* [PATCH 09/16] eap-wsc: Validate enrollee_nonce (N1) in M{2,4,6,8}
@ 2020-08-13 0:53 Andrew Zaborowski
2020-08-13 15:50 ` [PATCH 09/16] eap-wsc: Validate enrollee_nonce (N1) in M{2, 4, 6, 8} Denis Kenzior
0 siblings, 1 reply; 2+ messages in thread
From: Andrew Zaborowski @ 2020-08-13 0:53 UTC (permalink / raw)
To: iwd
[-- Attachment #1: Type: text/plain, Size: 1444 bytes --]
---
src/eap-wsc.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/eap-wsc.c b/src/eap-wsc.c
index 0fec29c6..ccb52979 100644
--- a/src/eap-wsc.c
+++ b/src/eap-wsc.c
@@ -479,6 +479,10 @@ static void eap_wsc_handle_m8(struct eap_state *eap,
return;
}
+ if (memcmp(m8.enrollee_nonce, wsc->m1->enrollee_nonce,
+ sizeof(m8.enrollee_nonce)))
+ return;
+
if (!authenticator_check(wsc, pdu, len))
return;
@@ -580,6 +584,10 @@ static void eap_wsc_handle_m6(struct eap_state *eap,
if (wsc_parse_m6(pdu, len, &m6, &encrypted) != 0)
goto send_nack;
+ if (memcmp(m6.enrollee_nonce, wsc->m1->enrollee_nonce,
+ sizeof(m6.enrollee_nonce)))
+ return;
+
if (!authenticator_check(wsc, pdu, len))
return;
@@ -677,6 +685,10 @@ static void eap_wsc_handle_m4(struct eap_state *eap,
if (wsc_parse_m4(pdu, len, &m4, &encrypted) != 0)
goto send_nack;
+ if (memcmp(m4.enrollee_nonce, wsc->m1->enrollee_nonce,
+ sizeof(m4.enrollee_nonce)))
+ return;
+
if (!authenticator_check(wsc, pdu, len))
return;
@@ -815,6 +827,10 @@ static void eap_wsc_handle_m2(struct eap_state *eap,
return;
}
+ if (memcmp(wsc->m2->enrollee_nonce, wsc->m1->enrollee_nonce,
+ sizeof(wsc->m2->enrollee_nonce)))
+ return;
+
if (!l_key_validate_dh_payload(wsc->m2->public_key,
sizeof(wsc->m2->public_key),
crypto_dh5_prime,
--
2.25.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH 09/16] eap-wsc: Validate enrollee_nonce (N1) in M{2, 4, 6, 8}
2020-08-13 0:53 [PATCH 09/16] eap-wsc: Validate enrollee_nonce (N1) in M{2,4,6,8} Andrew Zaborowski
@ 2020-08-13 15:50 ` Denis Kenzior
0 siblings, 0 replies; 2+ messages in thread
From: Denis Kenzior @ 2020-08-13 15:50 UTC (permalink / raw)
To: iwd
[-- Attachment #1: Type: text/plain, Size: 265 bytes --]
Hi Andrew,
On 8/12/20 7:53 PM, Andrew Zaborowski wrote:
> ---
> src/eap-wsc.c | 16 ++++++++++++++++
> 1 file changed, 16 insertions(+)
>
Patch 9 and 10 applied, thanks.
By the way, somehow patch 8 did not make it to the list?
Regards,
-Denis
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-08-13 15:50 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-13 0:53 [PATCH 09/16] eap-wsc: Validate enrollee_nonce (N1) in M{2,4,6,8} Andrew Zaborowski
2020-08-13 15:50 ` [PATCH 09/16] eap-wsc: Validate enrollee_nonce (N1) in M{2, 4, 6, 8} Denis Kenzior
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.