Discard EAPOL-Key Request frames during 4-way handshake
While the Authenticator state machine conditions are already checking for sm->EAPOLKeyRequest, it seems clearer to explicitly discard any EAPOL-Key Request frame that is received unexpectedly during a 4-way handshake. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
8037c1ad61
commit
0967940885
1 changed files with 10 additions and 0 deletions
|
@ -1437,6 +1437,16 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case REQUEST:
|
case REQUEST:
|
||||||
|
if (sm->wpa_ptk_state == WPA_PTK_PTKSTART ||
|
||||||
|
sm->wpa_ptk_state == WPA_PTK_PTKCALCNEGOTIATING ||
|
||||||
|
sm->wpa_ptk_state == WPA_PTK_PTKCALCNEGOTIATING2 ||
|
||||||
|
sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING) {
|
||||||
|
wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
|
||||||
|
LOGGER_INFO,
|
||||||
|
"received EAPOL-Key Request in invalid state (%d) - dropped",
|
||||||
|
sm->wpa_ptk_state);
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue