diff options
| author | Jouni Malinen <jouni@qca.qualcomm.com> | 2011-11-17 22:59:31 +0200 |
|---|---|---|
| committer | Jouni Malinen <j@w1.fi> | 2011-11-17 22:59:31 +0200 |
| commit | 0d442affb6062c354687f360247b1a8c7bbd608a (patch) | |
| tree | daa24dd4acf5e132ecf6e819aeebfd6f9416279e /src/ap/wpa_auth.c | |
| parent | e9447a94c04b0f7f450d6c072a7d4037c30d3558 (diff) | |
| download | external_wpa_supplicant_8_ti-0d442affb6062c354687f360247b1a8c7bbd608a.zip external_wpa_supplicant_8_ti-0d442affb6062c354687f360247b1a8c7bbd608a.tar.gz external_wpa_supplicant_8_ti-0d442affb6062c354687f360247b1a8c7bbd608a.tar.bz2 | |
Set Secure=1 for EAPOL-Key msg 3/4 in WPA conditional on 2/4
This is a workaround for Windows 7 supplicant rejecting WPA msg 3/4
in case it used Secure=1 in msg 2/4. This can happen, e.g., when
rekeying PTK after EAPOL-Key Error Request (Michael MIC failure)
from the supplicant.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/ap/wpa_auth.c')
| -rw-r--r-- | src/ap/wpa_auth.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 7ebfd8d..1dba599 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -766,6 +766,9 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, key = (struct wpa_eapol_key *) (hdr + 1); key_info = WPA_GET_BE16(key->key_info); key_data_length = WPA_GET_BE16(key->key_data_length); + wpa_printf(MSG_DEBUG, "WPA: Received EAPOL-Key from " MACSTR + " key_info=0x%x type=%u key_data_length=%u", + MAC2STR(sm->addr), key_info, key->type, key_data_length); if (key_data_length > data_len - sizeof(*hdr) - sizeof(*key)) { wpa_printf(MSG_INFO, "WPA: Invalid EAPOL-Key frame - " "key_data overflow (%d > %lu)", @@ -1095,6 +1098,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, os_memcpy(sm->last_rx_eapol_key, data, data_len); sm->last_rx_eapol_key_len = data_len; + sm->rx_eapol_key_secure = !!(key_info & WPA_KEY_INFO_SECURE); sm->EAPOLKeyReceived = TRUE; sm->EAPOLKeyPairwise = !!(key_info & WPA_KEY_INFO_KEY_TYPE); sm->EAPOLKeyRequest = !!(key_info & WPA_KEY_INFO_REQUEST); @@ -1882,6 +1886,20 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) gtk_len = 0; keyidx = 0; _rsc = NULL; + if (sm->rx_eapol_key_secure) { + /* + * It looks like Windows 7 supplicant tries to use + * Secure bit in msg 2/4 after having reported Michael + * MIC failure and it then rejects the 4-way handshake + * if msg 3/4 does not set Secure bit. Work around this + * by setting the Secure bit here even in the case of + * WPA if the supplicant used it first. + */ + wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + "STA used Secure bit in WPA msg 3/4 - " + "set Secure for 4/4 as workaround"); + secure = 1; + } } kde_len = wpa_ie_len + ieee80211w_kde_len(sm); |