svn commit: r336499 - head/contrib/wpa/src/ap
Cy Schubert
cy at FreeBSD.org
Thu Jul 19 19:04:32 UTC 2018
Author: cy
Date: Thu Jul 19 19:04:30 2018
New Revision: 336499
URL: https://svnweb.freebsd.org/changeset/base/336499
Log:
MFV: r336485
Address: hostapd: Avoid key reinstallation in FT handshake
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0001-hostapd-Avoid-key-\
reinstallation-in-FT-handshake.patch
X-MFC-with: r336203
Modified:
head/contrib/wpa/src/ap/ieee802_11.c
head/contrib/wpa/src/ap/wpa_auth.c
head/contrib/wpa/src/ap/wpa_auth.h
Directory Properties:
head/contrib/wpa/ (props changed)
Modified: head/contrib/wpa/src/ap/ieee802_11.c
==============================================================================
--- head/contrib/wpa/src/ap/ieee802_11.c Thu Jul 19 19:03:18 2018 (r336498)
+++ head/contrib/wpa/src/ap/ieee802_11.c Thu Jul 19 19:04:30 2018 (r336499)
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hap
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hap
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if (sta->flags & WLAN_STA_HT)
@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data *hap
sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
sta->vht_opmode, sta->p2p_ie ? 1 : 0,
- sta->added_unassoc)) {
+ set)) {
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
"Could not %s STA to kernel driver",
- sta->added_unassoc ? "set" : "add");
+ set ? "set" : "add");
if (sta->added_unassoc) {
hostapd_drv_sta_remove(hapd, sta->addr);
Modified: head/contrib/wpa/src/ap/wpa_auth.c
==============================================================================
--- head/contrib/wpa/src/ap/wpa_auth.c Thu Jul 19 19:03:18 2018 (r336498)
+++ head/contrib/wpa/src/ap/wpa_auth.c Thu Jul 19 19:04:30 2018 (r336499)
@@ -1745,6 +1745,9 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, en
#else /* CONFIG_IEEE80211R */
break;
#endif /* CONFIG_IEEE80211R */
+ case WPA_DRV_STA_REMOVED:
+ sm->tk_already_set = FALSE;
+ return 0;
}
#ifdef CONFIG_IEEE80211R
Modified: head/contrib/wpa/src/ap/wpa_auth.h
==============================================================================
--- head/contrib/wpa/src/ap/wpa_auth.h Thu Jul 19 19:03:18 2018 (r336498)
+++ head/contrib/wpa/src/ap/wpa_auth.h Thu Jul 19 19:04:30 2018 (r336499)
@@ -267,7 +267,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
u8 *data, size_t data_len);
enum wpa_event {
WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
- WPA_REAUTH_EAPOL, WPA_ASSOC_FT
+ WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_DRV_STA_REMOVED
};
void wpa_remove_ptk(struct wpa_state_machine *sm);
int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event);
More information about the svn-src-all
mailing list