Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:AndreasSchwab:13.1
wpa_supplicant
0004-Prevent-installation-of-an-all-zero-TK.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0004-Prevent-installation-of-an-all-zero-TK.patch of Package wpa_supplicant
From 8f82bc94e8697a9d47fa8774dfdaaede1084912c Mon Sep 17 00:00:00 2001 From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be> Date: Fri, 29 Sep 2017 04:22:51 +0200 Subject: [PATCH 4/8] Prevent installation of an all-zero TK Properly track whether a PTK has already been installed to the driver and the TK part cleared from memory. This prevents an attacker from trying to trick the client into installing an all-zero TK. This fixes the earlier fix in commit ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the driver in EAPOL-Key 3/4 retry case') which did not take into account possibility of an extra message 1/4 showing up between retries of message 3/4. Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be> --- diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h index d200285..1021ccb 100644 --- a/src/common/wpa_common.h +++ b/src/common/wpa_common.h @@ -206,6 +206,7 @@ u8 rx_mic_key[8]; } auth; } u; + int installed; /* 1 if key has already been installed to driver */ } STRUCT_PACKED; struct wpa_gtk { diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 7a2c68d..0550a41 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -550,6 +550,12 @@ const u8 *key_rsc; u8 null_rsc[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; + if (sm->ptk.installed) { + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "WPA: Do not re-install same PTK to the driver"); + return 0; + } + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Installing PTK to the driver"); @@ -586,6 +592,8 @@ return -1; } + sm->ptk.installed = 1; + if (sm->wpa_ptk_rekey) { eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL); eloop_register_timeout(sm->wpa_ptk_rekey, 0, wpa_sm_rekey_ptk, -- 2.7.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor