diff options
| author | Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be> | 2017-10-05 23:53:01 +0200 |
|---|---|---|
| committer | Ivan Kutepov <its.kutepov@gmail.com> | 2017-10-19 21:53:12 +0300 |
| commit | 989ffaa028b8418456655c4cc2867bebced80d17 (patch) | |
| tree | e6722f1610b253f67a3d5b00d0327a126283fdb4 | |
| parent | 4ecf487814046663edbc14a405407e891939a981 (diff) | |
| download | android_external_wpa_supplicant_8-989ffaa028b8418456655c4cc2867bebced80d17.tar.gz android_external_wpa_supplicant_8-989ffaa028b8418456655c4cc2867bebced80d17.tar.bz2 android_external_wpa_supplicant_8-989ffaa028b8418456655c4cc2867bebced80d17.zip | |
WPA: Extra defense against PTK reinstalls in 4-way handshake
Currently, reinstallations of the PTK are prevented by (1) assuring the
same TPTK is only set once as the PTK, and (2) that one particular PTK
is only installed once. This patch makes it more explicit that point (1)
is required to prevent key reinstallations. At the same time, this patch
hardens wpa_supplicant such that future changes do not accidentally
break this property.
Change-Id: Id03f4790d93deb1bc34b1055fb85ec80c5229bcc
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
| -rw-r--r-- | src/rsn_supp/wpa.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index d18e973f..9db5cdc7 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -1591,6 +1591,14 @@ static int wpa_supplicant_verify_eapol_key_mic(struct wpa_sm *sm, sm->ptk_set = 1; os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk)); os_memset(&sm->tptk, 0, sizeof(sm->tptk)); + /* + * This assures the same TPTK in sm->tptk can never be + * copied twice to sm->pkt as the new PTK. In + * combination with the installed flag in the wpa_ptk + * struct, this assures the same PTK is only installed + * once. + */ + sm->renew_snonce = 1; } } |