DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Mark RSN msg 1/2 key data debug dump as key material

Browse source 
This debug print can include GTK and IGTK, so use wpa_hexdump_key()
instead of wpa_hexdump() for it to avoid undesired exposure of keys in
debug log.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2017-02-17 11:35:35 +02:00 committed by Jouni Malinen
parent 209527aeed
commit ecbdc1a1fc
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/rsn_supp/wpa.c
View file

@ -1393,7 +1393,8 @@ static int wpa_supplicant_process_1_of_2_rsn(struct wpa_sm *sm,
int maxkeylen; int maxkeylen;
struct wpa_eapol_ie_parse ie; struct wpa_eapol_ie_parse ie;
wpa_hexdump(MSG_DEBUG, "RSN: msg 1/2 key data", keydata, keydatalen); wpa_hexdump_key(MSG_DEBUG, "RSN: msg 1/2 key data",
keydata, keydatalen);
if (wpa_supplicant_parse_ies(keydata, keydatalen, &ie) < 0) if (wpa_supplicant_parse_ies(keydata, keydatalen, &ie) < 0)
return -1; return -1;
if (ie.gtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { if (ie.gtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {