Commit graph

14 commits

Author SHA1 Message Date
Jouni Malinen
3f1b792fbe EAP server: Disable TLS session ticket with EAP-TLS/TTLS/PEAP
The EAP server is not yet capable of using TLS session ticket to resume
a session. Explicitly disable use of TLS session ticket with
EAP-TLS/TTLS/PEAP to avoid wasting resources on generating a session
ticket that cannot be used for anything.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-24 02:29:30 +03:00
Haim Dreyfuss
b760e64276 eap_server: Avoid NULL pointer dereference in eap_fast_encrypt_phase2()
If TLS encryption fails, encr may be NULL and that would have resulted
in NULL pointer dereference..

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
2015-01-20 02:11:59 +02:00
Jouni Malinen
d1f89dd732 EAP server: Add getSessionId
This extends EAP server implementation to derive Session-Id similarly to
the existing EAP peer implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
6f577c5e45 EAP-FAST server: Remove unused assignment
Commit e8c08c9a36 ('EAP-FAST server: Fix
potential read-after-buffer (by one byte)') changed the while loop
design in a way that does not require the pos variable to be updated
anymore. Remove that unneeded code to clean up static analyzer warnings
about unused assignments.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:11:14 +03:00
Jouni Malinen
e9471493ef EAP-FAST server: Remove unused write
next_type is not used in case m->check() results in ignoring the packet.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:10:27 +03:00
Jouni Malinen
eefec1e40b AES: Extend key wrap design to support longer AES keys
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and
allows AES to be initialized with 192 and 256 bit KEK in addition to
the previously supported 128 bit KEK.

The test vectors in test-aes.c are extended to cover all the test
vectors from RFC 3394.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 14:57:06 +03:00
Jouni Malinen
e8c08c9a36 EAP-FAST server: Fix potential read-after-buffer (by one byte)
The special PAC_OPAQUE_TYPE_PAD case did not skip incrementing of the
pos pointer and could result in one octet read-after-buffer when parsing
the PAC-Opaque data.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-26 21:14:05 +03:00
Jouni Malinen
0a13e06bdb EAP server: Clear keying material on deinit
Reduce the amount of time keying material (MSK, EMSK, temporary private
data) remains in memory in EAP methods. This provides additional
protection should there be any issues that could expose process memory
to external observers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:48 +03:00
Jouni Malinen
c434503f5e EAP-FAST: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:47 +03:00
Jouni Malinen
2dbc959699 EAP-FAST: Clean up TLV length validation (CID 62853)
Use size_t instead of int for storing and comparing the TLV length
against the remaining buffer length to make this easier for static
analyzers to understand.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-18 16:45:03 +03:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
3642c4313a Annotate places depending on strong random numbers
This commit adds a new wrapper, random_get_bytes(), that is currently
defined to use os_get_random() as is. The places using
random_get_bytes() depend on the returned value being strong random
number, i.e., something that is infeasible for external device to
figure out. These values are used either directly as a key or as
nonces/challenges that are used as input for key derivation or
authentication.

The remaining direct uses of os_get_random() do not need as strong
random numbers to function correctly.
2010-11-24 01:05:20 +02:00
Jouni Malinen
8cbd92ee29 EAP-FAST server: Add I-ID into PAC-Info
This indicates that the peer identity is associated with the
credential and will be required to match with the identity used
during authentication when the PAC is used (RFC 5422, 4.2.4).
2010-08-19 21:16:19 +03:00
Jouni Malinen
94d9bfd59b Rename EAP server source files to avoid duplicate names
This makes it easier to build both EAP peer and server functionality
into the same project with some toolchains.
2010-02-19 18:54:07 +02:00
Renamed from src/eap_server/eap_fast.c (Browse further)