Reject undefined Key Descriptor Version values explicitly
Check that the EAPOL-Key frame Key Descriptor Version value is one of the defined values explicitly instead of failing to process the Key Data field later (or end up ignoring the unexpected value if no processing of Key Data is needed). Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
fff69bba10
commit
bd1e078996
1 changed files with 7 additions and 0 deletions
|
|
@ -1229,6 +1229,13 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
|
|||
msgtxt = "2/4 Pairwise";
|
||||
}
|
||||
|
||||
if (ver > WPA_KEY_INFO_TYPE_AES_128_CMAC) {
|
||||
wpa_printf(MSG_INFO, "RSN: " MACSTR
|
||||
" used undefined Key Descriptor Version %d",
|
||||
MAC2STR(wpa_auth_get_spa(sm)), ver);
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!wpa_use_akm_defined(sm->wpa_key_mgmt) &&
|
||||
wpa_use_cmac(sm->wpa_key_mgmt) &&
|
||||
ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue