any longer ones had not worked before
and there is no need to enable them now either.

Obtained from: https://w1.fi/security/2020-1/\
0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
MFC after: 3 days
Security: VU#339275 and CVE-2020-12695
rc/wps/wps_upnp.c
rc/wps/wps_upnp_event.c
16772590543311e143b07b81f31fe1d0f1d728e9 09-Jun-2020 cy <cy@FreeBSD.org> MFV r361936:

Upstream commit message:

[PATCH 1/3] WPS UPnP: Do not allow event subscriptions with URLs to
other networks

The UPnP Device Architecture 2.0 specification errata ("UDA errata
16-04-2020.docx") addresses a problem with notifications being allowed
to go out to other domains by disallowing such cases. Do such filtering
for the notification callback URLs to avoid undesired connections to
external networks based on subscriptions that any device in the local
network could request when WPS support for external registrars is
enabled (the upnp_iface parameter in hostapd configuration).

Obtained from: https://w1.fi/security/2020-1/\
0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
MFC after: 3 days
Security: VU#339275 and CVE-2020-12695
rc/wps/wps_er.c
rc/wps/wps_upnp.c
rc/wps/wps_upnp_i.h
0cb8021f74a266153759b08dd020220006ae603c 20-May-2020 cy <cy@FreeBSD.org> Silence the once per second CTRL-EVENT-SCAN-FAILED errors when the WiFi
radio is disabled through the communication device toggle key (also known
as the RF raidio kill button). Only the CTRL-EVENT-DISCONNECTED will be
issued.

Submitted by: avg
Reported by: avg
MFC after: 1 week
rc/drivers/driver_bsd.c
53d87406a66ba1a3f905f17ee5dc5649e33da79b 22-Aug-2019 cy <cy@FreeBSD.org> MFV r346563:

Update wpa 2.8 --> 2.9

hostapd:
* SAE changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* EAP-pwd changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* fixed FT-EAP initial mobility domain association using PMKSA caching
* added configuration of airtime policy
* fixed FILS to and RSNE into (Re)Association Response frames
* fixed DPP bootstrapping URI parser of channel list
* added support for regulatory WMM limitation (for ETSI)
* added support for MACsec Key Agreement using IEEE 802.1X/PSK
* added experimental support for EAP-TEAP server (RFC 7170)
* added experimental support for EAP-TLS server with TLS v1.3
* added support for two server certificates/keys (RSA/ECC)
* added AKMSuiteSelector into "STA <addr>" control interface data to
determine with AKM was used for an association
* added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and
fast reauthentication use to be disabled
* fixed an ECDH operation corner case with OpenSSL

wpa_supplicant:
* SAE changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* EAP-pwd changes
- disable use of groups using Brainpool curves
- allow the set of groups to be configured (eap_pwd_groups)
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* fixed FT-EAP initial mobility domain association using PMKSA caching
(disabled by default for backwards compatibility; can be enabled
with ft_eap_pmksa_caching=1)
* fixed a regression in OpenSSL 1.1+ engine loading
* added validation of RSNE in (Re)Association Response frames
* fixed DPP bootstrapping URI parser of channel list
* extended EAP-SIM/AKA fast re-authentication to allow use with FILS
* extended ca_cert_blob to support PEM format
* improved robustness of P2P Action frame scheduling
* added support for EAP-SIM/AKA using anonymous@realm identity
* fixed Hotspot 2.0 credential selection based on roaming consortium
to ignore credentials without a specific EAP method
* added experimental support for EAP-TEAP peer (RFC 7170)
* added experimental support for EAP-TLS peer with TLS v1.3
* fixed a regression in WMM parameter configuration for a TDLS peer
* fixed a regression in operation with drivers that offload 802.1X
4-way handshake
* fixed an ECDH operation corner case with OpenSSL

MFC after: 1 week
Security: https://w1.fi/security/2019-6/\
sae-eap-pwd-side-channel-attack-update.txt
5ab4684305e226d9c6508f3ee12e8df41c9f6adb 16-May-2019 cy <cy@FreeBSD.org> The driver list prints "(null)" for the NDIS driver when -h (help) or
an unknown switch is passed outputting the command usage. This is
because the NDIS driver is uninitialized when usage help is printed.
To resolve this we initialize the driver prior to the possibility of
printing the usage help message.

