diff options
| author | Felix Fietkau <nbd@nbd.name> | 2017-01-15 14:19:43 +0100 |
|---|---|---|
| committer | Felix Fietkau <nbd@nbd.name> | 2017-01-15 14:53:28 +0100 |
| commit | 40e4c342fd49175b7f367655fac38850435667d4 (patch) | |
| tree | 8b5c6cf8f8e2421e03aa30d3e88412b19807776f /package/network/services/hostapd/patches/003-RSN-IBSS-Fix-TK-clearing-on-Authentication-frame-RX.patch | |
| parent | a206394efa88291dbf825210ca3bab056c407802 (diff) | |
| download | upstream-40e4c342fd49175b7f367655fac38850435667d4.tar.gz upstream-40e4c342fd49175b7f367655fac38850435667d4.tar.bz2 upstream-40e4c342fd49175b7f367655fac38850435667d4.zip | |
hostapd: backport a few upstream fixes
Fixes reassoc issues with WDS mode
Fixes reassoc issues in AP mode
Fixes IBSS reauthentication issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'package/network/services/hostapd/patches/003-RSN-IBSS-Fix-TK-clearing-on-Authentication-frame-RX.patch')
| -rw-r--r-- | package/network/services/hostapd/patches/003-RSN-IBSS-Fix-TK-clearing-on-Authentication-frame-RX.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/package/network/services/hostapd/patches/003-RSN-IBSS-Fix-TK-clearing-on-Authentication-frame-RX.patch b/package/network/services/hostapd/patches/003-RSN-IBSS-Fix-TK-clearing-on-Authentication-frame-RX.patch new file mode 100644 index 0000000000..0a3c27f89e --- /dev/null +++ b/package/network/services/hostapd/patches/003-RSN-IBSS-Fix-TK-clearing-on-Authentication-frame-RX.patch @@ -0,0 +1,40 @@ +From: Jouni Malinen <j@w1.fi> +Date: Sat, 14 Jan 2017 13:56:18 +0200 +Subject: [PATCH] RSN IBSS: Fix TK clearing on Authentication frame RX + +When wpa_supplicant was processing a received Authentication frame (seq +1) from a peer STA for which there was already a TK configured to the +driver, debug log claimed that the PTK gets cleared, but the actual +call to clear the key was actually dropped due to AUTH vs. SUPP set_key +selection. Fix this by explicitly clearing the TK in case it was set +and an Authentication frame (seq 1) is received. + +This fixes some cases where EAPOL-Key frames were sent encrypted using +the old key when a peer STA restarted itself and lost the key and had to +re-join the IBSS. Previously, that state required timing out the 4-way +handshake and Deauthentication frame exchange to recover. + +Signed-off-by: Jouni Malinen <j@w1.fi> +--- + +--- a/wpa_supplicant/ibss_rsn.c ++++ b/wpa_supplicant/ibss_rsn.c +@@ -838,6 +838,18 @@ static void ibss_rsn_handle_auth_1_of_2( + MAC2STR(addr)); + + if (peer && ++ peer->authentication_status & (IBSS_RSN_SET_PTK_SUPP | ++ IBSS_RSN_SET_PTK_AUTH)) { ++ /* Clear the TK for this pair to allow recovery from the case ++ * where the peer STA has restarted and lost its key while we ++ * still have a pairwise key configured. */ ++ wpa_printf(MSG_DEBUG, "RSN: Clear pairwise key for peer " ++ MACSTR, MAC2STR(addr)); ++ wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_NONE, addr, 0, 0, ++ NULL, 0, NULL, 0); ++ } ++ ++ if (peer && + peer->authentication_status & IBSS_RSN_AUTH_EAPOL_BY_PEER) { + if (peer->own_auth_tx.sec) { + struct os_reltime now, diff; |