hostapd/src
Jouni Malinen bc36991791 Use Secure=1 in PTK rekeying EAPOL-Key msg 1/4 and 2/4
IEEE Std 802.11-2020 is ambiguous on how the Secure bit is set in
EAPOL-Key msg 1/4 and 2/4 in the case where 4-way handshake is use to
rekey the PTK. 12.7.2 describes this with "set to 1 once the initial key
exchange is complete" while 12.7.6 shows EAPOL-Key msg 1/4 and 2/4 using
Secure=0 without any consideration on whether the handshake is for
rekeying.

TGme seems to be moving towards clarifying this to use Secure=1 based on
there being a shared PTKSA between the Authenticator and the Supplicant.
In other words, this would use Secure=1 in EAPOL-Key msg 1/4 and 2/4 in
the case of rekeying. Change implementation to match that. This bit was
already practically ignored on the reception side, so this should not
have impact on actual functionality beyond this one bit changing its
value in the frame.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-05-16 17:47:17 +03:00
..
ap Use Secure=1 in PTK rekeying EAPOL-Key msg 1/4 and 2/4 2022-05-16 17:47:17 +03:00
common Simplify wpa_parse_kde_ies() 2022-05-08 16:36:09 +03:00
crypto OpenSSL: Fix build with old library versions that do not support TLS 1.3 2022-05-05 13:04:13 +03:00
drivers nl80211: Verify that nla_put_flag() succeeds for background radar 2022-05-08 00:29:48 +03:00
eap_common EAP-SAKA: Simplify attribute parser for static analyzers 2022-05-08 16:53:38 +03:00
eap_peer EAP peer status notification for server not supporting RFC 5746 2022-05-05 00:21:46 +03:00
eap_server EAP-PEAP server: Fix TLS 1.3 move to Phase 2 without a new session ticket 2022-05-02 18:07:50 +03:00
eapol_auth EAP-TLS: Testing functionality to skip protected success indication 2022-04-07 00:43:12 +03:00
eapol_supp Discard unencrypted EAPOL-EAP when TK is set and PMF is enabled 2022-05-07 21:37:08 +03:00
fst FST: More robust bounds checking of local data in fst_dump_mb_ies() 2022-05-08 17:18:58 +03:00
l2_packet Replace "dummy" with "stub" in comments/documentation 2021-10-11 20:52:50 +03:00
p2p P2P: Explicit nul termination of the generated passphrase 2022-05-07 23:59:23 +03:00
pae MACsec: Support GCM-AES-256 cipher suite 2022-02-16 22:54:49 +02:00
radius RADIUS attributes for EAPOL-Key message details 2022-04-15 18:40:55 +03:00
rsn_supp Use Secure=1 in PTK rekeying EAPOL-Key msg 1/4 and 2/4 2022-05-16 17:47:17 +03:00
tls TLS: Fix highest TLS version disabling with internal TLS client 2021-03-14 13:08:04 +02:00
utils DPP: Allow a list of supported curves to be used in bootstrapping URI 2022-04-14 16:57:11 +03:00
wps Replace "dummy" with "stub" in comments/documentation 2021-10-11 20:52:50 +03:00
build.rules build: Rebuild libs all the time 2020-10-12 20:18:02 +03:00
lib.rules build: lib.rules: Add common-clean 2020-10-16 12:51:12 +03:00
Makefile build: Add a common-clean target 2020-10-10 12:48:41 +03:00
objs.mk build: Fix dependency file inclusion 2020-10-12 11:05:16 +03:00