add patch to fix missing include config.h in some .c files
add patches which fixes sae, sha256-hmac, eap-pwd
---
testing/iwd/APKBUILD | 14 +-
testing/iwd/add-missing.config.h.patch | 140 ++++++++++++++++++
.../iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch | 90 +++++++++++
testing/iwd/fix-sae-infinite-loop.patch | 56 +++++++
testing/iwd/fix-sae-sha256-hmac.patch | 28 ++++
5 files changed, 325 insertions(+), 3 deletions(-)
create mode 100644 testing/iwd/add-missing.config.h.patch
create mode 100644 testing/iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch
create mode 100644 testing/iwd/fix-sae-infinite-loop.patch
create mode 100644 testing/iwd/fix-sae-sha256-hmac.patch
diff --git a/testing/iwd/APKBUILD b/testing/iwd/APKBUILD
index df03bcc0ea..838ff89912 100644
--- a/testing/iwd/APKBUILD
+++ b/testing/iwd/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Milan P. Stanić <mps@arvanta.net>
# Maintainer: Milan P. Stanić <mps@arvanta.net>
pkgname=iwd
-pkgver=0.14
-pkgrel=3
+pkgver=0.16
+pkgrel=0
pkgdesc="Internet Wireless Daemon"
url="https://iwd.wiki.kernel.org/"
arch="all"
@@ -10,6 +10,10 @@ license="LGPL-2.1-or-later"
makedepends="ell-dev dbus-dev readline-dev linux-headers asciidoc"
subpackages="$pkgname-doc $pkgname-openrc"
source="https://mirrors.edge.kernel.org/pub/linux/network/wireless/$pkgname-${pkgver}.tar.gz
+ add-missing.config.h.patch
+ fix-sae-infinite-loop.patch
+ fix-sae-sha256-hmac.patch
+ fix-iwd-0.16-sae-eap-pwd-size_t.patch
dbus-netdev-group.patch
iwd.initd
"
@@ -46,6 +50,10 @@ package() {
"$pkgdir"/etc/init.d/$pkgname
}
-sha512sums="aa4586611d6c7298f9b00fe1de88b83157f037e76c7f01d8c3df8e21d7d6796ce3551be9764681a412bf147e741ff65469adaa6da4d96bdc4e2667059202b656 iwd-0.14.tar.gz
+sha512sums="97432f6957cdfbdee43325bfebe45bf02d0099a246e864ff1f073d135743618d4e048a9611a1525cc43034a81f8aa72eb2683c4e0e52ea430d4d211aee858b05 iwd-0.16.tar.gz
+56ee6e88d49f7a05184b4258f3775d95a9639e7851e633015fc5fddca34de3cdb1e486f403436e8b0c86e7e6f33ad8a81157c87ef6470ff22b9288d5bcb2409d add-missing.config.h.patch
+2651f17d0640e3ad2da69186aeb2d1554b596456b0ef62a1453859c65d58d64b5d85d3cce5bdb36031bf772d757fa58d6cda584275a5f1be1b4687efba9eec3f fix-sae-infinite-loop.patch
+b1c2c69c6db6a4a81ffeb7a0565585685c23b7a118b9919d5f0ed3a957771e9ca7effa9bd3675a65e66a382b3801523480854a5dfa686e9edb9a981b0ca5e283 fix-sae-sha256-hmac.patch
+e750ce07097db2611def3dddcc2eb093575dd82410bca4008da38ce9220cca859610a77a59da1685d65d72aaa4565f4f803c032e045a8c19fe9b2f49e8ea3bf5 fix-iwd-0.16-sae-eap-pwd-size_t.patch
7d3bc26b558ebfd22335b946f09abd5326e885275979c617af7def1468ade23ba7605f3b13aaf91836035c130aaec04be0ff2708a898f3ae835e0eef4e78fa0e dbus-netdev-group.patch
1a913fa19a76a18d92b8f44cb5b4b99a64b4e2f7d2b4a486bf1ba2f939aea7dcca772fca91483011ada58aaa3addc29c76ececd708b2187e57f72aa040ac77e6 iwd.initd"
diff --git a/testing/iwd/add-missing.config.h.patch b/testing/iwd/add-missing.config.h.patch
new file mode 100644
index 0000000000..b871acef57
--- /dev/null
+++ b/testing/iwd/add-missing.config.h.patch
@@ -0,0 +1,140 @@
+From 23041a44dd6c3fcaa18e5cb3f63140e3cb76d6b8 Mon Sep 17 00:00:00 2001
