Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 19 Jul 2018 17:34:58 +0000 (UTC)
From:      Cy Schubert <cy@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org
Subject:   svn commit: r336493 - vendor/wpa/dist/src/ap
Message-ID:  <201807191734.w6JHYwsE057099@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: cy
Date: Thu Jul 19 17:34:58 2018
New Revision: 336493
URL: https://svnweb.freebsd.org/changeset/base/336493

Log:
  Import upline security patch: Fix PTK rekeying to generate a new ANonce.
  This is also upline git commit 0adc9b28b39d414d5febfff752f6a1576f785c85.
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0005-Fix-PTK-rekeying-to-\
  		generate-a-new-ANonce.patch

Modified:
  vendor/wpa/dist/src/ap/wpa_auth.c

Modified: vendor/wpa/dist/src/ap/wpa_auth.c
==============================================================================
--- vendor/wpa/dist/src/ap/wpa_auth.c	Thu Jul 19 17:13:46 2018	(r336492)
+++ vendor/wpa/dist/src/ap/wpa_auth.c	Thu Jul 19 17:34:58 2018	(r336493)
@@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
 }
 
 
+static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm)
+{
+	if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
+		wpa_printf(MSG_ERROR,
+			   "WPA: Failed to get random data for ANonce");
+		sm->Disconnect = TRUE;
+		return -1;
+	}
+	wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
+		    WPA_NONCE_LEN);
+	sm->TimeoutCtr = 0;
+	return 0;
+}
+
+
 SM_STATE(WPA_PTK, INITPMK)
 {
 	u8 msk[2 * PMK_LEN];
@@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK)
 		SM_ENTER(WPA_PTK, AUTHENTICATION);
 	else if (sm->ReAuthenticationRequest)
 		SM_ENTER(WPA_PTK, AUTHENTICATION2);
-	else if (sm->PTKRequest)
-		SM_ENTER(WPA_PTK, PTKSTART);
-	else switch (sm->wpa_ptk_state) {
+	else if (sm->PTKRequest) {
+		if (wpa_auth_sm_ptk_update(sm) < 0)
+			SM_ENTER(WPA_PTK, DISCONNECTED);
+		else
+			SM_ENTER(WPA_PTK, PTKSTART);
+	} else switch (sm->wpa_ptk_state) {
 	case WPA_PTK_INITIALIZE:
 		break;
 	case WPA_PTK_DISCONNECT:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201807191734.w6JHYwsE057099>