From owner-freebsd-current@freebsd.org Mon Oct 23 21:34:00 2017 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 23B3DE55B34; Mon, 23 Oct 2017 21:34:00 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-wm0-x243.google.com (mail-wm0-x243.google.com [IPv6:2a00:1450:400c:c09::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B0C33FB2; Mon, 23 Oct 2017 21:33:59 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: by mail-wm0-x243.google.com with SMTP id q124so12079004wmb.0; Mon, 23 Oct 2017 14:33:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ZiM2v4REt+JBmthIn9vxQ8WOSrp16Tt5+Iwt8Ls+4dk=; b=S006juA5V7bkRCHKIXnBInQCr7vAoePFkKNZlY7BuW8v2V2qZEe7Va7Z1WI5pVFOFK 6fpOEbKTrhTEf8tFcChU/+fZspnbvEuuhJe2K9OJCHzJCeS3X6uw4IFi3Z6ls1mGkb9d qPNXNTauzAK3IGRB159Ybn6AaY92vYhSB0YLQqhfdM3R74iPjFuFw9UperEFY+HHojph rKmMkdhH85YttCk2eJsFRzvEozT49lF0n90iQGJvRaVFLmUvorKM8Z1aEbNwPfYl3un5 t44B1ZPq3aPnVbS3Mszm+DGBiVDFESp1JcCaDzrA+XfRBG2458R8Y1Lz3PQzteBDd+mx RQqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ZiM2v4REt+JBmthIn9vxQ8WOSrp16Tt5+Iwt8Ls+4dk=; b=oQvCsZJP2x7R2q2dnp4zlsjWpwsUNEEyYQqBi1roNropX73ZOFctWqDjKl0oarzO8B ik/WL0yrLP84v8e6XsdnE/ZWxmVp/fbY6Z6FANs8TicuQE3Wna0AhkegZpN9x5DjEmrP 3dvRY5/xsDawYFtJSyP4yuNv99ldQ3JImElDrcmNck+7G4je+y/sKhFypjod7gaGip6w VdowSVibNsum8wFKfOwvulOKTWm61cN4SMAHP6oTcSrHvdZPXuvnQmYMeSZSIBHYMDXj I7Umvze87G7bAtlYnOaIMyWtsiWmLSSPquh6FdVhklLHC76ehs+MhcRZBCpELGnIsvA1 t8Ag== X-Gm-Message-State: AMCzsaUpdDWww5HivofAfZnCn2IauYZdUN7hWBOifBbtvq9PG8XGahbc VxsGZMtQ0cVbUvIvJkYbAF+tF0Yvyto0Yb3bwnoLgA== X-Google-Smtp-Source: ABhQp+SezJwvHD1QwzyBs4nbBwG3+GE5T74UAYsPBADovt5jZ9xBSy5I6v49SbTfWHPpGFuspmVrKWBL675ZetEX28Y= X-Received: by 10.28.31.76 with SMTP id f73mr6842378wmf.139.1508794438057; Mon, 23 Oct 2017 14:33:58 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.86.70 with HTTP; Mon, 23 Oct 2017 14:33:57 -0700 (PDT) In-Reply-To: <20171017183009.2099060F@spqr.komquats.com> References: <20171017183009.2099060F@spqr.komquats.com> From: Adrian Chadd Date: Mon, 23 Oct 2017 14:33:57 -0700 Message-ID: Subject: Re: cve-2017-13077 - WPA2 security vulni To: Cy Schubert Cc: "current@freebsd.org" , Allan Jude , "freebsd-current@freebsd.org" Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Oct 2017 21:34:00 -0000 [snip] yes you need to rebuild; the ioctl layout changed between -11 and -12 to account for the beginnings of 11ac. -adrian On 17 October 2017 at 11:30, Cy Schubert wrote: > I had no problems last night. It associated with one of my netgear APs. I used /etc/wpa_supplicant.conf. > > I am running head and all my ports are built on head (most poudeiere and a few by hand). > > --- > Sent using a tiny phone keyboard. Apologies for any typos and autocorrect. > > Cy Schubert > or > > -----Original Message----- > From: David Wolfskill > Sent: 17/10/2017 09:57 > To: Allan Jude > Cc: freebsd-current@freebsd.org > Subject: Re: cve-2017-13077 - WPA2 security vulni > > On Tue, Oct 17, 2017 at 12:51:23PM -0400, Allan Jude wrote: >> .... >> > Question: Should one expect a wpa_supplicant-2.6_2 executable built >> > under FreeBSD stable/11 (amd64) to work on the same hardware, but >> > running head? >> >> Did you run the version from ports, or did you run the base /etc/rc.d >> script with your rc.conf set to point to the ports binary? This will run >> the command with -c /etc/wpa_supplicant.conf overriding the ports default. >> >> So this is expected to work in this way. > > Ah. When I installed the port, I was reminded: > > | ... > | ===> Registering installation for wpa_supplicant-2.6_2 > | Installing wpa_supplicant-2.6_2... > | To use the ports version of WPA Supplicant instead of the base, add: > | > | wpa_supplicant_program="/usr/local/sbin/wpa_supplicant" > | > | to /etc/rc.conf > | > | ===> SECURITY REPORT: > | .... > > So I did that. I did not do anything to the existing > /etc/rc.d/wpa_supplicant, which had been installed as part of base > FreeBSD. > >> .... > > Peace, > david > -- > David H. Wolfskill david@catwhisker.org > Unsubstantiated claims of "Fake News" are evidence that the claimant lies again. > > See http://www.catwhisker.org/~david/publickey.gpg for my public key. > _______________________________________________ > freebsd-current@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"