From patchwork Tue Oct 2 17:40:52 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gustavo Zacarias X-Patchwork-Id: 188590 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from hemlock.osuosl.org (hemlock.osuosl.org [140.211.166.133]) by ozlabs.org (Postfix) with ESMTP id 9C8DA2C00A8 for ; Wed, 3 Oct 2012 03:41:36 +1000 (EST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id EC8CBA03A0; Tue, 2 Oct 2012 17:41:33 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l3RBuDI2kc89; Tue, 2 Oct 2012 17:41:30 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id 2504BA02D2; Tue, 2 Oct 2012 17:41:30 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (whitealder.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 1E4158F74A for ; Tue, 2 Oct 2012 17:41:30 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id CB1738081D for ; Tue, 2 Oct 2012 17:41:27 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M7Rw1JRkvCgy for ; Tue, 2 Oct 2012 17:41:25 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from loknar.toptech.com.ar (loknar.toptech.com.ar [85.10.205.246]) by whitealder.osuosl.org (Postfix) with ESMTPS id 8F8518A1EE for ; Tue, 2 Oct 2012 17:41:25 +0000 (UTC) Received: from asgard (host176.186-109-28.telecom.net.ar [186.109.28.176]) (authenticated bits=0) by loknar.toptech.com.ar (8.14.5/8.14.5) with ESMTP id q92HfI5c000419 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 2 Oct 2012 17:41:21 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=zacarias.com.ar; s=dkey; t=1349199683; bh=vahPctQVNsmhkqNfjLlSO8UraiCxiwjAI8bJBnL/WZc=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=SSdDyjBLTc/slMTOFu0VowFIFbML60d3eCO91kyO964jMH2Ez6s3ufmaUQmfGuw0G SgIArm25THMxGA4of6EHlizNwPFRwvnxFU35EMEMOi4+nZJQTKw7YkPbdxG0D5CoKP qTmdBLE4Ft21Kcca8itZYfZg0+0GjjRlFqYTTJWI= Received: by asgard (sSMTP sendmail emulation); Tue, 02 Oct 2012 14:41:18 -0300 From: Gustavo Zacarias To: buildroot@busybox.net Date: Tue, 2 Oct 2012 14:40:52 -0300 Message-Id: <1349199652-12928-5-git-send-email-gustavo@zacarias.com.ar> X-Mailer: git-send-email 1.7.8.6 In-Reply-To: <1349199652-12928-1-git-send-email-gustavo@zacarias.com.ar> References: <1349199652-12928-1-git-send-email-gustavo@zacarias.com.ar> X-Virus-Scanned: clamav-milter 0.97.5 at loknar X-Virus-Status: Clean Subject: [Buildroot] [PATCH 5/5] wpa_supplicant: add openssl 1.0.1 patch X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: buildroot-bounces@busybox.net Signed-off-by: Gustavo Zacarias --- .../wpa_supplicant-openssl-1.0.1.patch | 54 ++++++++++++++++++++ 1 files changed, 54 insertions(+), 0 deletions(-) create mode 100644 package/wpa_supplicant/wpa_supplicant-openssl-1.0.1.patch diff --git a/package/wpa_supplicant/wpa_supplicant-openssl-1.0.1.patch b/package/wpa_supplicant/wpa_supplicant-openssl-1.0.1.patch new file mode 100644 index 0000000..2e110f4 --- /dev/null +++ b/package/wpa_supplicant/wpa_supplicant-openssl-1.0.1.patch @@ -0,0 +1,54 @@ +From e6e243d97795306aeb604948e7101f9f14e8b8ca Mon Sep 17 00:00:00 2001 +From: Jouni Malinen +Date: Fri, 17 Aug 2012 23:55:14 +0300 +Subject: [PATCH] Fix EAP-FAST with OpenSSL 1.0.1 + +The mechanism to figure out key block size based on ssl->read_hash +does not seem to work with OpenSSL 1.0.1, so add an alternative +mechanism to figure out the NAC key size that seems to work at +least with the current OpenSSL 1.0.1 releases. + +Signed-hostap: Jouni Malinen +intended-for: hostap-1 +(cherry picked from commit 7f996409e7e5aa0bb066257906e87ab3294d4fd0) +--- + src/crypto/tls_openssl.c | 14 +++++++++++++- + 1 files changed, 13 insertions(+), 1 deletions(-) + +diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c +index 6380ce0..c4a76be 100644 +--- a/src/crypto/tls_openssl.c ++++ b/src/crypto/tls_openssl.c +@@ -2785,6 +2785,7 @@ int tls_connection_get_keyblock_size(void *tls_ctx, + { + const EVP_CIPHER *c; + const EVP_MD *h; ++ int md_size; + + if (conn == NULL || conn->ssl == NULL || + conn->ssl->enc_read_ctx == NULL || +@@ -2798,9 +2799,20 @@ int tls_connection_get_keyblock_size(void *tls_ctx, + #else + h = conn->ssl->read_hash; + #endif ++ if (h) ++ md_size = EVP_MD_size(h); ++#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++ else if (conn->ssl->s3) ++ md_size = conn->ssl->s3->tmp.new_mac_secret_size; ++#endif ++ else ++ return -1; + ++ wpa_printf(MSG_DEBUG, "OpenSSL: keyblock size: key_len=%d MD_size=%d " ++ "IV_len=%d", EVP_CIPHER_key_length(c), md_size, ++ EVP_CIPHER_iv_length(c)); + return 2 * (EVP_CIPHER_key_length(c) + +- EVP_MD_size(h) + ++ md_size + + EVP_CIPHER_iv_length(c)); + } + +-- +1.7.4-rc1 +