Opened 7 years ago

Closed 6 years ago

#13741 closed bug (fixed)

Ensure our wpa_supplicant is patched for KRACK

Reported by: kallisti5 Owned by: waddlesplash
Priority: high Milestone: R1/beta1
Component: Network & Internet/Wireless Version: R1/Development
Keywords: security krack wpa_supplicant Cc:
Blocked By: Blocking:
Platform: All

Description

Change History (9)

comment:2 by kallisti5, 7 years ago

A port we have heavily customized with a UI :-) Not sure our patches will apply cleanly to the latest wpa_supplicant... might need to backport the KRACK patch to our older version.

comment:3 by kallisti5, 7 years ago

I sent an email to the wpa_supplication project via their ML to see if they would be interested in accepting some of these changes upstream. Our wpa_supplicant is 2.0 which is pretty old.

comment:4 by scottmc, 7 years ago

the patch still references boot/common, so probably needs to be more fully reviewed before trying to upstream it.

+CFLAGS += -I/boot/common/include +LIBS += -L/boot/common/lib

comment:5 by mmlr, 7 years ago

Please note that two years ago I attempted to update wpa_supplicant to version 2.4. This can be found at my github account:

https://github.com/mmlr/wpa_supplicant-haiku

I do not remember if this produced a stable package or would have required more effort. I guess since it never made it to HaikuPorts there probably were issues.

comment:6 by pulkomandy, 7 years ago

In https://github.com/pulkomandy/wpa_supplicant-haiku/commits/master I got mmlr work up to date with wpa_supplicant 2.5. This is what is now shipped with Haiku and seems to be working.

wpa_supplicant 2.6 changed some internal APIs (actually making them closer to what we do for Haiku, so it should simplify our code). So some of our patches needs to be adjusted.

Note that even 2.6 isn't patched for KRACK, so we would need to cherry pick more changes from upstream trunk, or wait for a 2.7 release.

comment:8 by waddlesplash, 6 years ago

Owner: changed from mmlr to waddlesplash
Status: newin-progress

comment:9 by waddlesplash, 6 years ago

Resolution: fixed
Status: in-progressclosed

wpa_supplicant 2.7~devel is now in the package repositories (though the DNS hasn't been switched off of vmpkg yet, so it won't appear till kallisti5 changes that.)

Note: See TracTickets for help on using tickets.