wpa_supplicant: version bump 2.4 -> 2.5

Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>

4 files changed, 14 insertions, 44 deletions

diff --git a/patches/wpa_supplicant-2.4/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch b/patches/wpa_supplicant-2.4/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch
deleted file mode 100644
index d7a80d890..000000000
--- a/patches/wpa_supplicant-2.4/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From: Jouni Malinen <jouni@qca.qualcomm.com>
-Date: Tue, 7 Apr 2015 11:32:11 +0300
-Subject: [PATCH] P2P: Validate SSID element length before copying it
- (CVE-2015-1863)
-
-This fixes a possible memcpy overflow for P2P dev->oper_ssid in
-p2p_add_device(). The length provided by the peer device (0..255 bytes)
-was used without proper bounds checking and that could have resulted in
-arbitrary data of up to 223 bytes being written beyond the end of the
-dev->oper_ssid[] array (of which about 150 bytes would be beyond the
-heap allocation) when processing a corrupted management frame for P2P
-peer discovery purposes.
-
-This could result in corrupted state in heap, unexpected program
-behavior due to corrupted P2P peer device information, denial of service
-due to process crash, exposure of memory contents during GO Negotiation,
-and potentially arbitrary code execution.
-
-Thanks to Google security team for reporting this issue and smart
-hardware research group of Alibaba security team for discovering it.
-
-Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
----
- src/p2p/p2p.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
-index 6adb3dc2049f..5de320eaad24 100644
---- a/src/p2p/p2p.c
-+++ b/src/p2p/p2p.c
-@@ -778,6 +778,7 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq,
- 	if (os_memcmp(addr, p2p_dev_addr, ETH_ALEN) != 0)
- 		os_memcpy(dev->interface_addr, addr, ETH_ALEN);
- 	if (msg.ssid &&
-+	    msg.ssid[1] <= sizeof(dev->oper_ssid) &&
- 	    (msg.ssid[1] != P2P_WILDCARD_SSID_LEN ||
- 	     os_memcmp(msg.ssid + 2, P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN)
- 	     != 0)) {
diff --git a/patches/wpa_supplicant-2.4/series b/patches/wpa_supplicant-2.4/series
deleted file mode 100644
index e6842051f..000000000
--- a/patches/wpa_supplicant-2.4/series
+++ /dev/null
@@ -1,4 +0,0 @@
-# generated by git-ptx-patches
-#tag:base --start-number 1
-0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch
-# 350afff2fed554f403cf9fd3ebf06e20  - git-ptx-patches magic
diff --git a/rules/wpa_supplicant.in b/rules/wpa_supplicant.in
index 783fa90ce..08e47932f 100644
--- a/rules/wpa_supplicant.in
+++ b/rules/wpa_supplicant.in
@@ -17,4 +17,11 @@ config WPA_SUPPLICANT_CTRL_IFACE_DBUS
 	help
 	  Add support for (old and new) DBus control interface
 
+config WPA_SUPPLICANT_PASSPHRASE
+	bool
+	prompt "installl wpa_passphrase"
+	help
+	  Install wpa_passphrase tool (Generate a WPA PSK from an ASCII
+	  passphrase for a SSID)
+
 endif
diff --git a/rules/wpa_supplicant.make b/rules/wpa_supplicant.make
index 6d5266953..2226d28ee 100644
--- a/rules/wpa_supplicant.make
+++ b/rules/wpa_supplicant.make
@@ -17,8 +17,8 @@ PACKAGES-$(PTXCONF_WPA_SUPPLICANT) += wpa_supplicant
 # Paths and names
 #
 WPA_SUPPLICANT_NAME	:= wpa_supplicant
-WPA_SUPPLICANT_VERSION	:= 2.4
-WPA_SUPPLICANT_MD5	:= f0037dbe03897dcaf2ad2722e659095d
+WPA_SUPPLICANT_VERSION	:= 2.5
+WPA_SUPPLICANT_MD5	:= 96ff75c3a514f1f324560a2376f13110
 WPA_SUPPLICANT		:= $(WPA_SUPPLICANT_NAME)-$(WPA_SUPPLICANT_VERSION)
 WPA_SUPPLICANT_SUFFIX	:= tar.gz
 WPA_SUPPLICANT_URL	:= http://hostap.epitest.fi/releases/$(WPA_SUPPLICANT).$(WPA_SUPPLICANT_SUFFIX)
@@ -100,6 +100,11 @@ $(STATEDIR)/wpa_supplicant.targetinstall:
 	@$(call install_copy, wpa_supplicant, 0, 0, 0755, -, \
 		/sbin/wpa_supplicant)
 
+ifdef PTXCONF_WPA_SUPPLICANT_PASSPHRASE
+	@$(call install_copy, wpa_supplicant, 0, 0, 0755, -, \
+		/sbin/wpa_passphrase)
+endif
+
 ifdef PTXCONF_WPA_SUPPLICANT_INSTALL_CLI
 	@$(call install_copy, wpa_supplicant, 0, 0, 0755, -, /sbin/wpa_cli)
 endif