mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-15 09:19:57 +00:00
df6a33a8d4
Bump to latest Git and refresh all patches in order to get fix for "UPnP SUBSCRIBE misbehavior in hostapd WPS AP" (CVE-2020-12695). General security vulnerability in the way the callback URLs in the UPnP SUBSCRIBE command are used were reported (VU#339275, CVE-2020-12695). Some of the described issues may be applicable to the use of UPnP in WPS AP mode functionality for supporting external registrars. Ref: https://w1.fi/security/2020-1/ Signed-off-by: Petr Štetiar <ynezz@true.cz>
69 lines
2.2 KiB
Diff
69 lines
2.2 KiB
Diff
--- a/wpa_supplicant/config.c
|
|
+++ b/wpa_supplicant/config.c
|
|
@@ -2478,6 +2478,7 @@ static const struct parse_data ssid_fiel
|
|
#else /* CONFIG_MESH */
|
|
{ INT_RANGE(mode, 0, 4) },
|
|
#endif /* CONFIG_MESH */
|
|
+ { INT_RANGE(noscan, 0, 1) },
|
|
{ INT_RANGE(proactive_key_caching, 0, 1) },
|
|
{ INT_RANGE(disabled, 0, 2) },
|
|
{ STR(id_str) },
|
|
--- a/wpa_supplicant/config_file.c
|
|
+++ b/wpa_supplicant/config_file.c
|
|
@@ -866,6 +866,7 @@ static void wpa_config_write_network(FIL
|
|
#endif /* IEEE8021X_EAPOL */
|
|
INT(mode);
|
|
INT(no_auto_peer);
|
|
+ INT(noscan);
|
|
INT(mesh_fwding);
|
|
INT(frequency);
|
|
INT(enable_edmg);
|
|
--- a/wpa_supplicant/mesh.c
|
|
+++ b/wpa_supplicant/mesh.c
|
|
@@ -368,6 +368,8 @@ static int wpa_supplicant_mesh_init(stru
|
|
frequency);
|
|
goto out_free;
|
|
}
|
|
+ if (ssid->noscan)
|
|
+ conf->noscan = 1;
|
|
if (ssid->ht40)
|
|
conf->secondary_channel = ssid->ht40;
|
|
if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && ssid->vht) {
|
|
--- a/wpa_supplicant/wpa_supplicant.c
|
|
+++ b/wpa_supplicant/wpa_supplicant.c
|
|
@@ -2338,12 +2338,12 @@ void ibss_mesh_setup_freq(struct wpa_sup
|
|
int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
|
|
enum hostapd_hw_mode hw_mode;
|
|
struct hostapd_hw_modes *mode = NULL;
|
|
- int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
|
|
+ int ht40plus[] = { 1, 2, 3, 4, 5, 6, 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
|
|
184, 192 };
|
|
int vht80[] = { 36, 52, 100, 116, 132, 149 };
|
|
struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
|
|
u8 channel;
|
|
- int i, chan_idx, ht40 = -1, res, obss_scan = 1;
|
|
+ int i, chan_idx, ht40 = -1, res, obss_scan = !(ssid->noscan);
|
|
unsigned int j, k;
|
|
struct hostapd_freq_params vht_freq;
|
|
int chwidth, seg0, seg1;
|
|
@@ -2425,7 +2425,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
|
|
#endif /* CONFIG_HE_OVERRIDES */
|
|
|
|
/* Setup higher BW only for 5 GHz */
|
|
- if (mode->mode != HOSTAPD_MODE_IEEE80211A)
|
|
+ if (mode->mode != HOSTAPD_MODE_IEEE80211A && !(ssid->noscan))
|
|
return;
|
|
|
|
for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
|
|
--- a/wpa_supplicant/config_ssid.h
|
|
+++ b/wpa_supplicant/config_ssid.h
|
|
@@ -971,6 +971,8 @@ struct wpa_ssid {
|
|
*/
|
|
int no_auto_peer;
|
|
|
|
+ int noscan;
|
|
+
|
|
/**
|
|
* mesh_rssi_threshold - Set mesh parameter mesh_rssi_threshold (dBm)
|
|
*
|