- hostapd: Avoid key reinstallation in FT handshake
- Prevent reinstallation of an already in-use group key
- Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
- Fix TK configuration to the driver in EAPOL-Key 3/4 retry case
- Prevent installation of an all-zero TK
- Fix PTK rekeying to generate a new ANonce
- TDLS: Reject TPK-TK reconfiguration
- WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
- WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
- WNM: Ignore WNM-Sleep Mode Response without pending request
- FT: Do not allow multiple Reassociation Response frames
- TDLS: Ignore incoming TDLS Setup Response retries
This was generated by applying the 2.5 patches committed to HEAD to
stable/10 individually. Notes from that process:
- patch 1: conflict in wpa_auth_ft.c manually resolved (preceding line not present)
- patch 2: conflicts in rsn_supp/wpa.c:
- use WPA_IGTK_LEN instead of flexible key len
- Only add new os_memset()'s (others are added in different commits that resulted in conflicts)
- conflicts in last function were similar to changes already resolved in new wpa_supplicant_install_gtk(), so just use new code that calls the new function
- patch 3: conflicts in rsn_supp/wpa.c: just added new paramter to function for both conflicts
- patch 4: conflicts in rsn_supp/wpa.c and wpa_i.h:
- resolved by applying delta to existing code and ignoring additional memset/field in newer code
- patch 5: conflicts in all files
- since the older ptk struct is a packed struct that seems to match an on-wire format, I instead added 'ptk_installed' as a flag in the parent 'sm' structure
- patch 6: applied cleanly
- patch 7: conflicts in dtls.c: applied deltas to existing code
- for the last conflict, the existing code was missing a conditional in newer code and always called os_get_random(). As a result, I moved the tk_set = 0 assignment to the top-level to match. This meant the new function from the original patch was also not used.
- patch 8: applied cleanly
- patch 9: conflicts in all files
- ctrl_iface.c changed function doesn't exist in 2.0
- applied deltas to existing code
- patch 10: applied cleanly
- patch 11: conflicts in rsn_supp/wpa.c: applied delta to existing code
- patch 12: conflicts in tdls.c: applied delta to existing code