Date: Wednesday, November 9, 2022 @ 15:00:28 Author: foutrelis Revision: 461020
upgpkg: wpa_supplicant 2:2.10-7: two fixes for OpenSSL 3.0 (FS#76474) - Request SSL_OP_LEGACY_SERVER_CONNECT to facilitate connecting to EAP servers which do not conform to RFC 5746. (There is no consensus yet regarding the name of the option, so NetworkManager doesn't make use of the existing, but incorrectly named, allow_unsafe_renegotiation=1 option (https://bugzilla.redhat.com/show_bug.cgi?id=2077973#c24). - Drop security level to 0 with OpenSSL 3.0 when using TLS 1.0/1.1 (commit bc99366f9b960150aa2e369048bbc2218c1d414e upstream). Added: wpa_supplicant/trunk/lower_security_level_for_tls_1.patch wpa_supplicant/trunk/wpa_supplicant-legacy-server-connect.patch Modified: wpa_supplicant/trunk/PKGBUILD --------------------------------------------+ PKGBUILD | 35 ++++++++++++++---- lower_security_level_for_tls_1.patch | 52 +++++++++++++++++++++++++++ wpa_supplicant-legacy-server-connect.patch | 22 +++++++++++ 3 files changed, 101 insertions(+), 8 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2022-11-09 12:47:09 UTC (rev 461019) +++ PKGBUILD 2022-11-09 15:00:28 UTC (rev 461020) @@ -5,7 +5,7 @@ pkgname=wpa_supplicant pkgver=2.10 -pkgrel=6 +pkgrel=7 epoch=2 pkgdesc='A utility providing key negotiation for WPA wireless networks' url='https://w1.fi/wpa_supplicant/' @@ -15,9 +15,11 @@ install=wpa_supplicant.install source=( https://w1.fi/releases/${pkgname}-${pkgver}.tar.gz{,.asc} - wpa_supplicant_tls.patch # More permissive TLS fallback - wpa_supplicant_dbus_service_syslog.patch # Unit improvements from Ubuntu - wpa_supplicant_service_ignore-on-isolate.patch # More unit improvements from Ubuntu + wpa_supplicant_tls.patch + wpa_supplicant_dbus_service_syslog.patch + wpa_supplicant_service_ignore-on-isolate.patch + wpa_supplicant-legacy-server-connect.patch + lower_security_level_for_tls_1.patch wpa_supplicant_config add_extra-ies_only_if_allowed_by_driver.patch ) @@ -27,16 +29,33 @@ '08915b040d03a3e07cdc8ea6c76b497e00059e01ce85b67413dfe41d4fc68992' '60f6a1cf2e124813dfce1da78ee1818e2ff5236aafa4113c7ae3b3f2a0b84006' 'd42bdbf3d4980b9f0a819612df0c39843c7e96c8afcb103aa656c824f93790b0' + '8fba11e4a5056d9e710707ded93341f61fdfef6c64ced992e3936cbd2d41a011' + 'c3c0fb363f734c1512d24fd749b3ff7515f961b27bfadd04c128434b5c9f4a93' '89dc439b958574e9231c58bea6c83faec469909c9f84476bfc83fa35b3e97bd1' 'aaedf87f1530d4e6cb00bf7981d1f868409ed892cc41b83c5613019e7b51f380') prepare() { cd $pkgname-$pkgver - patch -p1 -i ../wpa_supplicant_tls.patch # More permissive TLS fallback - patch -p1 -i ../wpa_supplicant_dbus_service_syslog.patch # Unit improvements from Ubuntu - patch -p1 -i ../wpa_supplicant_service_ignore-on-isolate.patch # More unit improvements from Ubuntu - patch -p1 -i ../add_extra-ies_only_if_allowed_by_driver.patch # http://lists.infradead.org/pipermail/hostap/2022-January/040178.html + # More permissive TLS fallback + patch -Np1 -i ../wpa_supplicant_tls.patch + + # Unit improvements from Ubuntu + patch -Np1 -i ../wpa_supplicant_dbus_service_syslog.patch + + # More unit improvements from Ubuntu + patch -Np1 -i ../wpa_supplicant_service_ignore-on-isolate.patch + + # https://bugzilla.redhat.com/show_bug.cgi?id=2072070#c24 + patch -Np1 -i ../wpa_supplicant-legacy-server-connect.patch + + # http://lists.infradead.org/pipermail/hostap/2022-May/040571.html + # https://bugs.archlinux.org/task/76474 + patch -Np1 -i ../lower_security_level_for_tls_1.patch + + # http://lists.infradead.org/pipermail/hostap/2022-January/040178.html + patch -Np1 -i ../add_extra-ies_only_if_allowed_by_driver.patch + cd $pkgname cp "$srcdir/wpa_supplicant_config" ./.config } Added: lower_security_level_for_tls_1.patch =================================================================== --- lower_security_level_for_tls_1.patch (rev 0) +++ lower_security_level_for_tls_1.patch 2022-11-09 15:00:28 UTC (rev 461020) @@ -0,0 +1,52 @@ +From bc99366f9b960150aa2e369048bbc2218c1d414e Mon Sep 17 00:00:00 2001 +From: Jouni Malinen <[email protected]> +Date: Sun, 22 May 2022 17:01:35 +0300 +Subject: [PATCH] OpenSSL: Drop security level to 0 with OpenSSL 3.0 when using + TLS 1.0/1.1 + +Commit 9afb68b03976 ("OpenSSL: Allow systemwide secpolicy overrides for +TLS version") with commit 58bbcfa31b18 ("OpenSSL: Update security level +drop for TLS 1.0/1.1 with OpenSSL 3.0") allow this workaround to be +enabled with an explicit network configuration parameter. However, the +default settings are still allowing TLS 1.0 and 1.1 to be negotiated +just to see them fail immediately when using OpenSSL 3.0. This is not +exactly helpful especially when the OpenSSL error message for this +particular case is "internal error" which does not really say anything +about the reason for the error. + +It is is a bit inconvenient to update the security policy for this +particular issue based on the negotiated TLS version since that happens +in the middle of processing for the first message from the server. +However, this can be done by using the debug callback for printing out +the received TLS messages during processing. + +Drop the OpenSSL security level to 0 if that is the only option to +continue the TLS negotiation, i.e., when TLS 1.0/1.1 are still allowed +in wpa_supplicant default configuration and OpenSSL 3.0 with the +constraint on MD5-SHA1 use. + +Signed-off-by: Jouni Malinen <[email protected]> +--- + src/crypto/tls_openssl.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c +index 6602ac64f..78621d926 100644 +--- a/src/crypto/tls_openssl.c ++++ b/src/crypto/tls_openssl.c +@@ -1557,6 +1557,15 @@ static void tls_msg_cb(int write_p, int version, int content_type, + struct tls_connection *conn = arg; + const u8 *pos = buf; + ++#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++ if ((SSL_version(ssl) == TLS1_VERSION || ++ SSL_version(ssl) == TLS1_1_VERSION) && ++ SSL_get_security_level(ssl) > 0) { ++ wpa_printf(MSG_DEBUG, ++ "OpenSSL: Drop security level to 0 to allow TLS 1.0/1.1 use of MD5-SHA1 signature algorithm"); ++ SSL_set_security_level(ssl, 0); ++ } ++#endif /* OpenSSL version >= 3.0 */ + if (write_p == 2) { + wpa_printf(MSG_DEBUG, + "OpenSSL: session ver=0x%x content_type=%d", Added: wpa_supplicant-legacy-server-connect.patch =================================================================== --- wpa_supplicant-legacy-server-connect.patch (rev 0) +++ wpa_supplicant-legacy-server-connect.patch 2022-11-09 15:00:28 UTC (rev 461020) @@ -0,0 +1,22 @@ +# Patch origin: https://bugzilla.redhat.com/show_bug.cgi?id=2072070#c24 + +diff -up wpa_supplicant-2.10/src/crypto/tls_openssl.c.legacy-server-connect wpa_supplicant-2.10/src/crypto/tls_openssl.c +--- wpa_supplicant-2.10/src/crypto/tls_openssl.c.legacy-server-connect 2022-01-16 15:51:29.000000000 -0500 ++++ wpa_supplicant-2.10/src/crypto/tls_openssl.c 2022-04-28 02:47:26.863529683 -0400 +@@ -1049,6 +1049,16 @@ + SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv2); + SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv3); + ++ /* Many enterprise PEAP server implementations (e.g. used in large ++ corporations and universities) do not support RFC5746 secure ++ renegotiation, and starting with OpenSSL 3.0, ++ SSL_OP_LEGACY_SERVER_CONNECT is no longer set as part of SSL_OP_ALL. ++ So until we implement a way to request SSL_OP_LEGACY_SERVER_CONNECT ++ only in EAP peer mode, just set SSL_OP_LEGACY_SERVER_CONNECT ++ globally. */ ++ ++ SSL_CTX_set_options(ssl, SSL_OP_LEGACY_SERVER_CONNECT); ++ + SSL_CTX_set_mode(ssl, SSL_MODE_AUTO_RETRY); + + #ifdef SSL_MODE_NO_AUTO_CHAIN
