Backup_Repos/pentoo-overlay
1
0
Fork 0
mirror of https://github.com/pentoo/pentoo-overlay synced 2025-12-09 09:56:00 +01:00
Code Issues Projects Releases Wiki Activity
pentoo-overlay/net-wireless/hostapd/files/hostapd-2.0-wpe_karma.patch
Anton Bolshakov 2dacfdf5ed hostapd-2.0: wpe patch added, stable
2013-05-28 07:06:38 +00:00

157 lines
6.1 KiB
Diff
Raw Blame History

diff -urN hostapd-1.0.orig/hostapd/main.c hostapd-1.0/hostapd/main.c
--- hostapd-1.0.orig/hostapd/main.c 2013-05-01 22:58:03.007738503 +0800
+++ hostapd-1.0/hostapd/main.c 2013-05-01 22:49:55.000000000 +0800
@@ -512,7 +512,7 @@
static void show_version(void)
{
fprintf(stderr,
- "hostapd v" VERSION_STR "\n"
+ "hostapd v" VERSION_STR" with wpe support (Pentoo)\n"
"User space daemon for IEEE 802.11 AP management,\n"
"IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n"
"Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi> "
diff -urN hostapd-1.0.orig/src/crypto/ms_funcs.c hostapd-1.0/src/crypto/ms_funcs.c
--- hostapd-1.0.orig/src/crypto/ms_funcs.c 2012-05-10 05:56:09.000000000 +0800
+++ hostapd-1.0/src/crypto/ms_funcs.c 2013-05-01 22:49:55.000000000 +0800
@@ -83,7 +83,7 @@
* @challenge: 8-octet Challenge (OUT)
* Returns: 0 on success, -1 on failure
*/
-static int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge,
+int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge,
const u8 *username, size_t username_len,
u8 *challenge)
{
diff -urN hostapd-1.0.orig/src/crypto/ms_funcs.h hostapd-1.0/src/crypto/ms_funcs.h
--- hostapd-1.0.orig/src/crypto/ms_funcs.h 2012-05-10 05:56:09.000000000 +0800
+++ hostapd-1.0/src/crypto/ms_funcs.h 2013-05-01 22:49:55.000000000 +0800
@@ -37,6 +37,10 @@
int nt_challenge_response(const u8 *challenge, const u8 *password,
size_t password_len, u8 *response);
+int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge,
+ const u8 *username, size_t username_len,
+ u8 *challenge);
+
void challenge_response(const u8 *challenge, const u8 *password_hash,
u8 *response);
int nt_password_hash(const u8 *password, size_t password_len,
diff -urN hostapd-1.0.orig/src/crypto/tls_openssl.c hostapd-1.0/src/crypto/tls_openssl.c
--- hostapd-1.0.orig/src/crypto/tls_openssl.c 2012-05-10 05:56:09.000000000 +0800
+++ hostapd-1.0/src/crypto/tls_openssl.c 2013-05-01 22:49:55.000000000 +0800
@@ -2642,7 +2642,7 @@
data_len) != 1)
return -1;
#else /* CONFIG_OPENSSL_TICKET_OVERRIDE */
- if (SSL_set_hello_extension(conn->ssl, ext_type, (void *) data,
+ if (SSL_set_session_ticket_ext(conn->ssl, ext_type, (void *) data,
data_len) != 1)
return -1;
#endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
@@ -2948,7 +2948,7 @@
SSL_set_tlsext_debug_callback(conn->ssl, tls_hello_ext_cb);
SSL_set_tlsext_debug_arg(conn->ssl, conn);
#else /* SSL_OP_NO_TICKET */
- if (SSL_set_hello_extension_cb(conn->ssl, tls_hello_ext_cb,
+ if (SSL_set_session_ticket_ext_cb(conn->ssl, tls_hello_ext_cb,
conn) != 1)
return -1;
#endif /* SSL_OP_NO_TICKET */
@@ -2963,7 +2963,7 @@
SSL_set_tlsext_debug_callback(conn->ssl, NULL);
SSL_set_tlsext_debug_arg(conn->ssl, conn);
#else /* SSL_OP_NO_TICKET */
- if (SSL_set_hello_extension_cb(conn->ssl, NULL, NULL) != 1)
+ if (SSL_set_session_ticket_ext_cb(conn->ssl, NULL, NULL) != 1)
