From owner-svn-src-vendor@freebsd.org Tue Aug 14 20:18:03 2018 Return-Path: Delivered-To: svn-src-vendor@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0A2C0105B954; Tue, 14 Aug 2018 20:18:03 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from smtp-out-no.shaw.ca (smtp-out-no.shaw.ca [64.59.134.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 5C13E8653A; Tue, 14 Aug 2018 20:18:02 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from spqr.komquats.com ([70.67.125.17]) by shaw.ca with ESMTPA id pflNf9MkmWppDpflOf8SYZ; Tue, 14 Aug 2018 14:18:00 -0600 X-Authority-Analysis: v=2.3 cv=YIcrNiOx c=1 sm=1 tr=0 a=VFtTW3WuZNDh6VkGe7fA3g==:117 a=VFtTW3WuZNDh6VkGe7fA3g==:17 a=kj9zAlcOel0A:10 a=dapMudl6Dx4A:10 a=6I5d2MoRAAAA:8 a=YxBL1-UpAAAA:8 a=DGXMm_yJcGKE4MZM1S4A:9 a=CjuIK1q_8ugA:10 a=IjZwj45LgO3ly-622nXo:22 a=Ia-lj3WSrqcvXOmTRaiG:22 Received: from slippy.cwsent.com (slippy8 [10.2.2.6]) by spqr.komquats.com (Postfix) with ESMTPS id 5832E82D; Tue, 14 Aug 2018 13:18:23 -0700 (PDT) Received: from slippy.cwsent.com (localhost [127.0.0.1]) by slippy.cwsent.com (8.15.2/8.15.2) with ESMTP id w7EKHxbM053663; Tue, 14 Aug 2018 13:17:59 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Received: from slippy (cy@localhost) by slippy.cwsent.com (8.15.2/8.15.2/Submit) with ESMTP id w7EKHwj3053640; Tue, 14 Aug 2018 13:17:59 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Message-Id: <201808142017.w7EKHwj3053640@slippy.cwsent.com> X-Authentication-Warning: slippy.cwsent.com: cy owned process doing -bs X-Mailer: exmh version 2.8.0 04/21/2012 with nmh-1.7.1 Reply-to: Cy Schubert From: Cy Schubert X-os: FreeBSD X-Sender: cy@cwsent.com X-URL: http://www.cschubert.com/ To: Cy Schubert cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: Re: svn commit: r337818 - vendor/wpa/dist/src/rsn_supp In-Reply-To: Message from Cy Schubert of "Tue, 14 Aug 2018 20:10:26 -0000." <201808142010.w7EKAQxP001144@repo.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 14 Aug 2018 13:17:58 -0700 X-CMAE-Envelope: MS4wfMpXHMVfwDVp+jMXR0WgKjW6zorFzu11IZCnbDzy5OG28P06PsrTP4vBvz4hnOwkqpPSuNXL8dinvFKojbrRQwtx/BGsa6vrScHS/GqLmq58D8fB7WbZ LNtD/ACfJ2x66oywEWBdsFEjDUPf58uqfR8NoRIJShD4OrbtJv7+UwA86fiIwSHZoKK7SITi+aB+OX4yBwTEVCi2uB1kT1C2Nu44xqDsRwCkWw55Mk7YC3XD 5QHXxz9sxkVKkXSsvwAfDHP5vqQkR4cdZZGp2Xj7G/XmUcPO2S14H5qtp8AtWLAXhesNGF7oJLtrAiRkfQP+Mg== X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Aug 2018 20:18:03 -0000 In message <201808142010.w7EKAQxP001144@repo.freebsd.org>, Cy Schubert writes: > Author: cy > Date: Tue Aug 14 20:10:25 2018 > New Revision: 337818 > URL: https://svnweb.freebsd.org/changeset/base/337818 > > Log: > WPA: Ignore unauthenticated encrypted EAPOL-Key data > > Ignore unauthenticated encrypted EAPOL-Key data in supplicant > processing. When using WPA2, these are frames that have the Encrypted > flag set, but not the MIC flag. > > When using WPA2, EAPOL-Key frames that had the Encrypted flag set but > not the MIC flag, had their data field decrypted without first verifying > the MIC. In case the data field was encrypted using RC4 (i.e., when > negotiating TKIP as the pairwise cipher), this meant that > unauthenticated but decrypted data would then be processed. An adversary > could abuse this as a decryption oracle to recover sensitive information > in the data field of EAPOL-Key messages (e.g., the group key). > (CVE-2018-14526) > > Signed-off-by: Mathy Vanhoef > > Obtained from: git://w1.fi/hostap.git > MFC after: 1 day I got ahead of myself here. Ports and vuxml in progress. git-svn is disk intensive, as is svn for that matter. > Security: CVE-2018-14526 > Security: VuXML: 6bedc863-9fbe-11e8-945f-206a8a720317 > > Modified: > vendor/wpa/dist/src/rsn_supp/wpa.c > > Modified: vendor/wpa/dist/src/rsn_supp/wpa.c > ============================================================================= > = > --- vendor/wpa/dist/src/rsn_supp/wpa.c Tue Aug 14 20:02:01 2018 > (r337817) > +++ vendor/wpa/dist/src/rsn_supp/wpa.c Tue Aug 14 20:10:25 2018 > (r337818) > @@ -2072,6 +2072,17 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_a > > if ((sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) && > (key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { > + /* > + * Only decrypt the Key Data field if the frame's authenticity > + * was verified. When using AES-SIV (FILS), the MIC flag is not > + * set, so this check should only be performed if mic_len != 0 > + * which is the case in this code branch. > + */ > + if (!(key_info & WPA_KEY_INFO_MIC)) { > + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, > + "WPA: Ignore EAPOL-Key with encrypted but unaut > henticated data"); > + goto out; > + } > if (wpa_supplicant_decrypt_key_data(sm, key, ver, key_data, > &key_data_len)) > goto out; -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.