40f6b56965ecbf35abca08b5c5e5968e3bb6135b
[openwrt/staging/adrian.git] /
1 From a00e946c1c9a1f9cc65c72900d2a444ceb1f872e Mon Sep 17 00:00:00 2001
2 From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
3 Date: Thu, 5 Oct 2017 23:53:01 +0200
4 Subject: [PATCH] WPA: Extra defense against PTK reinstalls in 4-way handshake
5
6 Currently, reinstallations of the PTK are prevented by (1) assuring the
7 same TPTK is only set once as the PTK, and (2) that one particular PTK
8 is only installed once. This patch makes it more explicit that point (1)
9 is required to prevent key reinstallations. At the same time, this patch
10 hardens wpa_supplicant such that future changes do not accidentally
11 break this property.
12
13 Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
14 ---
15 src/rsn_supp/wpa.c | 8 ++++++++
16 1 file changed, 8 insertions(+)
17
18 --- a/src/rsn_supp/wpa.c
19 +++ b/src/rsn_supp/wpa.c
20 @@ -1728,6 +1728,14 @@ static int wpa_supplicant_verify_eapol_k
21 sm->ptk_set = 1;
22 os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk));
23 os_memset(&sm->tptk, 0, sizeof(sm->tptk));
24 + /*
25 + * This assures the same TPTK in sm->tptk can never be
26 + * copied twice to sm->pkt as the new PTK. In
27 + * combination with the installed flag in the wpa_ptk
28 + * struct, this assures the same PTK is only installed
29 + * once.
30 + */
31 + sm->renew_snonce = 1;
32 }
33 }
34