From patchwork Wed May 19 20:22:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergey Matyukevich X-Patchwork-Id: 1481259 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.138; helo=smtp1.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=gUr6YHwp; dkim-atps=neutral Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Flknr0xYJz9sRf for ; Thu, 20 May 2021 06:22:56 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 0CD4283CE6; Wed, 19 May 2021 20:22:54 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lQYV1N5TV63k; Wed, 19 May 2021 20:22:53 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp1.osuosl.org (Postfix) with ESMTP id 5B44583CCD; Wed, 19 May 2021 20:22:52 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 438FE1BF3E5 for ; Wed, 19 May 2021 20:22:51 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 3FB8583CCD for ; Wed, 19 May 2021 20:22:51 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A27B3D5U3Rs1 for ; Wed, 19 May 2021 20:22:49 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) by smtp1.osuosl.org (Postfix) with ESMTPS id 0424283CCA for ; Wed, 19 May 2021 20:22:48 +0000 (UTC) Received: by mail-lj1-x230.google.com with SMTP id c15so17057025ljr.7 for ; Wed, 19 May 2021 13:22:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=hoRrYy/d9+FAnZ65olKwdth16cNwnKCAF8crqjp65lI=; b=gUr6YHwpgLKF3rWmRdcBgdFS+jnzwyTRjU9+hpXEsbkPfsrFsEFRn+y43Iqarn/b0s p9zVg/B+9wyM6pOuRzzg6cf0fYCf98Qm7HsG9T8r2lr3h4Xyb3xgKjpuAAyFua4LQO5I f3RrQQkCbKY+q+Qlkx7ogYSMxKNgLCpFgTT12y+HGfQKr4lvIbaMxXwfSqwkSHgBcHTJ YOLreChB/CWk7rDz04R3gLQ0SuFcctVH2Rs1iRe8ATWM7X3qAx7gXpmzeDwbVyy+1yUw Qqg62sbrxQZlZGpCEAWir4UtslBZl/YlHHbgh1KxOQSVlxgtQTTZykNefRT2SrOGhO5P x7vA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=hoRrYy/d9+FAnZ65olKwdth16cNwnKCAF8crqjp65lI=; b=S+vZAUrIxrfVoyvI2LE+c8gKlvH5C16EoiAnfp3jkKyxaJmz1YR12WSRQTSJfgp3ET X/E4qa6FmtFmHePPaSWBZrC1Q0sAw43is50Z+xTm9vo/K+FdP9ctOp5XQVT8bg/8V6cl kxf5V2/OAeZAaKnz1ywJY7exPLAhW8glauacBCLTkSmEP5HtC8YHBzHp9ww1DF8+6KII 7sFXvzvWkDA87+IBWGsYpoiw5yDb4HphpHtE+GEl3O+hVan+9vlPm3ZGa6opUdyekZPU 9dW0enTHbRoXy/2rBLTb/BNiZXty0aCSo7wWyqsb/jP2jd1L8th1bWdSq4slDu9tNnIP tS3Q== X-Gm-Message-State: AOAM532a56wVRvlQIVPjnZjD4y2H7ksW3NuMdqoOhSABqYeITNOEknTb 1UFgR8TTk7BfnQWlh1dng4FVXc8yiFSl8g== X-Google-Smtp-Source: ABdhPJx/mqI5NAZaLiykhMXt8xHi0JcgEhQIxJ7T2tw1UC3IuYuOttiEtT99B3ky55/EkbN1hcd7iQ== X-Received: by 2002:a2e:8e26:: with SMTP id r6mr677153ljk.472.1621455766542; Wed, 19 May 2021 13:22:46 -0700 (PDT) Received: from localhost.localdomain ([5.188.167.245]) by smtp.googlemail.com with ESMTPSA id r10sm76120lfc.4.2021.05.19.13.22.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 19 May 2021 13:22:45 -0700 (PDT) From: Sergey Matyukevich To: buildroot@buildroot.org Date: Wed, 19 May 2021 23:22:38 +0300 Message-Id: <20210519202238.307416-1-geomatsi@gmail.com> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 Subject: [Buildroot] [PATCH 1/1] package/hostapd: fix build with CVE-2021-30004 changes X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Matt Weber , Sergey Matyukevich , Thomas Petazzoni Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Commit d65586f45a22 ("package/hostapd: add upstream patch to fix CVE-2021-30004") added security patch from hostapd upstream without required ASN.1 helpers. Add missing headers and helpers. Fixes: http://autobuild.buildroot.net/results/8f56cf556efbf447633ce873a21635f5adbc3cd2/ Signed-off-by: Sergey Matyukevich --- ...03-include-stdbool-to-allow-c99-bool.patch | 23 +++++++++++++++++++ package/hostapd/0004-add-asn1-helper.patch | 21 +++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 package/hostapd/0003-include-stdbool-to-allow-c99-bool.patch create mode 100644 package/hostapd/0004-add-asn1-helper.patch diff --git a/package/hostapd/0003-include-stdbool-to-allow-c99-bool.patch b/package/hostapd/0003-include-stdbool-to-allow-c99-bool.patch new file mode 100644 index 0000000000..618fa8f64c --- /dev/null +++ b/package/hostapd/0003-include-stdbool-to-allow-c99-bool.patch @@ -0,0 +1,23 @@ +commit 99cf89555313056d3a8fa54b21d02dc880b363e1 +Author: Jouni Malinen +Date: Mon Apr 20 20:29:31 2020 +0300 + +Include stdbool.h to allow C99 bool to be used + +We have practically started requiring some C99 features, so might as +well finally go ahead and bring in the C99 bool as well. + +Signed-off-by: Jouni Malinen + +diff --git a/src/utils/includes.h b/src/utils/includes.h +index 75513fc8c..741fc9c14 100644 +--- a/src/utils/includes.h ++++ b/src/utils/includes.h +@@ -18,6 +18,7 @@ + + #include + #include ++#include + #include + #include + #include diff --git a/package/hostapd/0004-add-asn1-helper.patch b/package/hostapd/0004-add-asn1-helper.patch new file mode 100644 index 0000000000..b97a55afef --- /dev/null +++ b/package/hostapd/0004-add-asn1-helper.patch @@ -0,0 +1,21 @@ +Fix hostapd build with backported security patches. + +Add required ASN.1 helper asn1_is_null. + +diff --git a/src/tls/asn1.h b/src/tls/asn1.h +index 6bd7df565..77b94ef34 100644 +--- a/src/tls/asn1.h ++++ b/src/tls/asn1.h +@@ -66,6 +66,12 @@ void asn1_oid_to_str(const struct asn1_oid *oid, char *buf, size_t len); + unsigned long asn1_bit_string_to_long(const u8 *buf, size_t len); + int asn1_oid_equal(const struct asn1_oid *a, const struct asn1_oid *b); + ++static inline bool asn1_is_null(const struct asn1_hdr *hdr) ++{ ++ return hdr->class == ASN1_CLASS_UNIVERSAL && ++ hdr->tag == ASN1_TAG_NULL; ++} ++ + extern struct asn1_oid asn1_sha1_oid; + extern struct asn1_oid asn1_sha256_oid; +