Obtained from: The wpa_supplicant port
MFC after: 1 week
pa_supplicant/main.c
pa_supplicant/wpa_supplicant.c
25d65ba7f715648fbce1c931adb620224b18339e 23-Apr-2019 cy <cy@FreeBSD.org> MFV r346563:

Update wpa_supplicant/hostapd 2.7 --> 2.8

Upstream documents the following advisories:

- https://w1.fi/security/2019-1/sae-side-channel-attacks.txt
- https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt
- https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
- https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
- https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-\
with-unexpected-fragment.txt

Relnotes: yes
MFC after: 1 week (or less)
Security: CVE-2019-9494, VU#871675, CVE-2019-9495, CVE-2019-9496,
CVE-2019-9497, CVE-2019-9498, CVE-2019-9499
b53b242388d97f57a2ae533d911584d9dc0d9f8e 09-Dec-2018 cy <cy@FreeBSD.org> MFV r341618:

Update wpa 2.6 --> 2.7.
36c3a399dd6f9798674cb2484be38ff96a8bc022 21-Aug-2018 cy <cy@FreeBSD.org> For CID 1394785, add a comment explaining that global->event_buf is
not really a char * but a struct rt_msghdr *.

MFC after: 3 days
rc/drivers/driver_bsd.c
dff9d8df15056d7c54d36ce345e6cf14584f4d0a 14-Aug-2018 cy <cy@FreeBSD.org> MFV r337818:

WPA: Ignore unauthenticated encrypted EAPOL-Key data

Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.

When using WPA2, EAPOL-Key frames that had the Encrypted flag set but
not the MIC flag, had their data field decrypted without first verifying
the MIC. In case the data field was encrypted using RC4 (i.e., when
negotiating TKIP as the pairwise cipher), this meant that
unauthenticated but decrypted data would then be processed. An adversary
could abuse this as a decryption oracle to recover sensitive information
in the data field of EAPOL-Key messages (e.g., the group key).
(CVE-2018-14526)

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>

Obtained from: git://w1.fi/hostap.git
MFC after: 1 day
Security: CVE-2018-14526
Security: VuXML: 6bedc863-9fbe-11e8-945f-206a8a720317
rc/rsn_supp/wpa.c
b8c31c04aa2eb4b8f601f6f9c27773a358869888 20-Jul-2018 cy <cy@FreeBSD.org> Remove a redundant declaration.

While at it add a blank line, conforming with the convention
used in this file.

X-MFC-with: r336203
rc/drivers/driver_wired.c
e987836b9703135a8862ac284924e86f0efb1a36 20-Jul-2018 cy <cy@FreeBSD.org> To reduce our diff between our sources and our upline, sync up
with upline. Also making it easier to read.

Obtained from: diffing base with ports
X-MFC-with: r336203
pa_supplicant/wnm_sta.c
548c76938588bb0f4877c31d4f41c82524b7e96d 20-Jul-2018 cy <cy@FreeBSD.org> MFV: r336486

Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.

Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0002-Prevent-reinstallation-\
of-an-already-in-use-group-ke.patch
X-MFC-with: r336203
rc/rsn_supp/wpa.c
fa7942bb4237928358f9fe0dadeeb8ce6eba1768 20-Jul-2018 cy <cy@FreeBSD.org> Revert r336501. It was a of the wrong rev from the vendor branch.
rc/rsn_supp/wpa.c
f43e6aa05cc253fe142c70067fa6e871e3cc20a4 19-Jul-2018 cy <cy@FreeBSD.org> MFV r336490:

Prevent installation of an all-zero TK.
This is also upline git commit 53bb18cc8b7a4da72e47e4b3752d0d2135cffb23.

Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0004-Prevent-installation-\
of-an-all-zero-TK.patch
X-MFC-with: r336203
rc/rsn_supp/wpa.c
rc/rsn_supp/wpa_i.h
9739fb5020ea2fc4646526e268d35d70f623ce0f 19-Jul-2018 cy <cy@FreeBSD.org> MFV: r336486

Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.

Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0002-Prevent-reinstallation-\
of-an-already-in-use-group-ke.patch
X-MFC-with: r336203
rc/rsn_supp/wpa.c
9f36f4327ef028922e073eae49b6d5e42353c437 19-Jul-2018 cy <cy@FreeBSD.org> MFV: r336485

Address: hostapd: Avoid key reinstallation in FT handshake

Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0001-hostapd-Avoid-key-\
reinstallation-in-FT-handshake.patch
X-MFC-with: r336203
rc/ap/ieee802_11.c
rc/ap/wpa_auth.c
rc/ap/wpa_auth.h
99be183341342132ecd4d0eef6ababe2d024a07b 11-Jul-2018 cy <cy@FreeBSD.org> MFV r324714:

Update wpa 2.5 --> 2.6.

MFC after: 1 month
34e8800cc7dc40b3dec5db112d8d43f5e282018c 31-May-2018 hselasky <hselasky@FreeBSD.org> Re-apply r190640.

- Restore local change to include <net/bpf.h> inside pcap.h.
This fixes ports build problems.
- Update local copy of dlt.h with new DLT types.
- Revert no longer needed <net/bpf.h> includes which were added
as part of r334277.

Suggested by: antoine@, delphij@, np@
MFC after: 3 weeks
Sponsored by: Mellanox Technologies
rc/l2_packet/l2_packet_freebsd.c
30f165e2d74c681f9df978d1f8f6eeef4569babb 28-May-2018 hselasky <hselasky@FreeBSD.org> MFV r333789: libpcap 1.9.0 (pre-release)

MFC after: 1 month
Sponsored by: Mellanox Technologies
b931bbf6a76621889a26b33a817c3e8a0269dd5e 17-Oct-2017 gordon <gordon@FreeBSD.org> Update wpa_supplicant/hostapd for 2017-01 vulnerability release.

hostapd: Avoid key reinstallation in FT handshake
Prevent reinstallation of an already in-use group key
Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
Fix TK configuration to the driver in EAPOL-Key 3/4 retry case
Prevent installation of an all-zero TK
Fix PTK rekeying to generate a new ANonce
TDLS: Reject TPK-TK reconfiguration
WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
WNM: Ignore WNM-Sleep Mode Response without pending request
FT: Do not allow multiple Reassociation Response frames
TDLS: Ignore incoming TDLS Setup Response retries

Submitted by: jhb
Obtained from: https://w1.fi/security/2017-01/ (against later version)
Security: FreeBSD-SA-17:07
Security: CERT VU#228519
Security: CVE-2017-13077
Security: CVE-2017-13078
Security: CVE-2017-13079
Security: CVE-2017-13080
Security: CVE-2017-13081
Security: CVE-2017-13082
Security: CVE-2017-13086
Security: CVE-2017-13087
Security: CVE-2017-13088
Differential Revision: https://reviews.freebsd.org/D12693
rc/ap/wpa_auth.c
rc/ap/wpa_auth.h
rc/ap/wpa_auth_ft.c
rc/ap/wpa_auth_i.h
rc/common/wpa_common.h
rc/rsn_supp/tdls.c
rc/rsn_supp/wpa.c
rc/rsn_supp/wpa_ft.c
rc/rsn_supp/wpa_i.h
pa_supplicant/ctrl_iface.c
pa_supplicant/events.c
pa_supplicant/wnm_sta.c
pa_supplicant/wpa_supplicant_i.h
33e0205feeb1602b43e451734297240875c785f5 26-Nov-2015 adrian <adrian@FreeBSD.org> [wpa] use IFM_IEEE80211_ADHOC for now on FreeBSD for IBSS operation.

PR: bin/203086
Submitted by: avos
rc/drivers/driver_bsd.c
47c30fdf7ee1931484d05716b1ce04d402dcc55c 26-Nov-2015 adrian <adrian@FreeBSD.org> [wpa] bring up interface in ap_mode=2

This is required for WPA-NONE operation.

PR: bin/203086
Submitted by: avos@
rc/drivers/driver_bsd.c
0b64f6b00c80a6e9cb20cd277a0c6af406a49c3b 26-Nov-2015 adrian <adrian@FreeBSD.org> [wpa] handle IBSS mediatype.

same as the previous commit to ifconfig - handle a mediatype of IBSS
without failing/complaining.

Internally inside wpa_s things treat IBSS/ADHOC as equivalent.
rc/drivers/driver_bsd.c
c437e26a1d8c13d53c6b57c8f8a8a28525fb34b0 18-Oct-2015 rpaulo <rpaulo@FreeBSD.org> Update hostapd/wpa_supplicant to version 2.5.