+From: Marcel Holtmann <marcel@holtmann.org>
+Date: Thu, 4 Apr 2019 14:02:38 +0200
+Subject: build: Add missing HAVE_CONFIG_H guards and include config.h
+
+---
+ plugins/ofono.c | 4 ++++
+ plugins/sim_hardcoded.c | 5 +++++
+ src/eap-mschapv2.c | 4 ++++
+ src/nl80211util.c | 4 ++++
+ src/plugin.c | 4 ++++
+ src/sae.c | 4 ++++
+ src/simauth.c | 4 ++++
+ src/simutil.c | 4 ++++
+ 8 files changed, 33 insertions(+)
+
+diff --git a/plugins/ofono.c b/plugins/ofono.c
+index 077045f..fc2561f 100644
+--- a/plugins/ofono.c
++++ b/plugins/ofono.c
+@@ -20,6 +20,10 @@
+ *
+ */
+
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <stdio.h>
+ #include <ctype.h>
+ #include <stdio.h>
+diff --git a/plugins/sim_hardcoded.c b/plugins/sim_hardcoded.c
+index b5ea6b0..6e87f34 100644
+--- a/plugins/sim_hardcoded.c
++++ b/plugins/sim_hardcoded.c
+@@ -19,6 +19,11 @@
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ */
++
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <errno.h>
+
+ #include <ell/ell.h>
+diff --git a/src/eap-mschapv2.c b/src/eap-mschapv2.c
+index 78404e2..e1f4ab5 100644
+--- a/src/eap-mschapv2.c
++++ b/src/eap-mschapv2.c
+@@ -20,6 +20,10 @@
+ *
+ */
+
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <ctype.h>
+ #include <stdio.h>
+ #include <errno.h>
+diff --git a/src/nl80211util.c b/src/nl80211util.c
+index 0d690e8..a9c3914 100644
+--- a/src/nl80211util.c
++++ b/src/nl80211util.c
+@@ -20,6 +20,10 @@
+ *
+ */
+
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <linux/if_ether.h>
+ #include <ell/ell.h>
+
+diff --git a/src/plugin.c b/src/plugin.c
+index 2d96f65..a62fb03 100644
+--- a/src/plugin.c
++++ b/src/plugin.c
+@@ -20,6 +20,10 @@
+ *
+ */
+
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <fnmatch.h>
+
+ #include <ell/ell.h>
+diff --git a/src/sae.c b/src/sae.c
+index 782a306..cab004b 100644
+--- a/src/sae.c
++++ b/src/sae.c
+@@ -20,6 +20,10 @@
+ *
+ */
+
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <ell/ell.h>
+
+ #include "src/util.h"
+diff --git a/src/simauth.c b/src/simauth.c
+index 5ed4dde..4244304 100644
+--- a/src/simauth.c
++++ b/src/simauth.c
+@@ -20,6 +20,10 @@
+ *
+ */
+
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <ctype.h>
+ #include <stdio.h>
+ #include <errno.h>
+diff --git a/src/simutil.c b/src/simutil.c
+index 8de0645..f0542c7 100644
+--- a/src/simutil.c
++++ b/src/simutil.c
+@@ -20,6 +20,10 @@
+ *
+ */
+
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
+ #include <ctype.h>
+ #include <stdio.h>
+ #include <errno.h>
+--
+cgit 1.2-0.3.lf.el7
+
diff --git a/testing/iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch b/testing/iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch
new file mode 100644
index 0000000000..925db40c68
--- /dev/null
+++ b/testing/iwd/fix-iwd-0.16-sae-eap-pwd-size_t.patch
@@ -0,0 +1,90 @@
+From b8dd39ded0fd62d38960a0ed08481838d58af74f Mon Sep 17 00:00:00 2001
+From: Denis Kenzior <denkenz@gmail.com>
+Date: Thu, 4 Apr 2019 13:37:01 -0500
+Subject: [PATCH 1/2] sae: Fix argument type passed via va_args
+
+The function expects a size_t argument, but on some ARM systems this was
+getting confused and failing.
+---
+ src/sae.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/sae.c b/src/sae.c
+index b0ebe8e..32a1ca8 100644
+--- a/src/sae.c
++++ b/src/sae.c
+@@ -91,7 +91,7 @@ static bool sae_pwd_seed(const uint8_t *addr1, const uint8_t *addr2,
+ }
+
+ return hkdf_extract(L_CHECKSUM_SHA256, key, 12, 2, out, base, base_len,
+- &counter, 1);
++ &counter, (size_t) 1);
+ }
+
+ static struct l_ecc_scalar *sae_pwd_value(const struct l_ecc_curve *curve,
+--
+2.21.0
+
+
+From bde01b1826c42dea1b55b047435903fcc16a3d71 Mon Sep 17 00:00:00 2001
+From: James Prestwood <james.prestwood@linux.intel.com>
+Date: Thu, 4 Apr 2019 11:47:25 -0700
+Subject: [PATCH 2/2] eap-pwd: update hkdf_extract usage to cast constants
+
+On some architectures, va_arg was behaving strangely with constant values
+passed as lengths. Casting any constant lengths to size_t fixes the issue.
+---
+ src/eap-pwd.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/src/eap-pwd.c b/src/eap-pwd.c
+index c4808c5..56d0980 100644
+--- a/src/eap-pwd.c
++++ b/src/eap-pwd.c
+@@ -307,7 +307,7 @@ static void eap_pwd_handle_id(struct eap_state *eap,
+ hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 5, pwd_seed, &token, 4,
+ pwd->identity, strlen(pwd->identity), pkt + 9,
+ len - 9, pwd->password, strlen(pwd->password),
+- &counter, 1);
++ &counter, (size_t) 1);
+
+ /*
+ * pwd-value = KDF(pwd-seed, "EAP-pwd Hunting And Pecking",
+@@ -509,12 +509,13 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
+ */
+ hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 6, confirm_p, kpx, clen,
+ element_p, plen, scalar_p, clen, element_s,
+- plen, scalar_s, clen, &pwd->ciphersuite, 4);
++ plen, scalar_s, clen, &pwd->ciphersuite,
++ (size_t) 4);
+
+ hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 6, expected_confirm_s, kpx,
+ clen, element_s, plen, scalar_s, clen,
+ element_p, plen, scalar_p, clen,
+- &pwd->ciphersuite, 4);
++ &pwd->ciphersuite, (size_t) 4);
+
+ if (memcmp(confirm_s, expected_confirm_s, 32)) {
+ l_error("Confirm_S did not verify");
+@@ -528,7 +529,7 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
+
+ /* derive MK = H(kp | Confirm_P | Confirm_S ) */
+ hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 3, mk, kpx, clen, confirm_p,
+- 32, confirm_s, 32);
++ (size_t) 32, confirm_s, (size_t) 32);
+
+ eap_pwd_send_response(eap, resp, pos - resp);
+
+@@ -536,7 +537,8 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
+
+ session_id[0] = 52;
+ hkdf_extract(L_CHECKSUM_SHA256, NULL, 0, 3, session_id + 1,
+- &pwd->ciphersuite, 4, scalar_p, clen, scalar_s, clen);
++ &pwd->ciphersuite, (size_t) 4, scalar_p, clen,
++ scalar_s, clen);
+
+ kdf(mk, 32, (const char *) session_id, 33, msk_emsk, 128);
+ eap_set_key_material(eap, msk_emsk, 64, msk_emsk + 64, 64, NULL, 0);
+--
+2.21.0
+
diff --git a/testing/iwd/fix-sae-infinite-loop.patch b/testing/iwd/fix-sae-infinite-loop.patch
new file mode 100644
index 0000000000..f3e8a8fcc8
--- /dev/null
+++ b/testing/iwd/fix-sae-infinite-loop.patch
@@ -0,0 +1,56 @@
+From c985da04caca9cc9f1472718df756c9b73fb6af4 Mon Sep 17 00:00:00 2001
+From: James Prestwood <james.prestwood@linux.intel.com>
+Date: Thu, 4 Apr 2019 09:03:16 -0700
+Subject: [PATCH] sae: fix potential infinite loop
+
+It was assumed that the hunt-and-peck loop was guarenteed to find
+a PWE. This was incorrect in terms of kernel support. If a system
+does not have support for AF_ALG or runs out of file descriptors
+the KDFs may fail. The loop continued to run if found == false,
+which is also incorrect because we want to stop after 20 iterations
+regarless of success.
+
+This changes the loop to a for loop so it will always exit after
+the set number of iterations.
+---
+ src/sae.c | 10 +++-------
+ 1 file changed, 3 insertions(+), 7 deletions(-)
+
+diff --git a/src/sae.c b/src/sae.c
+index cab004b..b0ebe8e 100644
+--- a/src/sae.c
++++ b/src/sae.c
+@@ -251,8 +251,7 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
+ const uint8_t *addr1, const uint8_t *addr2)
+ {
+ bool found = false;
+- uint8_t counter = 1;
+- uint8_t k = 20;
++ uint8_t counter;
+ uint8_t pwd_seed[32];
+ struct l_ecc_scalar *pwd_value;
+ uint8_t random[32];
+@@ -267,7 +266,7 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
+ qr = sae_new_residue(sm->curve, true);
+ qnr = sae_new_residue(sm->curve, false);
+
+- do {
++ for (counter = 1; counter <= 20; counter++) {
+ /* pwd-seed = H(max(addr1, addr2) || min(addr1, addr2),
+ * base || counter)
+ * pwd-value = KDF-256(pwd-seed, "SAE Hunting and Pecking", p)
+@@ -291,10 +290,7 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
+ }
+
+ l_ecc_scalar_free(pwd_value);
+-
+- counter++;
+-
+- } while ((counter <= k) || (found == false));
++ }
+
+ l_ecc_scalar_free(qr);
+ l_ecc_scalar_free(qnr);
+--
+2.21.0
+
diff --git a/testing/iwd/fix-sae-sha256-hmac.patch b/testing/iwd/fix-sae-sha256-hmac.patch
new file mode 100644
index 0000000000..190e3fd422
--- /dev/null
+++ b/testing/iwd/fix-sae-sha256-hmac.patch
@@ -0,0 +1,28 @@
+From 5338904824638124d78acf1efae0b046d3d6735b Mon Sep 17 00:00:00 2001
+From: James Prestwood <james.prestwood@linux.intel.com>
+Date: Thu, 4 Apr 2019 09:32:17 -0700
+Subject: [PATCH] unit: add check for SHA256/HMAC in SAE test
+
+---
+ unit/test-sae.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/unit/test-sae.c b/unit/test-sae.c
+index 3de7376..81220d9 100644
+--- a/unit/test-sae.c
++++ b/unit/test-sae.c
+@@ -550,6 +550,11 @@ int main(int argc, char *argv[])
+ goto done;
+ }
+
++ if (!l_checksum_is_supported(L_CHECKSUM_SHA256, true)) {
++ l_info("SHA256/HMAC_SHA256 not supported, skipping...");
++ goto done;
++ }
++
+ l_test_add("SAE commit timeout", test_commit_timeout, NULL);
+ l_test_add("SAE confirm timeout", test_confirm_timeout, NULL);
+ l_test_add("SAE anti-clogging", test_clogging, NULL);
+--
+2.21.0
+
--
2.20.1
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---