1 files changed, 0 insertions, 96 deletions

diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple4.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple4.patch
deleted file mode 100644
index 6c1948696e..0000000000
--- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple4.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-The WPA2 four-way handshake protocol is vulnerable to replay attacks which can
-result in unauthenticated clients gaining access to the network.
-
-Backport a number of patches from upstream to fix this.
-
-CVE: CVE-2017-13077
-CVE: CVE-2017-13078
-CVE: CVE-2017-13079
-CVE: CVE-2017-13080
-CVE: CVE-2017-13081
-CVE: CVE-2017-13082
-CVE: CVE-2017-13086
-CVE: CVE-2017-13087
-CVE: CVE-2017-13088
-
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 8f82bc94e8697a9d47fa8774dfdaaede1084912c Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
-Date: Fri, 29 Sep 2017 04:22:51 +0200
-Subject: [PATCH 4/8] Prevent installation of an all-zero TK
-
-Properly track whether a PTK has already been installed to the driver
-and the TK part cleared from memory. This prevents an attacker from
-trying to trick the client into installing an all-zero TK.
-
-This fixes the earlier fix in commit
-ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the
-driver in EAPOL-Key 3/4 retry case') which did not take into account
-possibility of an extra message 1/4 showing up between retries of
-message 3/4.
-
-Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
----
- src/common/wpa_common.h | 1 +
- src/rsn_supp/wpa.c      | 5 ++---
- src/rsn_supp/wpa_i.h    | 1 -
- 3 files changed, 3 insertions(+), 4 deletions(-)
-
-diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
-index d200285..1021ccb 100644
---- a/src/common/wpa_common.h
-+++ b/src/common/wpa_common.h
-@@ -215,6 +215,7 @@ struct wpa_ptk {
- 	size_t kck_len;
- 	size_t kek_len;
- 	size_t tk_len;
-+	int installed; /* 1 if key has already been installed to driver */
- };
- 
- struct wpa_gtk {
-diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
-index 7a2c68d..0550a41 100644
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -510,7 +510,6 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm,
- 		os_memset(buf, 0, sizeof(buf));
- 	}
- 	sm->tptk_set = 1;
--	sm->tk_to_set = 1;
- 
- 	kde = sm->assoc_wpa_ie;
- 	kde_len = sm->assoc_wpa_ie_len;
-@@ -615,7 +614,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
- 	enum wpa_alg alg;
- 	const u8 *key_rsc;
- 
--	if (!sm->tk_to_set) {
-+	if (sm->ptk.installed) {
- 		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
- 			"WPA: Do not re-install same PTK to the driver");
- 		return 0;
-@@ -659,7 +658,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
- 
- 	/* TK is not needed anymore in supplicant */
- 	os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
--	sm->tk_to_set = 0;
-+	sm->ptk.installed = 1;
- 
- 	if (sm->wpa_ptk_rekey) {
- 		eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
-diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
-index 9a54631..41f371f 100644
---- a/src/rsn_supp/wpa_i.h
-+++ b/src/rsn_supp/wpa_i.h
-@@ -24,7 +24,6 @@ struct wpa_sm {
- 	struct wpa_ptk ptk, tptk;
- 	int ptk_set, tptk_set;
- 	unsigned int msg_3_of_4_ok:1;
--	unsigned int tk_to_set:1;
- 	u8 snonce[WPA_NONCE_LEN];
- 	u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
- 	int renew_snonce;
--- 
-2.7.4
\ No newline at end of file