From nobody Tue Sep 12 05:53:12 2023 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RlCRr4jZBz4sYTl; Tue, 12 Sep 2023 05:53:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RlCRr3wTKz3dky; Tue, 12 Sep 2023 05:53:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694497992; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rkacXuQAzwgNhjfPEpP/od9kV1tmdOYNLLSH9ljlvmU=; b=j4CZVvfwWXCcV79HeDuE9oo+CPz4IXCn7FM3835adKaOYnTDdgZK8wmyCOSI6iPjjAkmSZ SZkhChvHmw7v+amp21252RwMEUd0/1icu03M5bQv3eMk1Me9QFdcFtjKL3pJlpmSqaG/as WG/y8Zvi9k0eWUVKQrzyzAXy0mN/991TjNIkOth8WUygTRPcBoVFYCMPM1BhEc81HDqcPO 3FhDGDejAmLEEqZfUnWsNM/z0fJaRYFqM3aGIUk1UjbDGKnltxLm2ftmsz4ouJi9UF5FcL Y0/WgSpg5/qhBJaSNp8kIHNjPtinxTkqp0B4UDitt2Uee0lAaZ4PQZV9eMUUAw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694497992; a=rsa-sha256; cv=none; b=gG2DHZCh+B46xyRvPahesnXF81vtDv1p/nhIQrzMrdquiOrw70dwsoPv6fiO8FrRaxvln7 t5WP3zZC3XGlpzkfaLJceDSBr/dzvjN8Gg+ae0+tIxjklrVKUWIL/um4LujgWQKJNvPcos ojpN3lIzsNW9Yi0b9ucyuoukV5h73uD4GYyrr5tHSxY0fbO35PxzOvArWYyd6mk2Tg6gqD kwsz5fSMqdB02b1av2x4Sy92wX6uJIuxw9+73FTN5Wk3HBdqu67IATZWFTTdZ5YvC+NzTE dbKyhxMf1IoUMOipwLU9Q0M4hRNaLODqFM5RMXGV9wyA/Mq3dYhUF6aREExWCw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694497992; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rkacXuQAzwgNhjfPEpP/od9kV1tmdOYNLLSH9ljlvmU=; b=lo20XIMRph4c1b3Uc4KR+d8T3fMl6UfhgKh+tppQmkxdr7gRfmb7lEu2c3tRf28iP+EZ8w pBO9K+UdCYWX7zxtktM7VmkA8747ahXgUMnh/21df/V00c3FDVxq0+FjmeDP2M2XwI06Xf ExsTQ12/+Tq6ycWxbOgsOoM1jiZzjc7rB/H7MHm92zujcQ5BzZR8ehoqK0qPSMza/DGydK BZbxcqW64jTujeqSEg5HTxuxhu39TLHC2WQRqsa0rR68qO3mLJAZuGQhworH9YwQkFL4Ze PANErrLgKLpZlOfF7osrMbDIdAvyNYOJ9RK+Z2AsdBk7Jiq1UTzRYa9TF3lMdw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RlCRr2zlcz5SK; Tue, 12 Sep 2023 05:53:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 38C5rCtg086922; Tue, 12 Sep 2023 05:53:12 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 38C5rCLn086919; Tue, 12 Sep 2023 05:53:12 GMT (envelope-from git) Date: Tue, 12 Sep 2023 05:53:12 GMT Message-Id: <202309120553.38C5rCLn086919@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Cy Schubert Subject: git: 3a88706af1e8 - main - security/wpa_supplicant: wpa: Enable receiving priority tagged (VID 0) frames List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 3a88706af1e87ff0bd2857398137194da462c85c Auto-Submitted: auto-generated The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=3a88706af1e87ff0bd2857398137194da462c85c commit 3a88706af1e87ff0bd2857398137194da462c85c Author: R. Christian McDonald AuthorDate: 2023-09-12 05:24:29 +0000 Commit: Cy Schubert CommitDate: 2023-09-12 05:51:23 +0000 security/wpa_supplicant: wpa: Enable receiving priority tagged (VID 0) frames Certain internet service providers transmit vlan 0 priority tagged EAPOL frames from the ONT towards the residential gateway. VID 0 should be ignored, and the frame processed according to the priority set in the 802.1P bits and the encapsulated EtherType (i.e. EAPOL). The pcap filter utilized by l2_packet is inadquate for this use case. Here we modify the pcap filter to accept both unencapsulated and encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the original filter behavior while also matching on encapsulated EAPOL. Sponsored by: Rubicon Communications, LLC ("Netgate") Reviewed by: cy Obtained from: src bb5d6d14d81b PR: 273696 MFH: 2023Q3 --- security/wpa_supplicant/Makefile | 2 +- .../patch-src_l2__packet_l2__packet__freebsd.c | 30 ++++++++++++++++++++-- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/security/wpa_supplicant/Makefile b/security/wpa_supplicant/Makefile index 4c39d4748128..917544b9cf72 100644 --- a/security/wpa_supplicant/Makefile +++ b/security/wpa_supplicant/Makefile @@ -1,6 +1,6 @@ PORTNAME= wpa_supplicant PORTVERSION= 2.10 -PORTREVISION= 8 +PORTREVISION= 9 CATEGORIES= security net MASTER_SITES= https://w1.fi/releases/ diff --git a/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c b/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c index 19f47461772f..1575ae69bd85 100644 --- a/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c +++ b/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c @@ -1,5 +1,5 @@ --- src/l2_packet/l2_packet_freebsd.c.orig 2022-01-16 12:51:29.000000000 -0800 -+++ src/l2_packet/l2_packet_freebsd.c 2023-09-10 23:29:49.674128000 -0700 ++++ src/l2_packet/l2_packet_freebsd.c 2023-09-11 22:19:01.713695000 -0700 @@ -8,7 +8,8 @@ */ @@ -10,7 +10,15 @@ #include #endif /* __APPLE__ */ #include -@@ -76,24 +77,28 @@ +@@ -20,6 +21,7 @@ + #include + #endif /* __sun__ */ + ++#include + #include + #include + #include +@@ -76,24 +78,33 @@ { struct l2_packet_data *l2 = eloop_ctx; pcap_t *pcap = sock_ctx; @@ -41,6 +49,24 @@ buf = (unsigned char *) (ethhdr + 1); - len = hdr.caplen - sizeof(*ethhdr); + len = hdr->caplen - sizeof(*ethhdr); ++ /* handle 8021Q encapsulated frames */ ++ if (ethhdr->h_proto == htons(ETH_P_8021Q)) { ++ buf += ETHER_VLAN_ENCAP_LEN; ++ len -= ETHER_VLAN_ENCAP_LEN; ++ } } l2->rx_callback(l2->rx_callback_ctx, ethhdr->h_source, buf, len); } +@@ -122,10 +133,10 @@ + os_snprintf(pcap_filter, sizeof(pcap_filter), + "not ether src " MACSTR " and " + "( ether dst " MACSTR " or ether dst " MACSTR " ) and " +- "ether proto 0x%x", ++ "( ether proto 0x%x or ( vlan 0 and ether proto 0x%x ) )", + MAC2STR(l2->own_addr), /* do not receive own packets */ + MAC2STR(l2->own_addr), MAC2STR(pae_group_addr), +- protocol); ++ protocol, protocol); + if (pcap_compile(l2->pcap, &pcap_fp, pcap_filter, 1, pcap_netp) < 0) { + fprintf(stderr, "pcap_compile: %s\n", pcap_geterr(l2->pcap)); + return -1;