CVS commit: src/external/bsd/wpa/dist/src

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/external/bsd/wpa/dist/src
From: "Christos Zoulas" <christos%netbsd.org@localhost>
Date: Wed, 10 Apr 2019 13:50:28 -0400

Module Name:    src
Committed By:   christos
Date:           Wed Apr 10 17:50:28 UTC 2019

Modified Files:
        src/external/bsd/wpa/dist/src/eap_common: eap_pwd_common.c
            eap_pwd_common.h
        src/external/bsd/wpa/dist/src/eap_peer: eap_pwd.c
        src/external/bsd/wpa/dist/src/eap_server: eap_server_pwd.c

Log Message:
This adds an explicit check for 0 < x,y < prime based on RFC 5931,
2.8.5.2.2 requirement. The earlier checks might have covered this
implicitly, but it is safer to avoid any dependency on implicit checks
and specific crypto library behavior. (CVE-2019-9498 and CVE-2019-9499)

Furthermore, this moves the EAP-pwd element and scalar parsing and
validation steps into shared helper functions so that there is no need
to maintain two separate copies of this common functionality between the
server and peer implementations.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.6 -r1.2 \
    src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c
cvs rdiff -u -r1.1.1.5 -r1.2 \
    src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.h
cvs rdiff -u -r1.7 -r1.8 src/external/bsd/wpa/dist/src/eap_peer/eap_pwd.c
cvs rdiff -u -r1.7 -r1.8 \
    src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/external/bsd/wpa/dist/src/eap_peer
Next by Date: CVS commit: src/external/bsd/wpa/dist/src/common
Previous by Thread: CVS commit: src/external/bsd/wpa/dist/src/eap_peer
Next by Thread: CVS commit: src/external/bsd/wpa/dist/src/common
Indexes:

Home | Main Index | Thread Index | Old Index