Author: cy Date: Thu Jul 19 17:34:58 2018 New Revision: 336493 URL: https://svnweb.freebsd.org/changeset/base/336493
Log: Import upline security patch: Fix PTK rekeying to generate a new ANonce. This is also upline git commit 0adc9b28b39d414d5febfff752f6a1576f785c85. Obtained from: https://w1.fi/security/2017-1/\ rebased-v2.6-0005-Fix-PTK-rekeying-to-\ generate-a-new-ANonce.patch Modified: vendor/wpa/dist/src/ap/wpa_auth.c Modified: vendor/wpa/dist/src/ap/wpa_auth.c ============================================================================== --- vendor/wpa/dist/src/ap/wpa_auth.c Thu Jul 19 17:13:46 2018 (r336492) +++ vendor/wpa/dist/src/ap/wpa_auth.c Thu Jul 19 17:34:58 2018 (r336493) @@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2) } +static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) +{ + if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { + wpa_printf(MSG_ERROR, + "WPA: Failed to get random data for ANonce"); + sm->Disconnect = TRUE; + return -1; + } + wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce, + WPA_NONCE_LEN); + sm->TimeoutCtr = 0; + return 0; +} + + SM_STATE(WPA_PTK, INITPMK) { u8 msk[2 * PMK_LEN]; @@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK) SM_ENTER(WPA_PTK, AUTHENTICATION); else if (sm->ReAuthenticationRequest) SM_ENTER(WPA_PTK, AUTHENTICATION2); - else if (sm->PTKRequest) - SM_ENTER(WPA_PTK, PTKSTART); - else switch (sm->wpa_ptk_state) { + else if (sm->PTKRequest) { + if (wpa_auth_sm_ptk_update(sm) < 0) + SM_ENTER(WPA_PTK, DISCONNECTED); + else + SM_ENTER(WPA_PTK, PTKSTART); + } else switch (sm->wpa_ptk_state) { case WPA_PTK_INITIALIZE: break; case WPA_PTK_DISCONNECT: _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