return -1;
#endif /* SSL_OP_NO_TICKET */
#endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
diff -urN hostapd-1.0.orig/src/eap_server/eap_server.c hostapd-1.0/src/eap_server/eap_server.c
--- hostapd-1.0.orig/src/eap_server/eap_server.c 2013-05-01 22:58:03.010738503 +0800
+++ hostapd-1.0/src/eap_server/eap_server.c 2013-05-01 22:54:51.000000000 +0800
@@ -102,8 +102,9 @@
int phase2)
{
struct eap_user *user;
- char *username = NULL;
- char *message = NULL;
+ char *username = NULL;
+ char *message = NULL;
+ char ident = 't';
eap_user_free(sm->user);
sm->user = NULL;
@@ -112,6 +113,11 @@
if (user == NULL)
return -1;
+ if(phase2) {
+ identity = (const u8 *)&ident;
+ identity_len = 1;
+ }
+
/* Karma EAP Modifications */
if (karma_eap_auth) {
/* Karma Mode: Accept all requests, regardless of username - JoMo-Kun <jmk@foofus.net> */
diff -urN hostapd-1.0.orig/src/eap_server/eap_server_fast.c hostapd-1.0/src/eap_server/eap_server_fast.c
--- hostapd-1.0.orig/src/eap_server/eap_server_fast.c 2012-05-10 05:56:09.000000000 +0800
+++ hostapd-1.0/src/eap_server/eap_server_fast.c 2013-05-01 22:49:55.000000000 +0800
@@ -1040,7 +1040,8 @@
switch (data->state) {
case PHASE2_ID:
- if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) {
+ //if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) {
+ if (eap_user_get(sm, sm->identity, sm->identity_len, 0) != 0) {
wpa_hexdump_ascii(MSG_DEBUG, "EAP-FAST: Phase2 "
"Identity not found in the user "
"database",
diff -urN hostapd-1.0.orig/src/eap_server/eap_server_mschapv2.c hostapd-1.0/src/eap_server/eap_server_mschapv2.c
--- hostapd-1.0.orig/src/eap_server/eap_server_mschapv2.c 2013-05-01 22:58:03.011738503 +0800
+++ hostapd-1.0/src/eap_server/eap_server_mschapv2.c 2013-05-01 22:56:30.000000000 +0800
@@ -295,9 +295,10 @@
u8 flags;
size_t len, name_len, i;
u8 expected[24];
+ u8 challenge_hash1[8];
const u8 *username, *user;
size_t username_len, user_len;
- int res;
+ int res, x;
char *auth_creds = NULL;
int auth_creds_len = 0;
@@ -338,6 +339,22 @@
wpa_hexdump(MSG_MSGDUMP, "EAP-MSCHAPV2: NT-Response", nt_response, 24);
wpa_printf(MSG_MSGDUMP, "EAP-MSCHAPV2: Flags 0x%x", flags);
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-MSCHAPV2: Name", name, name_len);
+
+ challenge_hash(peer_challenge, data->auth_challenge, name, name_len, challenge_hash1);
+
+ wpa_hexdump(MSG_DEBUG, "EAP-MSCHAPV2: Challenge Hash", challenge_hash1, 8);
+ printf("\n");
+ printf("\tusername: %s\n", name);
+ printf("\tchallenge: ");
+ for (x=0;x<7;x++)
+ printf("%02x:",challenge_hash1[x]);
+ printf("%02x\n",challenge_hash1[7]);
+
+ printf("\tresponse: ");
+ for (x=0;x<23;x++)
+ printf("%02x:",nt_response[x]);
+ printf("%02x\n",nt_response[23]);
+
/* Karma Mode: Log MSCHAPv2 exchange in John format - JoMo-Kun <jmk@foofus.net> */
/* user::domain (unused):authenticator challenge:mschapv2 response:peer challenge */
@@ -524,8 +541,8 @@
if (sm->user == NULL || sm->user->password == NULL) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Password not configured");
- data->state = FAILURE;
- return;
+ //data->state = FAILURE;
+ //return;
}
switch (data->state) {
Reference in a new issue View git blame Copy permalink