Tested by several people on current@/wireless@.

Relnotes: yes
842f4520d0888b29092df5d0d02c98cf458d22f7 21-Apr-2015 rpaulo <rpaulo@FreeBSD.org> Merge wpa_supplicant/hostapd 2.4.

Major changes are: SAE, Suite B, RFC 7268, EAP-PKE, ACS, and tons of
bug fixes.

Relnotes: yes
fe156048d8ff669c6f66517f92ba7fcc7816c6a5 22-Jun-2014 jmg <jmg@FreeBSD.org> convert to using pidfile... This prevents multiple wpa_supplicants
running at the same time causing problems w/ wifi not working..

the patch will be submitted upstream... The next step if someone wants
to push it upstream is to break os_unix.c up so that all these other
utilities don't need libutil..

Reviewed by: rpaulo
rc/utils/os_unix.c
4c66443e3331c2115f51289c149604f4091487b2 29-Mar-2014 rpaulo <rpaulo@FreeBSD.org> Enable all cryptocaps because net80211 can do software encryption.

MFC after: 1 week
rc/drivers/driver_bsd.c
a856a964094ac0a50d5b0d0ea7268107e5c8b029 30-Oct-2013 emaste <emaste@FreeBSD.org> Revert to upstream literal $FreeBSD tag

radiotap.h in upstream wpa originally came from the FreeBSD CVS
repository. The copy in vendor/ matched the upstream one; with this
change the contrib copy now matches too.

Discussed with: jhb@
rc/utils/radiotap.h
dbf751d8dcba52ecdbffa7ca29db6f75bc9e2b8b 07-Aug-2013 rpaulo <rpaulo@FreeBSD.org> Fix previous commit: both flags must be set.
rc/drivers/driver_wired.c
e141f5c0bac3839e4886a26e1ba796f4e46e6455 07-Aug-2013 rpaulo <rpaulo@FreeBSD.org> Make sure IFM_AVALID is also set when checking ifm_status.

Submitted by: yongari
rc/drivers/driver_wired.c
336da2273ba2b400b1d7d7f60376058eeea1dfbd 07-Aug-2013 rpaulo <rpaulo@FreeBSD.org> Fix a timing issue with the wired driver.

After configuring the interface, wait for the link to become active.
Many ethernet drivers reset the chip when we set multicast filters
(causing significant delays due to link re-negotiation) and, by the time
we start sending packets, they are discared instead of going to the ether.

Tested by: dumbbell
rc/drivers/driver_wired.c
6a98a29d2971fc8059b201218429959d7f0ab15b 08-Jul-2013 hiren <hiren@FreeBSD.org> Move to MSG_DEBUG to print it via syslog only when requested.

Reviewed by: rpaulo, adrian
Approved by: sbruno (mentor)
rc/rsn_supp/wpa.c
fa0a12cc9380fe9385f8f76a6bfb4d64ed6dddbf 04-Jul-2013 rpaulo <rpaulo@FreeBSD.org> Delete .gitignore files.
rc/crypto/.gitignore
rc/drivers/.gitignore
rc/radius/.gitignore
rc/tls/.gitignore
rc/utils/.gitignore
pa_supplicant/.gitignore
pa_supplicant/dbus/.gitignore
41a13be5c85dbdca536871231d280abef16b624f 04-Jul-2013 rpaulo <rpaulo@FreeBSD.org> Restore the dbus directory that was not meant to be deleted in r252729.
e6a397a86b346664059134538fccc45498f6a9b5 04-Jul-2013 rpaulo <rpaulo@FreeBSD.org> Remove unused files / directories.
ostapd/Makefile
rc/Makefile
rc/ap/Makefile
rc/common/Makefile
rc/crypto/Makefile
rc/drivers/Makefile
rc/drivers/android_drv.h
rc/drivers/drivers.mak
rc/drivers/drivers.mk
rc/drivers/linux_wext.h
rc/drivers/rfkill.c
rc/drivers/rfkill.h
rc/eap_common/Makefile
rc/eap_peer/Makefile
rc/eap_server/Makefile
rc/eapol_auth/Makefile
rc/eapol_supp/Makefile
rc/l2_packet/Makefile
rc/lib.rules
rc/p2p/Makefile
rc/radius/Makefile
rc/rsn_supp/Makefile
rc/tls/Makefile
rc/utils/Makefile
rc/wps/Makefile
pa_supplicant/Makefile
pa_supplicant/dbus/.gitignore
pa_supplicant/dbus/Makefile
pa_supplicant/dbus/dbus-wpa_supplicant.conf
pa_supplicant/dbus/dbus_common.c
pa_supplicant/dbus/dbus_common.h
pa_supplicant/dbus/dbus_common_i.h
pa_supplicant/dbus/dbus_dict_helpers.c
pa_supplicant/dbus/dbus_dict_helpers.h
pa_supplicant/dbus/dbus_new.c
pa_supplicant/dbus/dbus_new.h
pa_supplicant/dbus/dbus_new_handlers.c
pa_supplicant/dbus/dbus_new_handlers.h
pa_supplicant/dbus/dbus_new_handlers_p2p.c
pa_supplicant/dbus/dbus_new_handlers_p2p.h
pa_supplicant/dbus/dbus_new_handlers_wps.c
pa_supplicant/dbus/dbus_new_helpers.c
pa_supplicant/dbus/dbus_new_helpers.h
pa_supplicant/dbus/dbus_new_introspect.c
pa_supplicant/dbus/dbus_old.c
pa_supplicant/dbus/dbus_old.h
pa_supplicant/dbus/dbus_old_handlers.c
pa_supplicant/dbus/dbus_old_handlers.h
pa_supplicant/dbus/dbus_old_handlers_wps.c
pa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in
pa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in
pa_supplicant/doc/docbook/.gitignore
pa_supplicant/doc/docbook/Makefile
pa_supplicant/doc/docbook/manpage.links
pa_supplicant/doc/docbook/manpage.refs
pa_supplicant/doc/docbook/wpa_background.8
pa_supplicant/doc/docbook/wpa_background.sgml
pa_supplicant/doc/docbook/wpa_cli.8
pa_supplicant/doc/docbook/wpa_cli.sgml
pa_supplicant/doc/docbook/wpa_gui.8
pa_supplicant/doc/docbook/wpa_gui.sgml
pa_supplicant/doc/docbook/wpa_passphrase.8
pa_supplicant/doc/docbook/wpa_passphrase.sgml
pa_supplicant/doc/docbook/wpa_priv.8
pa_supplicant/doc/docbook/wpa_priv.sgml
pa_supplicant/doc/docbook/wpa_supplicant.8
pa_supplicant/doc/docbook/wpa_supplicant.conf.5
pa_supplicant/doc/docbook/wpa_supplicant.conf.sgml
pa_supplicant/doc/docbook/wpa_supplicant.sgml
083dd1de651813c2c5b040ffe3cba771aa583df1 04-Jul-2013 rpaulo <rpaulo@FreeBSD.org> Merge hostapd / wpa_supplicant 2.0.

Reviewed by: adrian (driver_bsd + usr.sbin/wpa)
4d036c9c1350acbaaa6a43977d50f0c54cc6f007 17-Jun-2013 pluknet <pluknet@FreeBSD.org> Import change e4ac6417c7504e1c55ec556ce908974c04e29e3c from upstream wpa:

From: Guy Eilam <guy@wizery.com>
Date: Mon, 21 Feb 2011 20:44:46 +0000 (+0200)
Subject: utils: Corrected a typo in header's name definition

utils: Corrected a typo in header's name definition

Corrected a typo in the BASE64_H definition that
might cause the header file to be included more than once.

Signed-off-by: Guy Eilam <guy@wizery.com>

Submitted by: <dt71@gmx.com>
MFC after: 3 days
rc/utils/base64.h
dcbeb7acb186d90fbec3caed228b522c0b41ad64 16-Feb-2013 dim <dim@FreeBSD.org> Import change 40eebf235370b6fe6353784ccf01ab92eed062a5 from upstream wpa:

From: Jouni Malinen <j@w1.fi>
Date: Fri, 15 Jul 2011 13:42:06 +0300
Subject: [PATCH] MD5: Fix clearing of temporary stack memory to use correct length

sizeof of the structure instead of the pointer was supposed to be used
here. Fix this to clear the full structure at the end of MD5Final().

Found by: clang ToT
Reviewed by: rpaulo
MFC after: 3 days
rc/crypto/md5-internal.c
748c98fc62710e6e068b1ac97fe79668aa6fe7d4 23-Nov-2012 cperciva <cperciva@FreeBSD.org> MFS security patches which seem to have accidentally not reached HEAD:

Fix insufficient message length validation for EAP-TLS messages.

