hostapd: Avoid key reinstallation in FT handshake
Prevent reinstallation of an already in-use group key
Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
Fix TK configuration to the driver in EAPOL-Key 3/4 retry case
Prevent installation of an all-zero TK
Fix PTK rekeying to generate a new ANonce
TDLS: Reject TPK-TK reconfiguration
WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
WNM: Ignore WNM-Sleep Mode Response without pending request
FT: Do not allow multiple Reassociation Response frames
TDLS: Ignore incoming TDLS Setup Response retries
Submitted by: jhb
Obtained from: https://w1.fi/security/2017-01/ (against later version)
Security: FreeBSD-SA-17:07
Security: CERT VU#228519
Security: CVE-2017-13077
Security: CVE-2017-13078
Security: CVE-2017-13079
Security: CVE-2017-13080
Security: CVE-2017-13081
Security: CVE-2017-13082
Security: CVE-2017-13086
Security: CVE-2017-13087
Security: CVE-2017-13088
Differential Revision: https://reviews.freebsd.org/D12693
The following files are now provided by Newlib:
* arpa/inet.h
* net/if.h
* netinet/in.h
* netinet/tcp.h
* sys/socket.h
* sys/uio.h
* sys/un.h
The <sys/param.h> and <sys/cpuset.h> are now compatible enough to be
used directly.
Update #2833.
Some of the commands have been adapted manually. So the wrapper
currently don't necessarily work as expected. For example ifconfig calls
malloc outside of the program call.
Implement the PCAP loop in a separate thread and block the shell
thread in the stdin getchar. When a user presses enter/return
call the PCAP break loop function to have it return.
- Update the file builder generator to handle generator specific cflags and
includes. The tcpdump and libpcap have localised headers and need specific
headers paths to see them. There are also module specific flags and these
need to be passed to the lex and yacc generators.
- Add the tcpdump support.
