Fix PeerKey 4-way handshake
The earlier changes to buffer EAPOL frames when not associated to avoid
race conditions (especially commit
3ab35a6603
but maybe something even before
that) broke PeerKey 4-way handshake. Fix this by using a separate check
before the race condition workaround to process PeerKey 4-way handshake
EAPOL-Key messages differently.
Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
773272989a
commit
db76aa64f1
3 changed files with 39 additions and 0 deletions
|
@ -2710,3 +2710,24 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_WNM */
|
#endif /* CONFIG_WNM */
|
||||||
|
|
||||||
|
|
||||||
|
#ifdef CONFIG_PEERKEY
|
||||||
|
int wpa_sm_rx_eapol_peerkey(struct wpa_sm *sm, const u8 *src_addr,
|
||||||
|
const u8 *buf, size_t len)
|
||||||
|
{
|
||||||
|
struct wpa_peerkey *peerkey;
|
||||||
|
|
||||||
|
for (peerkey = sm->peerkey; peerkey; peerkey = peerkey->next) {
|
||||||
|
if (os_memcmp(peerkey->addr, src_addr, ETH_ALEN) == 0)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!peerkey)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
wpa_sm_rx_eapol(sm, src_addr, buf, len);
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_PEERKEY */
|
||||||
|
|
|
@ -306,11 +306,19 @@ static inline void wpa_sm_pmksa_cache_flush(struct wpa_sm *sm,
|
||||||
|
|
||||||
#ifdef CONFIG_PEERKEY
|
#ifdef CONFIG_PEERKEY
|
||||||
int wpa_sm_stkstart(struct wpa_sm *sm, const u8 *peer);
|
int wpa_sm_stkstart(struct wpa_sm *sm, const u8 *peer);
|
||||||
|
int wpa_sm_rx_eapol_peerkey(struct wpa_sm *sm, const u8 *src_addr,
|
||||||
|
const u8 *buf, size_t len);
|
||||||
#else /* CONFIG_PEERKEY */
|
#else /* CONFIG_PEERKEY */
|
||||||
static inline int wpa_sm_stkstart(struct wpa_sm *sm, const u8 *peer)
|
static inline int wpa_sm_stkstart(struct wpa_sm *sm, const u8 *peer)
|
||||||
{
|
{
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static inline int wpa_sm_rx_eapol_peerkey(struct wpa_sm *sm, const u8 *src_addr,
|
||||||
|
const u8 *buf, size_t len)
|
||||||
|
{
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
#endif /* CONFIG_PEERKEY */
|
#endif /* CONFIG_PEERKEY */
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211R
|
#ifdef CONFIG_IEEE80211R
|
||||||
|
|
|
@ -2328,6 +2328,16 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
|
||||||
wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
|
wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
|
||||||
wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
|
wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
|
||||||
|
|
||||||
|
#ifdef CONFIG_PEERKEY
|
||||||
|
if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
|
||||||
|
wpa_s->current_ssid->peerkey &&
|
||||||
|
!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
|
||||||
|
wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
|
||||||
|
wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_PEERKEY */
|
||||||
|
|
||||||
if (wpa_s->wpa_state < WPA_ASSOCIATED ||
|
if (wpa_s->wpa_state < WPA_ASSOCIATED ||
|
||||||
(wpa_s->last_eapol_matches_bssid &&
|
(wpa_s->last_eapol_matches_bssid &&
|
||||||
#ifdef CONFIG_AP
|
#ifdef CONFIG_AP
|
||||||
|
|
Loading…
Reference in a new issue