Mail archive
alpine-aports

[alpine-aports] [PATCH] testing/iwd: upgrade to 0.16

From: Milan P. Stanić <mps_at_arvanta.net>
Date: Thu, 4 Apr 2019 23:59:23 +0200

add patch to fix missing include config.h in some .c files
add patches which fixes sae, sha256-hmac, eap-pwd
---
 testing/iwd/APKBUILD                          |  14 +-
 testing/iwd/add-missing.config.h.patch        | 140 ++++++++++++++++++
 .../iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch |  90 +++++++++++
 testing/iwd/fix-sae-infinite-loop.patch       |  56 +++++++
 testing/iwd/fix-sae-sha256-hmac.patch         |  28 ++++
 5 files changed, 325 insertions(+), 3 deletions(-)
 create mode 100644 testing/iwd/add-missing.config.h.patch
 create mode 100644 testing/iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch
 create mode 100644 testing/iwd/fix-sae-infinite-loop.patch
 create mode 100644 testing/iwd/fix-sae-sha256-hmac.patch
diff --git a/testing/iwd/APKBUILD b/testing/iwd/APKBUILD
index df03bcc0ea..838ff89912 100644
--- a/testing/iwd/APKBUILD
+++ b/testing/iwd/APKBUILD
_at_@ -1,8 +1,8 @@
 # Contributor: Milan P. Stanić <mps_at_arvanta.net>
 # Maintainer: Milan P. Stanić <mps_at_arvanta.net>
 pkgname=iwd
-pkgver=0.14
-pkgrel=3
+pkgver=0.16
+pkgrel=0
 pkgdesc="Internet Wireless Daemon"
 url="https://iwd.wiki.kernel.org/"
 arch="all"
_at_@ -10,6 +10,10 @@ license="LGPL-2.1-or-later"
 makedepends="ell-dev dbus-dev readline-dev linux-headers asciidoc"
 subpackages="$pkgname-doc $pkgname-openrc"
 source="https://mirrors.edge.kernel.org/pub/linux/network/wireless/$pkgname-${pkgver}.tar.gz
+	add-missing.config.h.patch
+	fix-sae-infinite-loop.patch
+	fix-sae-sha256-hmac.patch
+	fix-iwd-0.16-sae-eap-pwd-size_t.patch
 	dbus-netdev-group.patch
 	iwd.initd
 	"
_at_@ -46,6 +50,10 @@ package() {
 		"$pkgdir"/etc/init.d/$pkgname
 }
 
-sha512sums="aa4586611d6c7298f9b00fe1de88b83157f037e76c7f01d8c3df8e21d7d6796ce3551be9764681a412bf147e741ff65469adaa6da4d96bdc4e2667059202b656  iwd-0.14.tar.gz
+sha512sums="97432f6957cdfbdee43325bfebe45bf02d0099a246e864ff1f073d135743618d4e048a9611a1525cc43034a81f8aa72eb2683c4e0e52ea430d4d211aee858b05  iwd-0.16.tar.gz
+56ee6e88d49f7a05184b4258f3775d95a9639e7851e633015fc5fddca34de3cdb1e486f403436e8b0c86e7e6f33ad8a81157c87ef6470ff22b9288d5bcb2409d  add-missing.config.h.patch
+2651f17d0640e3ad2da69186aeb2d1554b596456b0ef62a1453859c65d58d64b5d85d3cce5bdb36031bf772d757fa58d6cda584275a5f1be1b4687efba9eec3f  fix-sae-infinite-loop.patch
+b1c2c69c6db6a4a81ffeb7a0565585685c23b7a118b9919d5f0ed3a957771e9ca7effa9bd3675a65e66a382b3801523480854a5dfa686e9edb9a981b0ca5e283  fix-sae-sha256-hmac.patch
+e750ce07097db2611def3dddcc2eb093575dd82410bca4008da38ce9220cca859610a77a59da1685d65d72aaa4565f4f803c032e045a8c19fe9b2f49e8ea3bf5  fix-iwd-0.16-sae-eap-pwd-size_t.patch
 7d3bc26b558ebfd22335b946f09abd5326e885275979c617af7def1468ade23ba7605f3b13aaf91836035c130aaec04be0ff2708a898f3ae835e0eef4e78fa0e  dbus-netdev-group.patch
 1a913fa19a76a18d92b8f44cb5b4b99a64b4e2f7d2b4a486bf1ba2f939aea7dcca772fca91483011ada58aaa3addc29c76ececd708b2187e57f72aa040ac77e6  iwd.initd"
diff --git a/testing/iwd/add-missing.config.h.patch b/testing/iwd/add-missing.config.h.patch
new file mode 100644
index 0000000000..b871acef57
--- /dev/null
+++ b/testing/iwd/add-missing.config.h.patch
_at_@ -0,0 +1,140 @@
