DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Prevent installation of an all-zero TK

Browse source 
Properly track whether a PTK has already been installed to the driver
and the TK part cleared from memory. This prevents an attacker from
trying to trick the client into installing an all-zero TK.

This fixes the earlier fix in commit
ad00d64e7d ('Fix TK configuration to the
driver in EAPOL-Key 3/4 retry case') which did not take into account
possibility of an extra message 1/4 showing up between retries of
message 3/4.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
This commit is contained in:
Mathy Vanhoef 2017-09-29 04:22:51 +02:00 committed by Jouni Malinen
parent 87e2db16ba
commit 53bb18cc8b
3 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/common/wpa_common.h
View file

@ -219,6 +219,7 @@ struct wpa_ptk {
size_t kck_len;
size_t kek_len;
size_t tk_len;
int installed; /* 1 if key has already been installed to driver */
};
struct wpa_gtk {