Date: Tue, 17 Oct 2017 05:58:29 -0700 From: David Wolfskill <david@catwhisker.org> To: Cy Schubert <Cy.Schubert@komquats.com> Cc: current@freebsd.org Subject: Re: cve-2017-13077 - WPA2 security vulni Message-ID: <20171017125829.GA35718@albert.catwhisker.org> In-Reply-To: <201710170627.v9H6R0XC078179@slippy.cwsent.com> References: <franco@lastsummer.de> <FE754A9E-BE47-4843-AB3A-2619665F1657@lastsummer.de> <201710170627.v9H6R0XC078179@slippy.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--azLHFNyN32YCQGCU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 16, 2017 at 11:27:00PM -0700, Cy Schubert wrote: > In message <FE754A9E-BE47-4843-AB3A-2619665F1657@lastsummer.de>, Franco= =20 > Fichtne > r writes: > ... > > wpa_supplicant 2.6_2 > >=20 > > No apparent issues with the ports, preliminary connectivity > > checks work as expected. Started a public CFT over at OPNsense > > to gather more feedback. >=20 > Agreed. > .... First: Thank you for doing this, Cy. I am now (also) running wpa_supplicant-2.6_2 successfully on my laptop (when it's running stable/11). I did have one mild surprise: I had rebooted my laptop to verify that the ports version of wpa_supplicant would work, and as the screen went dark, I recalled that I had failed to copy /etc/wpa_supplicant.conf to /usr/local/etc -- but my concern proved to be unfounded: the wpa_supplicant.conf in /etc/ was used (successfully). Question: Should one expect a wpa_supplicant-2.6_2 executable built under FreeBSD stable/11 (amd64) to work on the same hardware, but running head? For reasons that are (at best) tangential to this topic, I track, build, and smoke-test both stable/11 and head daily, but only build the ports (daily) under (the just-built/booted) stable/11 -- depending on misc/compat11 to handle things as necessary for head. This works (well, IMO)... except that when I had configured my "head slice" to use the ports version of wpa_supplicant, the latter was apparently not happy: =2E.. Oct 17 11:06:13 localhost kernel: wlan0: Ethernet address: 00:24:d6:7a:03:ce Oct 17 11:06:13 localhost wpa_supplicant[1279]: Successfully initialized wp= a_supplicant Oct 17 11:06:14 localhost wpa_supplicant[1279]: ioctl[SIOCS80211, op=3D98, = arg_len=3D32]: Invalid argument Oct 17 11:06:14 localhost wpa_supplicant[1279]: failed to IEEE80211_IOC_DEV= CAPS: Invalid argument Oct 17 11:06:14 localhost wpa_supplicant[1279]: wlan0: Failed to initialize= driver interface Oct 17 11:06:14 localhost root: /etc/rc.d/wpa_supplicant: WARNING: failed t= o start wpa_supplicant =2E... The laptop spends the vast bulk of its time running stable/11, so the threat is somewhat mitigated.... Peace, david --=20 David H. Wolfskill david@catwhisker.org Unsubstantiated claims of "Fake News" are evidence that the claimant lies a= gain. See http://www.catwhisker.org/~david/publickey.gpg for my public key. --azLHFNyN32YCQGCU Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQF8BAEBCgBmBQJZ5f51XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRDQ0I3Q0VGOTE3QTgwMUY0MzA2NEQ3N0Ix NTM5Q0M0MEEwNDlFRTE3AAoJEBU5zECgSe4XNRoH/AxKFiZVa4VjdZGxr5yoQMTb otM1rqAEw63zQDV/KVibjT5y5RtCFsR4EIjq4rVU/6Z9Vl4JwXiScfE4+plw5vOk RXhtfShUbCMzaRSkN3EyWWtg9CVR0ysjXFDGsfnRJSwwwWtiOpa8EJ68V4THRyw/ KrQDGjhkNla6WjVI0EczmNQ/UF1SKprQ2eBqgeQ7LbeFMGTMtrYggN15h7QU+EpD 36Rp6vqsbAzeo8UZoTVHgRwFyYYBIA8bb3mTdH//ob856LFwN7lCU66oIYgr1Fq5 nuq3Lk6wjt6FzekjHRQUThKYjOIGV32Avx4uQtVP0b2DcTMKgbYm/o3aXmPuVq8= =5ujC -----END PGP SIGNATURE----- --azLHFNyN32YCQGCU--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171017125829.GA35718>