+From 23041a44dd6c3fcaa18e5cb3f63140e3cb76d6b8 Mon Sep 17 00:00:00 2001
+From: Marcel Holtmann <marcel_at_holtmann.org>
+Date: Thu, 4 Apr 2019 14:02:38 +0200
+Subject: build: Add missing HAVE_CONFIG_H guards and include config.h
+
+---
+ plugins/ofono.c         | 4 ++++
+ plugins/sim_hardcoded.c | 5 +++++
+ src/eap-mschapv2.c      | 4 ++++
+ src/nl80211util.c       | 4 ++++
+ src/plugin.c            | 4 ++++
+ src/sae.c               | 4 ++++
+ src/simauth.c           | 4 ++++
+ src/simutil.c           | 4 ++++
+ 8 files changed, 33 insertions(+)
+
+diff --git a/plugins/ofono.c b/plugins/ofono.c
+index 077045f..fc2561f 100644
+--- a/plugins/ofono.c
++++ b/plugins/ofono.c
+_at_@ -20,6 +20,10 @@
+  *
+  */
+ 
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <stdio.h>
+ #include <ctype.h>
+ #include <stdio.h>
+diff --git a/plugins/sim_hardcoded.c b/plugins/sim_hardcoded.c
+index b5ea6b0..6e87f34 100644
+--- a/plugins/sim_hardcoded.c
++++ b/plugins/sim_hardcoded.c
+_at_@ -19,6 +19,11 @@
+  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+  *
+  */
++
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <errno.h>
+ 
+ #include <ell/ell.h>
+diff --git a/src/eap-mschapv2.c b/src/eap-mschapv2.c
+index 78404e2..e1f4ab5 100644
+--- a/src/eap-mschapv2.c
++++ b/src/eap-mschapv2.c
+_at_@ -20,6 +20,10 @@
+  *
+  */
+ 
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <ctype.h>
+ #include <stdio.h>
+ #include <errno.h>
+diff --git a/src/nl80211util.c b/src/nl80211util.c
+index 0d690e8..a9c3914 100644
+--- a/src/nl80211util.c
++++ b/src/nl80211util.c
+_at_@ -20,6 +20,10 @@
+  *
+  */
+ 
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <linux/if_ether.h>
+ #include <ell/ell.h>
+ 
+diff --git a/src/plugin.c b/src/plugin.c
+index 2d96f65..a62fb03 100644
+--- a/src/plugin.c
++++ b/src/plugin.c
+_at_@ -20,6 +20,10 @@
+  *
+  */
+ 
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <fnmatch.h>
+ 
+ #include <ell/ell.h>
+diff --git a/src/sae.c b/src/sae.c
+index 782a306..cab004b 100644
+--- a/src/sae.c
++++ b/src/sae.c
+_at_@ -20,6 +20,10 @@
+  *
+  */
+ 
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <ell/ell.h>
+ 
+ #include "src/util.h"
+diff --git a/src/simauth.c b/src/simauth.c
+index 5ed4dde..4244304 100644
+--- a/src/simauth.c
++++ b/src/simauth.c
+_at_@ -20,6 +20,10 @@
+  *
+  */
+ 
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <ctype.h>
+ #include <stdio.h>
+ #include <errno.h>
+diff --git a/src/simutil.c b/src/simutil.c
+index 8de0645..f0542c7 100644
+--- a/src/simutil.c
++++ b/src/simutil.c
+_at_@ -20,6 +20,10 @@
+  *
+  */
+ 
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <ctype.h>
+ #include <stdio.h>
+ #include <errno.h>
+-- 
+cgit 1.2-0.3.lf.el7
+
diff --git a/testing/iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch b/testing/iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch
new file mode 100644
index 0000000000..925db40c68
--- /dev/null
+++ b/testing/iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch
_at_@ -0,0 +1,90 @@
+From b8dd39ded0fd62d38960a0ed08481838d58af74f Mon Sep 17 00:00:00 2001
+From: Denis Kenzior <denkenz_at_gmail.com>
+Date: Thu, 4 Apr 2019 13:37:01 -0500
+Subject: [PATCH 1/2] sae: Fix argument type passed via va_args
+
+The function expects a size_t argument, but on some ARM systems this was
+getting confused and failing.
