diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2018-07-19 17:34:58 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2018-07-19 17:34:58 +0000 |
| commit | e7771f9e4a164c283346f7d399eb7f1c7175f7c8 (patch) | |
| tree | 066004cf43e8b2e608bfecde70764396bf877091 /src/ap/wpa_auth.c | |
| parent | d8b7f52b5107a4090323512694e518f9cffbaa60 (diff) | |
| download | src-e7771f9e4a164c283346f7d399eb7f1c7175f7c8.tar.gz src-e7771f9e4a164c283346f7d399eb7f1c7175f7c8.zip | |
Import upline security patch: Fix PTK rekeying to generate a new ANonce.
This is also upline git commit 0adc9b28b39d414d5febfff752f6a1576f785c85.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0005-Fix-PTK-rekeying-to-\
generate-a-new-ANonce.patch
Notes
Notes:
svn path=/vendor/wpa/dist/; revision=336493
Diffstat (limited to 'src/ap/wpa_auth.c')
| -rw-r--r-- | src/ap/wpa_auth.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 707971d06f21..bf10cc1646f7 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2) } +static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) +{ + if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { + wpa_printf(MSG_ERROR, + "WPA: Failed to get random data for ANonce"); + sm->Disconnect = TRUE; + return -1; + } + wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce, + WPA_NONCE_LEN); + sm->TimeoutCtr = 0; + return 0; +} + + SM_STATE(WPA_PTK, INITPMK) { u8 msk[2 * PMK_LEN]; @@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK) SM_ENTER(WPA_PTK, AUTHENTICATION); else if (sm->ReAuthenticationRequest) SM_ENTER(WPA_PTK, AUTHENTICATION2); - else if (sm->PTKRequest) - SM_ENTER(WPA_PTK, PTKSTART); - else switch (sm->wpa_ptk_state) { + else if (sm->PTKRequest) { + if (wpa_auth_sm_ptk_update(sm) < 0) + SM_ENTER(WPA_PTK, DISCONNECTED); + else + SM_ENTER(WPA_PTK, PTKSTART); + } else switch (sm->wpa_ptk_state) { case WPA_PTK_INITIALIZE: break; case WPA_PTK_DISCONNECT: |