wok diff wpa_supplicant/stuff/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch @ rev 23365
updated perl-mail-sendmail (0.79 -> 0.80)
| author | Hans-G?nter Theisgen |
|---|---|
| date | Tue Mar 31 11:21:06 2020 +0100 (2020-03-31) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/wpa_supplicant/stuff/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch Tue Mar 31 11:21:06 2020 +0100 1.3 @@ -0,0 +1,184 @@ 1.4 +From 8280294e74846ea342389a0cd17215050fa5afe8 Mon Sep 17 00:00:00 2001 1.5 +From: Jouni Malinen <j@w1.fi> 1.6 +Date: Sun, 1 Oct 2017 12:12:24 +0300 1.7 +Subject: [PATCH 3/8] Extend protection of GTK/IGTK reinstallation of WNM-Sleep 1.8 + Mode cases 1.9 + 1.10 +This extends the protection to track last configured GTK/IGTK value 1.11 +separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a 1.12 +corner case where these two different mechanisms may get used when the 1.13 +GTK/IGTK has changed and tracking a single value is not sufficient to 1.14 +detect a possible key reconfiguration. 1.15 + 1.16 +Signed-off-by: Jouni Malinen <j@w1.fi> 1.17 +--- 1.18 + src/rsn_supp/wpa.c | 53 +++++++++++++++++++++++++++++++++++++--------------- 1.19 + src/rsn_supp/wpa_i.h | 2 ++ 1.20 + 2 files changed, 40 insertions(+), 15 deletions(-) 1.21 + 1.22 +diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c 1.23 +index 95bd7be..7a2c68d 100644 1.24 +--- a/src/rsn_supp/wpa.c 1.25 ++++ b/src/rsn_supp/wpa.c 1.26 +@@ -709,14 +709,17 @@ struct wpa_gtk_data { 1.27 + 1.28 + static int wpa_supplicant_install_gtk(struct wpa_sm *sm, 1.29 + const struct wpa_gtk_data *gd, 1.30 +- const u8 *key_rsc) 1.31 ++ const u8 *key_rsc, int wnm_sleep) 1.32 + { 1.33 + const u8 *_gtk = gd->gtk; 1.34 + u8 gtk_buf[32]; 1.35 + 1.36 + /* Detect possible key reinstallation */ 1.37 +- if (sm->gtk.gtk_len == (size_t) gd->gtk_len && 1.38 +- os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) { 1.39 ++ if ((sm->gtk.gtk_len == (size_t) gd->gtk_len && 1.40 ++ os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) || 1.41 ++ (sm->gtk_wnm_sleep.gtk_len == (size_t) gd->gtk_len && 1.42 ++ os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk, 1.43 ++ sm->gtk_wnm_sleep.gtk_len) == 0)) { 1.44 + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, 1.45 + "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)", 1.46 + gd->keyidx, gd->tx, gd->gtk_len); 1.47 +@@ -757,8 +760,14 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, 1.48 + } 1.49 + os_memset(gtk_buf, 0, sizeof(gtk_buf)); 1.50 + 1.51 +- sm->gtk.gtk_len = gd->gtk_len; 1.52 +- os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len); 1.53 ++ if (wnm_sleep) { 1.54 ++ sm->gtk_wnm_sleep.gtk_len = gd->gtk_len; 1.55 ++ os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk, 1.56 ++ sm->gtk_wnm_sleep.gtk_len); 1.57 ++ } else { 1.58 ++ sm->gtk.gtk_len = gd->gtk_len; 1.59 ++ os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len); 1.60 ++ } 1.61 + 1.62 + return 0; 1.63 + } 1.64 +@@ -852,7 +861,7 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm, 1.65 + (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, 1.66 + gtk_len, gtk_len, 1.67 + &gd.key_rsc_len, &gd.alg) || 1.68 +- wpa_supplicant_install_gtk(sm, &gd, key_rsc))) { 1.69 ++ wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0))) { 1.70 + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, 1.71 + "RSN: Failed to install GTK"); 1.72 + os_memset(&gd, 0, sizeof(gd)); 1.73 +@@ -868,14 +877,18 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm, 1.74 + 1.75 + #ifdef CONFIG_IEEE80211W 1.76 + static int wpa_supplicant_install_igtk(struct wpa_sm *sm, 1.77 +- const struct wpa_igtk_kde *igtk) 1.78 ++ const struct wpa_igtk_kde *igtk, 1.79 ++ int wnm_sleep) 1.80 + { 1.81 + size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); 1.82 + u16 keyidx = WPA_GET_LE16(igtk->keyid); 1.83 + 1.84 + /* Detect possible key reinstallation */ 1.85 +- if (sm->igtk.igtk_len == len && 1.86 +- os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) { 1.87 ++ if ((sm->igtk.igtk_len == len && 1.88 ++ os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) || 1.89 ++ (sm->igtk_wnm_sleep.igtk_len == len && 1.90 ++ os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk, 1.91 ++ sm->igtk_wnm_sleep.igtk_len) == 0)) { 1.92 + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, 1.93 + "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)", 1.94 + keyidx); 1.95 +@@ -900,8 +913,14 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm, 1.96 + return -1; 1.97 + } 1.98 + 1.99 +- sm->igtk.igtk_len = len; 1.100 +- os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len); 1.101 ++ if (wnm_sleep) { 1.102 ++ sm->igtk_wnm_sleep.igtk_len = len; 1.103 ++ os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk, 1.104 ++ sm->igtk_wnm_sleep.igtk_len); 1.105 ++ } else { 1.106 ++ sm->igtk.igtk_len = len; 1.107 ++ os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len); 1.108 ++ } 1.109 + 1.110 + return 0; 1.111 + } 1.112 +@@ -924,7 +943,7 @@ static int ieee80211w_set_keys(struct wpa_sm *sm, 1.113 + return -1; 1.114 + 1.115 + igtk = (const struct wpa_igtk_kde *) ie->igtk; 1.116 +- if (wpa_supplicant_install_igtk(sm, igtk) < 0) 1.117 ++ if (wpa_supplicant_install_igtk(sm, igtk, 0) < 0) 1.118 + return -1; 1.119 + } 1.120 + 1.121 +@@ -1574,7 +1593,7 @@ static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm, 1.122 + if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc)) 1.123 + key_rsc = null_rsc; 1.124 + 1.125 +- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc) || 1.126 ++ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0) || 1.127 + wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0) 1.128 + goto failed; 1.129 + os_memset(&gd, 0, sizeof(gd)); 1.130 +@@ -2386,8 +2405,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) 1.131 + sm->tptk_set = 0; 1.132 + os_memset(&sm->tptk, 0, sizeof(sm->tptk)); 1.133 + os_memset(&sm->gtk, 0, sizeof(sm->gtk)); 1.134 ++ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); 1.135 + #ifdef CONFIG_IEEE80211W 1.136 + os_memset(&sm->igtk, 0, sizeof(sm->igtk)); 1.137 ++ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); 1.138 + #endif /* CONFIG_IEEE80211W */ 1.139 + } 1.140 + 1.141 +@@ -2920,8 +2941,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm) 1.142 + os_memset(&sm->ptk, 0, sizeof(sm->ptk)); 1.143 + os_memset(&sm->tptk, 0, sizeof(sm->tptk)); 1.144 + os_memset(&sm->gtk, 0, sizeof(sm->gtk)); 1.145 ++ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); 1.146 + #ifdef CONFIG_IEEE80211W 1.147 + os_memset(&sm->igtk, 0, sizeof(sm->igtk)); 1.148 ++ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); 1.149 + #endif /* CONFIG_IEEE80211W */ 1.150 + #ifdef CONFIG_IEEE80211R 1.151 + os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); 1.152 +@@ -2986,7 +3009,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf) 1.153 + 1.154 + wpa_hexdump_key(MSG_DEBUG, "Install GTK (WNM SLEEP)", 1.155 + gd.gtk, gd.gtk_len); 1.156 +- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc)) { 1.157 ++ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 1)) { 1.158 + os_memset(&gd, 0, sizeof(gd)); 1.159 + wpa_printf(MSG_DEBUG, "Failed to install the GTK in " 1.160 + "WNM mode"); 1.161 +@@ -2998,7 +3021,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf) 1.162 + const struct wpa_igtk_kde *igtk; 1.163 + 1.164 + igtk = (const struct wpa_igtk_kde *) (buf + 2); 1.165 +- if (wpa_supplicant_install_igtk(sm, igtk) < 0) 1.166 ++ if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0) 1.167 + return -1; 1.168 + #endif /* CONFIG_IEEE80211W */ 1.169 + } else { 1.170 +diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h 1.171 +index afc9e37..9a54631 100644 1.172 +--- a/src/rsn_supp/wpa_i.h 1.173 ++++ b/src/rsn_supp/wpa_i.h 1.174 +@@ -32,8 +32,10 @@ struct wpa_sm { 1.175 + int rx_replay_counter_set; 1.176 + u8 request_counter[WPA_REPLAY_COUNTER_LEN]; 1.177 + struct wpa_gtk gtk; 1.178 ++ struct wpa_gtk gtk_wnm_sleep; 1.179 + #ifdef CONFIG_IEEE80211W 1.180 + struct wpa_igtk igtk; 1.181 ++ struct wpa_igtk igtk_wnm_sleep; 1.182 + #endif /* CONFIG_IEEE80211W */ 1.183 + 1.184 + struct eapol_sm *eapol; /* EAPOL state machine from upper level code */ 1.185 +-- 1.186 +2.7.4 1.187 +