+---
+ src/sae.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/sae.c b/src/sae.c
+index b0ebe8e..32a1ca8 100644
+--- a/src/sae.c
++++ b/src/sae.c
+_at_@ -91,7 +91,7 @@ static bool sae_pwd_seed(const uint8_t *addr1, const uint8_t *addr2,
+ 	}
+ 
+ 	return hkdf_extract(L_CHECKSUM_SHA256, key, 12, 2, out, base, base_len,
+-					&counter, 1);
++					&counter, (size_t) 1);
+ }
+ 
+ static struct l_ecc_scalar *sae_pwd_value(const struct l_ecc_curve *curve,
+-- 
+2.21.0
+
+
+From bde01b1826c42dea1b55b047435903fcc16a3d71 Mon Sep 17 00:00:00 2001
+From: James Prestwood <james.prestwood_at_linux.intel.com>
+Date: Thu, 4 Apr 2019 11:47:25 -0700
+Subject: [PATCH 2/2] eap-pwd: update hkdf_extract usage to cast constants
+
+On some architectures, va_arg was behaving strangely with constant values
+passed as lengths. Casting any constant lengths to size_t fixes the issue.
+---
+ src/eap-pwd.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/src/eap-pwd.c b/src/eap-pwd.c
+index c4808c5..56d0980 100644
+--- a/src/eap-pwd.c
++++ b/src/eap-pwd.c
+_at_@ -307,7 +307,7 @@ static void eap_pwd_handle_id(struct eap_state *eap,
+ 		hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 5, pwd_seed, &token, 4,
+ 				pwd->identity, strlen(pwd->identity), pkt + 9,
+ 				len - 9, pwd->password, strlen(pwd->password),
+-				&counter, 1);
++				&counter, (size_t) 1);
+ 
+ 		/*
+ 		 * pwd-value = KDF(pwd-seed, "EAP-pwd Hunting And Pecking",
+_at_@ -509,12 +509,13 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
+ 	 */
+ 	hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 6, confirm_p, kpx, clen,
+ 				element_p, plen, scalar_p, clen, element_s,
+-				plen, scalar_s, clen, &pwd->ciphersuite, 4);
++				plen, scalar_s, clen, &pwd->ciphersuite,
++				(size_t) 4);
+ 
+ 	hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 6, expected_confirm_s, kpx,
+ 				clen, element_s, plen, scalar_s, clen,
+ 				element_p, plen, scalar_p, clen,
+-				&pwd->ciphersuite, 4);
++				&pwd->ciphersuite, (size_t) 4);
+ 
+ 	if (memcmp(confirm_s, expected_confirm_s, 32)) {
+ 		l_error("Confirm_S did not verify");
+_at_@ -528,7 +529,7 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
+ 
+ 	/* derive MK = H(kp | Confirm_P | Confirm_S ) */
+ 	hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 3, mk, kpx, clen, confirm_p,
+-			32, confirm_s, 32);
++			(size_t) 32, confirm_s, (size_t) 32);
+ 
+ 	eap_pwd_send_response(eap, resp, pos - resp);
+ 
+_at_@ -536,7 +537,8 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
+ 
+ 	session_id[0] = 52;
+ 	hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 3, session_id + 1,
+-			&pwd->ciphersuite, 4, scalar_p, clen, scalar_s, clen);
++			&pwd->ciphersuite, (size_t) 4, scalar_p, clen,
++			scalar_s, clen);
+ 
+ 	kdf(mk, 32, (const char *) session_id, 33, msk_emsk, 128);
+ 	eap_set_key_material(eap, msk_emsk, 64, msk_emsk + 64, 64, NULL, 0);
+-- 
+2.21.0
+
diff --git a/testing/iwd/fix-sae-infinite-loop.patch b/testing/iwd/fix-sae-infinite-loop.patch
new file mode 100644
index 0000000000..f3e8a8fcc8
--- /dev/null
+++ b/testing/iwd/fix-sae-infinite-loop.patch
_at_@ -0,0 +1,56 @@
+From c985da04caca9cc9f1472718df756c9b73fb6af4 Mon Sep 17 00:00:00 2001
+From: James Prestwood <james.prestwood_at_linux.intel.com>
+Date: Thu, 4 Apr 2019 09:03:16 -0700
+Subject: [PATCH] sae: fix potential infinite loop
+
+It was assumed that the hunt-and-peck loop was guarenteed to find
+a PWE. This was incorrect in terms of kernel support. If a system
+does not have support for AF_ALG or runs out of file descriptors
+the KDFs may fail. The loop continued to run if found == false,
+which is also incorrect because we want to stop after 20 iterations
+regarless of success.
