jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

SAE: Verify that appropriate Status Code is used in SAE commit (SME)

Browse source 
Previous version accepted both 0 and 126 values in SAE commit message
from the AP. Explicitly check that the value the AP uses matches what
the STA started with to avoid unexpected cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2020-02-08 03:36:13 +02:00
parent c248ebaf4f
commit ca1cecc54d
1 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
wpa_supplicant/sme.c
View file

@ -1291,6 +1291,19 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
"SAE: Ignore commit message while waiting for confirm");
return 0;
}
if (wpa_s->sme.sae.tmp && wpa_s->sme.sae.tmp->h2e &&
status_code == WLAN_STATUS_SUCCESS) {
wpa_printf(MSG_DEBUG,
"SAE: Unexpected use of status code 0 in SAE commit when H2E was expected");
return -1;
}
if (wpa_s->sme.sae.tmp && !wpa_s->sme.sae.tmp->h2e &&
status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT) {
wpa_printf(MSG_DEBUG,
"SAE: Unexpected use of status code for H2E in SAE commit when H2E was not expected");
return -1;
}
if (groups && groups[0] <= 0)
groups = NULL;
res = sae_parse_commit(&wpa_s->sme.sae, data, len, NULL, NULL,