wok diff wpa_supplicant/stuff/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch @ rev 20131
wpa_supplicant: security fix for KRACK
| author | Richard Dunbar <mojo@slitaz.org> |
|---|---|
| date | Sat Oct 28 02:35:58 2017 -0400 (2017-10-28) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/wpa_supplicant/stuff/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch Sat Oct 28 02:35:58 2017 -0400 1.3 @@ -0,0 +1,64 @@ 1.4 +From 12fac09b437a1dc8a0f253e265934a8aaf4d2f8b Mon Sep 17 00:00:00 2001 1.5 +From: Jouni Malinen <j@w1.fi> 1.6 +Date: Sun, 1 Oct 2017 12:32:57 +0300 1.7 +Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce 1.8 + 1.9 +The Authenticator state machine path for PTK rekeying ended up bypassing 1.10 +the AUTHENTICATION2 state where a new ANonce is generated when going 1.11 +directly to the PTKSTART state since there is no need to try to 1.12 +determine the PMK again in such a case. This is far from ideal since the 1.13 +new PTK would depend on a new nonce only from the supplicant. 1.14 + 1.15 +Fix this by generating a new ANonce when moving to the PTKSTART state 1.16 +for the purpose of starting new 4-way handshake to rekey PTK. 1.17 + 1.18 +Signed-off-by: Jouni Malinen <j@w1.fi> 1.19 +--- 1.20 + src/ap/wpa_auth.c | 24 +++++++++++++++++++++--- 1.21 + 1 file changed, 21 insertions(+), 3 deletions(-) 1.22 + 1.23 +diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c 1.24 +index 707971d..bf10cc1 100644 1.25 +--- a/src/ap/wpa_auth.c 1.26 ++++ b/src/ap/wpa_auth.c 1.27 +@@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2) 1.28 + } 1.29 + 1.30 + 1.31 ++static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) 1.32 ++{ 1.33 ++ if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { 1.34 ++ wpa_printf(MSG_ERROR, 1.35 ++ "WPA: Failed to get random data for ANonce"); 1.36 ++ sm->Disconnect = TRUE; 1.37 ++ return -1; 1.38 ++ } 1.39 ++ wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce, 1.40 ++ WPA_NONCE_LEN); 1.41 ++ sm->TimeoutCtr = 0; 1.42 ++ return 0; 1.43 ++} 1.44 ++ 1.45 ++ 1.46 + SM_STATE(WPA_PTK, INITPMK) 1.47 + { 1.48 + u8 msk[2 * PMK_LEN]; 1.49 +@@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK) 1.50 + SM_ENTER(WPA_PTK, AUTHENTICATION); 1.51 + else if (sm->ReAuthenticationRequest) 1.52 + SM_ENTER(WPA_PTK, AUTHENTICATION2); 1.53 +- else if (sm->PTKRequest) 1.54 +- SM_ENTER(WPA_PTK, PTKSTART); 1.55 +- else switch (sm->wpa_ptk_state) { 1.56 ++ else if (sm->PTKRequest) { 1.57 ++ if (wpa_auth_sm_ptk_update(sm) < 0) 1.58 ++ SM_ENTER(WPA_PTK, DISCONNECTED); 1.59 ++ else 1.60 ++ SM_ENTER(WPA_PTK, PTKSTART); 1.61 ++ } else switch (sm->wpa_ptk_state) { 1.62 + case WPA_PTK_INITIALIZE: 1.63 + break; 1.64 + case WPA_PTK_DISCONNECT: 1.65 +-- 1.66 +2.7.4 1.67 +