+
+This changes the loop to a for loop so it will always exit after
+the set number of iterations.
+---
+ src/sae.c | 10 +++-------
+ 1 file changed, 3 insertions(+), 7 deletions(-)
+
+diff --git a/src/sae.c b/src/sae.c
+index cab004b..b0ebe8e 100644
+--- a/src/sae.c
++++ b/src/sae.c
+_at_@ -251,8 +251,7 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
+ 				const uint8_t *addr1, const uint8_t *addr2)
+ {
+ 	bool found = false;
+-	uint8_t counter = 1;
+-	uint8_t k = 20;
++	uint8_t counter;
+ 	uint8_t pwd_seed[32];
+ 	struct l_ecc_scalar *pwd_value;
+ 	uint8_t random[32];
+_at_@ -267,7 +266,7 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
+ 	qr = sae_new_residue(sm->curve, true);
+ 	qnr = sae_new_residue(sm->curve, false);
+ 
+-	do {
++	for (counter = 1; counter <= 20; counter++) {
+ 		/* pwd-seed = H(max(addr1, addr2) || min(addr1, addr2),
+ 		 *                base || counter)
+ 		 * pwd-value = KDF-256(pwd-seed, "SAE Hunting and Pecking", p)
+_at_@ -291,10 +290,7 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
+ 		}
+ 
+ 		l_ecc_scalar_free(pwd_value);
+-
+-		counter++;
+-
+-	} while ((counter <= k) || (found == false));
++	}
+ 
+ 	l_ecc_scalar_free(qr);
+ 	l_ecc_scalar_free(qnr);
+-- 
+2.21.0
+
diff --git a/testing/iwd/fix-sae-sha256-hmac.patch b/testing/iwd/fix-sae-sha256-hmac.patch
new file mode 100644
index 0000000000..190e3fd422
--- /dev/null
+++ b/testing/iwd/fix-sae-sha256-hmac.patch
_at_@ -0,0 +1,28 @@
+From 5338904824638124d78acf1efae0b046d3d6735b Mon Sep 17 00:00:00 2001
+From: James Prestwood <james.prestwood_at_linux.intel.com>
+Date: Thu, 4 Apr 2019 09:32:17 -0700
+Subject: [PATCH] unit: add check for SHA256/HMAC in SAE test
+
+---
+ unit/test-sae.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/unit/test-sae.c b/unit/test-sae.c
+index 3de7376..81220d9 100644
+--- a/unit/test-sae.c
++++ b/unit/test-sae.c
+_at_@ -550,6 +550,11 @@ int main(int argc, char *argv[])
+ 		goto done;
+ 	}
+ 
++	if (!l_checksum_is_supported(L_CHECKSUM_SHA256, true)) {
++		l_info("SHA256/HMAC_SHA256 not supported, skipping...");
++		goto done;
++	}
++
+ 	l_test_add("SAE commit timeout", test_commit_timeout, NULL);
+ 	l_test_add("SAE confirm timeout", test_confirm_timeout, NULL);
+ 	l_test_add("SAE anti-clogging", test_clogging, NULL);
+-- 
+2.21.0
+
-- 
2.20.1
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Thu Apr 04 2019 - 23:59:23 UTC