AP: Provide correct keyid to wpa_send_eapol() for EAPOL-Key msg 3/4
PTKINITNEGOTIATING in the WPA state machine calls wpa_send_eapol() and hands over the GTK instead of the PTK keyid. Besides a confusing debug message this does not have any negative side effects: The variable is only set to a wrong value when using WPA2 but then it's not used. With this patch PTKINITNEGOTIATING sets the PTK keyid unconditionally to zero for EAPOL-Key msg 3/4 and differentiates more obviously between GTK and PTK keyids. Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
This commit is contained in:
parent
a3ebf71751
commit
7a4b01c879
|
@ -3126,7 +3126,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
|
||||||
size_t gtk_len, kde_len;
|
size_t gtk_len, kde_len;
|
||||||
struct wpa_group *gsm = sm->group;
|
struct wpa_group *gsm = sm->group;
|
||||||
u8 *wpa_ie;
|
u8 *wpa_ie;
|
||||||
int wpa_ie_len, secure, keyidx, encr = 0;
|
int wpa_ie_len, secure, gtkidx, encr = 0;
|
||||||
|
|
||||||
SM_ENTRY_MA(WPA_PTK, PTKINITNEGOTIATING, wpa_ptk);
|
SM_ENTRY_MA(WPA_PTK, PTKINITNEGOTIATING, wpa_ptk);
|
||||||
sm->TimeoutEvt = FALSE;
|
sm->TimeoutEvt = FALSE;
|
||||||
|
@ -3177,7 +3177,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
|
||||||
return;
|
return;
|
||||||
gtk = dummy_gtk;
|
gtk = dummy_gtk;
|
||||||
}
|
}
|
||||||
keyidx = gsm->GN;
|
gtkidx = gsm->GN;
|
||||||
_rsc = rsc;
|
_rsc = rsc;
|
||||||
encr = 1;
|
encr = 1;
|
||||||
} else {
|
} else {
|
||||||
|
@ -3185,7 +3185,6 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
|
||||||
secure = 0;
|
secure = 0;
|
||||||
gtk = NULL;
|
gtk = NULL;
|
||||||
gtk_len = 0;
|
gtk_len = 0;
|
||||||
keyidx = 0;
|
|
||||||
_rsc = NULL;
|
_rsc = NULL;
|
||||||
if (sm->rx_eapol_key_secure) {
|
if (sm->rx_eapol_key_secure) {
|
||||||
/*
|
/*
|
||||||
|
@ -3242,7 +3241,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
|
||||||
#endif /* CONFIG_IEEE80211R_AP */
|
#endif /* CONFIG_IEEE80211R_AP */
|
||||||
if (gtk) {
|
if (gtk) {
|
||||||
u8 hdr[2];
|
u8 hdr[2];
|
||||||
hdr[0] = keyidx & 0x03;
|
hdr[0] = gtkidx & 0x03;
|
||||||
hdr[1] = 0;
|
hdr[1] = 0;
|
||||||
pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
|
pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
|
||||||
gtk, gtk_len);
|
gtk, gtk_len);
|
||||||
|
@ -3314,7 +3313,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
|
||||||
WPA_KEY_INFO_MIC : 0) |
|
WPA_KEY_INFO_MIC : 0) |
|
||||||
WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL |
|
WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL |
|
||||||
WPA_KEY_INFO_KEY_TYPE,
|
WPA_KEY_INFO_KEY_TYPE,
|
||||||
_rsc, sm->ANonce, kde, pos - kde, keyidx, encr);
|
_rsc, sm->ANonce, kde, pos - kde, 0, encr);
|
||||||
os_free(kde);
|
os_free(kde);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4953,7 +4952,7 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
|
||||||
size_t gtk_len, kde_len;
|
size_t gtk_len, kde_len;
|
||||||
struct wpa_group *gsm = sm->group;
|
struct wpa_group *gsm = sm->group;
|
||||||
u8 *wpa_ie;
|
u8 *wpa_ie;
|
||||||
int wpa_ie_len, secure, keyidx, encr = 0;
|
int wpa_ie_len, secure, gtkidx, encr = 0;
|
||||||
|
|
||||||
/* Send EAPOL(1, 1, 1, Pair, P, RSC, ANonce, MIC(PTK), RSNIE, [MDIE],
|
/* Send EAPOL(1, 1, 1, Pair, P, RSC, ANonce, MIC(PTK), RSNIE, [MDIE],
|
||||||
GTK[GN], IGTK, [FTIE], [TIE * 2])
|
GTK[GN], IGTK, [FTIE], [TIE * 2])
|
||||||
|
@ -4980,7 +4979,7 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
|
||||||
secure = 1;
|
secure = 1;
|
||||||
gtk = gsm->GTK[gsm->GN - 1];
|
gtk = gsm->GTK[gsm->GN - 1];
|
||||||
gtk_len = gsm->GTK_len;
|
gtk_len = gsm->GTK_len;
|
||||||
keyidx = gsm->GN;
|
gtkidx = gsm->GN;
|
||||||
_rsc = rsc;
|
_rsc = rsc;
|
||||||
encr = 1;
|
encr = 1;
|
||||||
} else {
|
} else {
|
||||||
|
@ -4988,7 +4987,6 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
|
||||||
secure = 0;
|
secure = 0;
|
||||||
gtk = NULL;
|
gtk = NULL;
|
||||||
gtk_len = 0;
|
gtk_len = 0;
|
||||||
keyidx = 0;
|
|
||||||
_rsc = NULL;
|
_rsc = NULL;
|
||||||
if (sm->rx_eapol_key_secure) {
|
if (sm->rx_eapol_key_secure) {
|
||||||
/*
|
/*
|
||||||
|
@ -5041,7 +5039,7 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
|
||||||
#endif /* CONFIG_IEEE80211R_AP */
|
#endif /* CONFIG_IEEE80211R_AP */
|
||||||
if (gtk) {
|
if (gtk) {
|
||||||
u8 hdr[2];
|
u8 hdr[2];
|
||||||
hdr[0] = keyidx & 0x03;
|
hdr[0] = gtkidx & 0x03;
|
||||||
hdr[1] = 0;
|
hdr[1] = 0;
|
||||||
pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
|
pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
|
||||||
gtk, gtk_len);
|
gtk, gtk_len);
|
||||||
|
@ -5109,7 +5107,7 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
|
||||||
WPA_KEY_INFO_MIC : 0) |
|
WPA_KEY_INFO_MIC : 0) |
|
||||||
WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL |
|
WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL |
|
||||||
WPA_KEY_INFO_KEY_TYPE,
|
WPA_KEY_INFO_KEY_TYPE,
|
||||||
_rsc, sm->ANonce, kde, pos - kde, keyidx, encr);
|
_rsc, sm->ANonce, kde, pos - kde, 0, encr);
|
||||||
os_free(kde);
|
os_free(kde);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue