DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
hostapd/src/ap
History
Jouni Malinen f5e0a3324b SAE: Fix potential infinite loop in mismatching PMK case on AP 
Commit e61fea6b46 ('SAE: Fix PMKSA caching
behavior in AP mode') modified the PSK fetching loop to not override PMK
in case of SAE with PMKSA caching. However, that commit missed the error
path cases where there is need to break from the loop with exact
negative of the check in the beginning of the loop. This could result in
hitting an infinite loop in hostapd if a station derived a different PMK
value from otherwise successfully completed SAE authentication or if a
STA used a different PMK with a PMKSA caching attempt after a previously
completed successful authentication.

Fix this by adding the matching break condition on SAE AKM within the
loops.

Fixes: e61fea6b46 ("SAE: Fix PMKSA caching behavior in AP mode")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-02 21:27:18 +02:00
..
accounting.c Remove unused generation of Request Authenticator in Account-Request 2016-09-22 00:34:19 +03:00
accounting.h RADIUS: Use more likely unique accounting Acct-{,Multi-}Session-Id 2016-02-06 17:10:19 +02:00
acs.c ACS: Fix memory leak if interface is disabled during scan 2017-03-04 17:30:15 +02:00
acs.h ACS: Fix memory leak if interface is disabled during scan 2017-03-04 17:30:15 +02:00
ap_config.c SAE: Make dot11RSNASAESync configurable 2017-12-26 12:46:22 +02:00
ap_config.h SAE: Add option to require MFP for SAE associations 2017-12-27 18:27:58 +02:00
ap_drv_ops.c OWE: Transition mode with non-AP-MLME 2018-01-29 19:01:43 +02:00
ap_drv_ops.h DPP: Authentication exchange retries and channel iteration in hostapd 2018-01-08 05:19:05 +02:00
ap_list.c Move ap_list_timer() to use common AP periodic cleanup mechanism 2015-07-20 13:42:35 +03:00
ap_list.h Move ap_list_timer() to use common AP periodic cleanup mechanism 2015-07-20 13:42:35 +03:00
ap_mlme.c FILS: Do not clear PTK on FILS Auth/Assoc (AP) 2016-10-22 18:11:14 +03:00
ap_mlme.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
authsrv.c Add hostapd tls_flags parameter 2017-09-18 12:12:48 +03:00
authsrv.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
beacon.c OWE: Transition mode with non-AP-MLME 2018-01-29 19:01:43 +02:00
beacon.h hostapd: Added signal level to STA tracking 2016-10-29 00:55:49 +03:00
bss_load.c hostapd: Add average channel utilization in STATUS 2017-12-12 00:48:27 +02:00
bss_load.h AP: Add support for BSS load element (STA Count, Channel Utilization) 2014-10-21 23:25:48 +03:00
ctrl_iface_ap.c hostapd: Add average channel utilization in STATUS 2017-12-12 00:48:27 +02:00
ctrl_iface_ap.h DPP: Allow PMKSA cache entries to be added through hostapd ctrl_iface 2017-06-19 21:13:17 +03:00
dfs.c DFS: Allow switch to DFS channel after radar detection in ETSI 2017-05-13 20:01:44 +03:00
dfs.h DFS: Handle pre-CAC expired event 2017-03-09 17:01:50 +02:00
dhcp_snoop.c Fix DHCP/NDISC snoop deinit followed by failing re-init 2017-03-04 11:42:15 +02:00
dhcp_snoop.h AP: Add support for Proxy ARP, DHCP snooping mechanism 2014-10-28 01:08:29 +02:00
dpp_hostapd.c DPP: Get rid of compiler warnings on signed/unsigned comparison 2018-01-21 11:24:33 +02:00
dpp_hostapd.h DPP: Clear authentication instance on configuration completion in AP 2017-11-27 20:33:43 +02:00
drv_callbacks.c OWE: Rename function to match use (driver-SME/MLME) 2018-02-06 20:27:41 +02:00
eap_user_db.c Improve error messages related to EAP DB 2015-03-28 13:16:26 +02:00
eth_p_oui.c FT: Replace inter-AP protocol with use of OUI Extended Ethertype 2017-05-03 18:30:31 +03:00
eth_p_oui.h FT: Replace inter-AP protocol with use of OUI Extended Ethertype 2017-05-03 18:30:31 +03:00
fils_hlp.c FILS: Add a space before MAC address to a HLP debug message 2017-09-07 13:33:40 +03:00
fils_hlp.h FILS: DHCP relay for HLP requests 2017-02-01 18:17:39 +02:00
gas_query_ap.c DPP: Integration for hostapd 2017-06-19 21:13:17 +03:00
gas_query_ap.h DPP: Integration for hostapd 2017-06-19 21:13:17 +03:00
gas_serv.c DPP: Clear authentication instance on configuration completion in AP 2017-11-27 20:33:43 +02:00
gas_serv.h DPP: Configurator in hostapd 2017-07-03 13:03:35 +03:00
hostapd.c FILS: Accept another (Re)Association Request frame during an association 2017-10-16 02:03:47 +03:00
hostapd.h DPP: Authentication exchange retries and channel iteration in hostapd 2018-01-08 05:19:05 +02:00
hs20.c HS 2.0R2 AP: Add support for deauthentication request 2014-02-26 01:24:24 +02:00
hs20.h HS 2.0R2 AP: Add support for deauthentication request 2014-02-26 01:24:24 +02:00
hw_features.c ap: Fix invalid HT40 channel pair fallback 2017-07-08 16:06:38 +03:00
hw_features.h hostapd: Fix some compilation errors 2015-03-29 20:51:14 +03:00
iapp.c IAPP: Set SO_REUSEADDR on listening socket 2016-08-18 20:01:48 +03:00
iapp.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
ieee802_1x.c Copy WLAN-Reason-Code value from Access-Reject to Deauthentication 2018-01-12 20:55:33 +02:00
ieee802_1x.h FILS: Export IEEE 802.1X helper functions 2016-10-22 23:13:17 +03:00
ieee802_11.c OWE: Add testing RSNE for OWE assoc response with driver SME/MLME 2018-02-12 21:31:04 +02:00
ieee802_11.h OWE: Rename function to match use (driver-SME/MLME) 2018-02-06 20:27:41 +02:00
ieee802_11_auth.c Use os_memdup() 2017-03-07 13:19:10 +02:00
ieee802_11_auth.h VLAN: Separate station grouping and uplink configuration 2016-02-17 11:46:11 +02:00
ieee802_11_he.c hostapd: Update HE capabilities and HE operation definition 2017-10-05 15:09:43 +03:00
ieee802_11_ht.c mesh: Use correct rate in HT and legacy mixed environment 2017-02-19 16:01:17 +02:00
ieee802_11_shared.c OWE: Transition mode with non-AP-MLME 2018-01-29 19:01:43 +02:00
ieee802_11_vht.c mesh: Use correct rate in VHT and HT mixed environment 2017-02-19 16:01:17 +02:00
Makefile Fix ap-mgmt-fuzzer build 2017-12-09 18:41:55 +02:00
mbo_ap.c MBO: Do not parse reason_detail in non_pref_chan attr (AP) 2016-09-25 17:31:26 +03:00
mbo_ap.h MBO: Parse non-preferred channel list on the AP 2016-02-22 21:17:38 +02:00
ndisc_snoop.c Fix DHCP/NDISC snoop deinit followed by failing re-init 2017-03-04 11:42:15 +02:00
ndisc_snoop.h proxyarp: Use C library header files and CONFIG_IPV6 2014-11-25 16:58:21 +02:00
neighbor_db.c hostapd: Add a configuration to set an AP as stationary 2016-10-29 19:16:47 +03:00
neighbor_db.h hostapd: Add a configuration to set an AP as stationary 2016-10-29 19:16:47 +03:00
p2p_hostapd.c Use P2P_IE_VENDOR_TYPE more consistently 2014-03-05 23:36:54 +02:00
p2p_hostapd.h Remove the GPL notification from files contributed by Atheros 2012-02-11 19:39:36 +02:00
pmksa_cache_auth.c FILS: Update PMKID derivation rules for ERP key hierarchy establishment 2017-09-13 22:17:58 +03:00
pmksa_cache_auth.h OWE: PMKSA caching in AP mode 2017-10-09 12:12:54 +03:00
preauth_auth.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
preauth_auth.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
rrm.c RRM: Fix range request overriding 2017-02-09 13:26:06 +02:00
rrm.h Report beacon request TX status as control interface event 2017-01-03 16:02:58 +02:00
sta_info.c Copy WLAN-Reason-Code value from Access-Reject to Deauthentication 2018-01-12 20:55:33 +02:00
sta_info.h Copy WLAN-Reason-Code value from Access-Reject to Deauthentication 2018-01-12 20:55:33 +02:00
taxonomy.c Fix or supress various sparse warnings 2017-01-29 18:33:10 +02:00
taxonomy.h taxonomy: Store Probe Request frames in hostapd_sta_info 2016-09-22 00:45:24 +03:00
tkip_countermeasures.c AP: Use monotonic time for MMIC failure/TKIP countermeasures 2013-12-24 07:13:34 +02:00
tkip_countermeasures.h hostapd: Fix a regression in TKIP countermeasures processing 2012-11-18 13:06:03 +02:00
utils.c FST: Do not prune STAs belonging to the same FST 2015-07-16 18:26:15 +03:00
vlan.c VLAN: Fix vlan_compare() for tagged VLANs 2016-02-22 19:53:05 +02:00
vlan.h radius: Add tagged VLAN parsing 2016-02-17 11:46:13 +02:00
vlan_full.c Use a separate header file for Linux bridge interface definitions 2016-03-26 11:27:18 +02:00
vlan_ifconfig.c vlan: Move if_nametoindex() use out of vlan_init.c 2016-03-25 18:00:44 +02:00
vlan_init.c vlan: Move if_nametoindex() use out of vlan_init.c 2016-03-25 18:00:44 +02:00
vlan_init.h VLAN: Separate station grouping and uplink configuration 2016-02-17 11:46:11 +02:00
vlan_ioctl.c Use own header file for defining Linux VLAN kernel interface 2016-03-26 11:24:38 +02:00
vlan_util.c vlan: Remove unnecessary header includes from netlink implementation 2016-03-25 17:27:16 +02:00
vlan_util.h vlan: Move if_nametoindex() use out of vlan_init.c 2016-03-25 18:00:44 +02:00
wmm.c WMM: Fix estimated medium time calculation for some corner cases 2017-02-11 12:12:28 +02:00
wmm.h Remove obsolete license notifications 2013-12-24 22:59:52 +02:00
wnm_ap.c AP-side workaround for WNM-Sleep Mode GTK/IGTK reinstallation issues 2017-10-29 17:13:54 +02:00
wnm_ap.h hostapd: Add MBO IE to BSS Transition Management Request frame 2016-02-22 19:53:04 +02:00
wpa_auth.c SAE: Fix potential infinite loop in mismatching PMK case on AP 2018-03-02 21:27:18 +02:00
wpa_auth.h SAE: Add option to require MFP for SAE associations 2017-12-27 18:27:58 +02:00
wpa_auth_ft.c hostapd: Avoid key reinstallation in FT handshake 2017-10-16 02:03:47 +03:00
wpa_auth_glue.c SAE: Add option to require MFP for SAE associations 2017-12-27 18:27:58 +02:00
wpa_auth_glue.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
wpa_auth_i.h Extend RESEND_* test commands to allow forcing plaintext TX 2017-10-19 18:32:16 +03:00
wpa_auth_ie.c OWE: Add testing RSNE for OWE assoc response with driver SME/MLME 2018-02-12 21:31:04 +02:00
wpa_auth_ie.h Remove all PeerKey functionality 2017-10-16 02:03:47 +03:00
wps_hostapd.c WPS: Map GCMP-256 and CCMP-256 to AES encryption type 2017-12-02 12:00:45 +02:00
wps_hostapd.h WPS NFC: Add AP mode connection handover report 2014-01-27 21:10:55 +02:00
x_snoop.c AP: Enable multicast snooping on bridge if ProxyARP IPv6 is in use 2015-04-13 14:00:32 +03:00
x_snoop.h AP: Add multicast-to-unicast conversion send for "x_snoop" 2014-11-19 16:25:13 +02:00