[source] hostapd: backport fix for wnm_sleep_mode=0

LEDE Commits lede-commits at lists.infradead.org
Wed Dec 6 16:32:01 PST 2017 

stintel pushed a commit to source.git, branch master:
https://git.lede-project.org/bd45e15d0afe64dfed5a02a50a634f7947b50144

commit bd45e15d0afe64dfed5a02a50a634f7947b50144
Author: Timo Sigurdsson <public_timo.s at silentcreek.de>
AuthorDate: Tue Nov 14 21:41:30 2017 +0100

    hostapd: backport fix for wnm_sleep_mode=0
    
    wpa_disable_eapol_key_retries can't prevent attacks against the Wireless
    Network Management (WNM) Sleep Mode handshake. Currently, hostapd
    processes WNM Sleep Mode requests from clients regardless of the setting
    wnm_sleep_mode. Backport Jouni Malinen's upstream patch 114f2830 in
    order to ignore such requests by clients when wnm_sleep_mode is disabled
    (which is the default).
    
    Signed-off-by: Timo Sigurdsson <public_timo.s at silentcreek.de>
    [rewrite commit subject (<= 50 characters), bump PKG_RELEASE]
    Signed-off-by: Stijn Tintel <stijn at linux-ipv6.be>
---
 package/network/services/hostapd/Makefile          |  2 +-
 ...WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch | 35 ++++++++++++++++++++++
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile
index ef1f8d0..893d769 100644
--- a/package/network/services/hostapd/Makefile
+++ b/package/network/services/hostapd/Makefile
@@ -7,7 +7,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hostapd
-PKG_RELEASE:=4
+PKG_RELEASE:=5
 
 PKG_SOURCE_URL:=http://w1.fi/hostap.git
 PKG_SOURCE_PROTO:=git
diff --git a/package/network/services/hostapd/patches/013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch b/package/network/services/hostapd/patches/013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch
new file mode 100644
index 0000000..13426e4
--- /dev/null
+++ b/package/network/services/hostapd/patches/013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch
@@ -0,0 +1,35 @@
+From 114f2830d2c2aee6db23d48240e93415a256a37c Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni at qca.qualcomm.com>
+Date: Fri, 20 Oct 2017 17:39:42 +0300
+Subject: [PATCH] WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0 case
+
+The hostapd wnm_sleep_mode parameter was previously used to control
+advertisement of WNM-Sleep Mode support, but it was not used when
+processing a request to use WNM-Sleep Mode. Add an explicit check during
+request processing as well so that any misbehaving station is ignored.
+
+Signed-off-by: Jouni Malinen <jouni at qca.qualcomm.com>
+---
+ src/ap/wnm_ap.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/ap/wnm_ap.c b/src/ap/wnm_ap.c
+index 7c4fde0..973e4d3 100644
+--- a/src/ap/wnm_ap.c
++++ b/src/ap/wnm_ap.c
+@@ -200,6 +200,13 @@ static void ieee802_11_rx_wnmsleep_req(struct hostapd_data *hapd,
+ 	u8 *tfsreq_ie_end = NULL;
+ 	u16 tfsreq_ie_len = 0;
+ 
++	if (!hapd->conf->wnm_sleep_mode) {
++		wpa_printf(MSG_DEBUG, "Ignore WNM-Sleep Mode Request from "
++			   MACSTR " since WNM-Sleep Mode is disabled",
++			   MAC2STR(addr));
++		return;
++	}
++
+ 	dialog_token = *pos++;
+ 	while (pos + 1 < frm + len) {
+ 		u8 ie_len = pos[1];
+-- 
+2.1.4

More information about the lede-commits mailing list