diff options
Diffstat (limited to 'package/network/services/hostapd/patches/009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch')
| -rw-r--r-- | package/network/services/hostapd/patches/009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch | 53 |
1 files changed, 0 insertions, 53 deletions
diff --git a/package/network/services/hostapd/patches/009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch b/package/network/services/hostapd/patches/009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch deleted file mode 100644 index ed7d79ec1b..0000000000 --- a/package/network/services/hostapd/patches/009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch +++ /dev/null @@ -1,53 +0,0 @@ -From b488a12948751f57871f09baa345e59b23959a41 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Sun, 8 Oct 2017 13:18:02 +0300 -Subject: [PATCH] Clear PMK length and check for this when deriving PTK - -Instead of setting the default PMK length for the cleared PMK, set the -length to 0 and explicitly check for this when deriving PTK to avoid -unexpected key derivation with an all-zeroes key should it be possible -to somehow trigger PTK derivation to happen before PMK derivation. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/common/wpa_common.c | 5 +++++ - src/rsn_supp/wpa.c | 7 ++++--- - 2 files changed, 9 insertions(+), 3 deletions(-) - ---- a/src/common/wpa_common.c -+++ b/src/common/wpa_common.c -@@ -225,6 +225,11 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t - u8 tmp[WPA_KCK_MAX_LEN + WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN]; - size_t ptk_len; - -+ if (pmk_len == 0) { -+ wpa_printf(MSG_ERROR, "WPA: No PMK set for PT derivation"); -+ return -1; -+ } -+ - if (os_memcmp(addr1, addr2, ETH_ALEN) < 0) { - os_memcpy(data, addr1, ETH_ALEN); - os_memcpy(data + ETH_ALEN, addr2, ETH_ALEN); ---- a/src/rsn_supp/wpa.c -+++ b/src/rsn_supp/wpa.c -@@ -584,7 +584,8 @@ static void wpa_supplicant_process_1_of_ - /* Calculate PTK which will be stored as a temporary PTK until it has - * been verified when processing message 3/4. */ - ptk = &sm->tptk; -- wpa_derive_ptk(sm, src_addr, key, ptk); -+ if (wpa_derive_ptk(sm, src_addr, key, ptk) < 0) -+ goto failed; - if (sm->pairwise_cipher == WPA_CIPHER_TKIP) { - u8 buf[8]; - /* Supplicant: swap tx/rx Mic keys */ -@@ -2705,8 +2706,8 @@ void wpa_sm_set_pmk_from_pmksa(struct wp - sm->pmk_len = sm->cur_pmksa->pmk_len; - os_memcpy(sm->pmk, sm->cur_pmksa->pmk, sm->pmk_len); - } else { -- sm->pmk_len = PMK_LEN; -- os_memset(sm->pmk, 0, PMK_LEN); -+ sm->pmk_len = 0; -+ os_memset(sm->pmk, 0, PMK_LEN_MAX); - } - } - |