Fix Linux compatibility layer input validation error.

Security: FreeBSD-SA-12:07.hostapd
Security: FreeBSD-SA-12:08.linux
Security: CVE-2012-4445, CVE-2012-4576
With hat: so@
rc/eap_server/eap_server_tls_common.c
6fc60597cca6769a57af476f5281732e19b0819d 03-Nov-2010 rpaulo <rpaulo@FreeBSD.org> Remove unused files.
rc/drivers/driver_atheros.c
rc/drivers/driver_none.c
rc/drivers/linux_ioctl.c
rc/drivers/linux_ioctl.h
rc/drivers/netlink.c
rc/drivers/netlink.h
rc/drivers/nl80211_copy.h
rc/drivers/wireless_copy.h
pa_supplicant/xcode/wpa_supplicant.xcodeproj/project.pbxproj
e0d70c33109c041ff2046fe529eb8e3c0f2acec1 03-Nov-2010 rpaulo <rpaulo@FreeBSD.org> Merge wpa_supplicant and hostapd 0.7.3.
9a3eca9b9f363c4853b4000c9f00ab61bdaacbdb 14-Jun-2010 rpaulo <rpaulo@FreeBSD.org> Remove unused files.
rc/drivers/Apple80211.h
rc/drivers/MobileApple80211.c
rc/drivers/MobileApple80211.h
rc/drivers/driver_atmel.c
rc/drivers/driver_broadcom.c
rc/drivers/driver_bsd.c
rc/drivers/driver_hostap.c
rc/drivers/driver_hostap.h
rc/drivers/driver_iphone.m
rc/drivers/driver_ipw.c
rc/drivers/driver_madwifi.c
rc/drivers/driver_nl80211.c
rc/drivers/driver_osx.m
rc/drivers/driver_prism54.c
rc/drivers/driver_privsep.c
rc/drivers/driver_ps3.c
rc/drivers/driver_ralink.c
rc/drivers/driver_ralink.h
rc/drivers/driver_roboswitch.c
rc/drivers/driver_test.c
rc/drivers/driver_wext.c
rc/drivers/driver_wext.h
rc/drivers/priv_netlink.h
rc/l2_packet/l2_packet_linux.c
rc/l2_packet/l2_packet_pcap.c
rc/l2_packet/l2_packet_privsep.c
rc/l2_packet/l2_packet_winpcap.c
ce9c8f380b1fae326c166456a15ae504dce5c1d1 14-Jun-2010 rpaulo <rpaulo@FreeBSD.org> MFV hostapd & wpa_supplicant 0.6.10.
4e75ea04f545069138b54e1fee5b5c1236ba5b68 16-Mar-2009 dougb <dougb@FreeBSD.org> Add some notes and clarify a few sections:
1. Add a note to double-check the man page
2. Remove windows-specific items in the ctrl_interface section
3. Add a note that ap_scan must be set to 1 for use with wlan
4. Clarify the wording for scan_ssid related to APs that hide ssid
5. Clarify the wording for the priority option
pa_supplicant/wpa_supplicant.conf
05a3fc25cf422a1ed90c9458131e1dbb4b1bccbb 15-Mar-2009 sam <sam@FreeBSD.org> remove gcc-ism; tsinfo isn't used anyway
ostapd/wme.h
c0eea162c5685e85d2836609191195917bb8fdbd 13-Mar-2009 sam <sam@FreeBSD.org> fix portability; linux does not have sa_len/sun_len
pa_supplicant/ctrl_iface_unix.c
3cac7b891b7108169f5fed3997e777b56c060178 02-Mar-2009 sam <sam@FreeBSD.org> bring in local changes for:
CONFIG_DEBUG_SYSLOG
CONFIG_TERMINATE_ONLASTIF
EAP_SERVER
ostapd/hostapd.c
rc/utils/wpa_debug.c
pa_supplicant/events.c
pa_supplicant/main.c
pa_supplicant/wpa_supplicant.c
pa_supplicant/wpa_supplicant_i.h
2af41b09fa9d6ff3f4c736a224f545663be143d2 02-Mar-2009 sam <sam@FreeBSD.org> connect vendor wpa area to contrib