jeltz
/
hostap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Reject the initial 4-way handshake if initial GTK setup fails

Browse Source 
This makes the AP/Authenticator design more robust against unexpected
failures in random number generation.

Signed-off-by: Jouni Malinen <j@w1.fi>
master
Jouni Malinen 9 years ago
parent 2da525651d
commit aac1efec34
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File

10
src/ap/wpa_auth.c
Unescape Escape View File

@ -1841,9 +1841,13 @@ static void wpa_group_ensure_init(struct wpa_authenticator *wpa_auth,
group->reject_4way_hs_for_entropy = FALSE; group->reject_4way_hs_for_entropy = FALSE;
} }
wpa_group_init_gmk_and_counter(wpa_auth, group); if (wpa_group_init_gmk_and_counter(wpa_auth, group) < 0 ||
wpa_gtk_update(wpa_auth, group); wpa_gtk_update(wpa_auth, group) < 0 ||
wpa_group_config_group_keys(wpa_auth, group); wpa_group_config_group_keys(wpa_auth, group) < 0) {
wpa_printf(MSG_INFO, "WPA: GMK/GTK setup failed");
group->first_sta_seen = FALSE;
group->reject_4way_hs_for_entropy = TRUE;
}
} }

Write Preview
Loading…
Cancel
Save