All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH v3 1/5] ft: check authenticator_ie from ft_ds_info, not handshake
@ 2021-09-28 22:25 James Prestwood
  0 siblings, 0 replies; 2+ messages in thread
From: James Prestwood @ 2021-09-28 22:25 UTC (permalink / raw)
  To: iwd

[-- Attachment #1: Type: text/plain, Size: 1686 bytes --]

The handshake contains the current BSS's RSNE/WPA which may differ
from the FT-over-DS target. When verifying the target BSS's RSNE/WPA
IE needs to be checked, not the current BSS.
---
 src/ft.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/ft.c b/src/ft.c
index fecb4c0e..7a4b16f3 100644
--- a/src/ft.c
+++ b/src/ft.c
@@ -354,6 +354,7 @@ static bool ft_verify_rsne(const uint8_t *rsne, const uint8_t *pmk_r0_name,
 }
 
 static int ft_parse_ies(struct handshake_state *hs,
+			const uint8_t *authenticator_ie,
 			const uint8_t *ies, size_t ies_len,
 			const uint8_t **mde_out,
 			const uint8_t **fte_out)
@@ -394,8 +395,7 @@ static int ft_parse_ies(struct handshake_state *hs,
 	is_rsn = hs->supplicant_ie != NULL;
 
 	if (is_rsn) {
-		if (!ft_verify_rsne(rsne, hs->pmk_r0_name,
-					hs->authenticator_ie))
+		if (!ft_verify_rsne(rsne, hs->pmk_r0_name, authenticator_ie))
 			goto ft_error;
 	} else if (rsne)
 		goto ft_error;
@@ -485,7 +485,8 @@ bool ft_over_ds_parse_action_ies(struct ft_ds_info *info,
 	const uint8_t *fte = NULL;
 	bool is_rsn = hs->supplicant_ie != NULL;
 
-	if (ft_parse_ies(hs, ies, ies_len, &mde, &fte) < 0)
+	if (ft_parse_ies(hs, info->authenticator_ie, ies, ies_len,
+				&mde, &fte) < 0)
 		return false;
 
 	if (!mde_equal(info->mde, mde))
@@ -516,7 +517,8 @@ static int ft_process_ies(struct handshake_state *hs, const uint8_t *ies,
 	if (!ies)
 		goto ft_error;
 
-	if (ft_parse_ies(hs, ies, ies_len, &mde, &fte) < 0)
+	if (ft_parse_ies(hs, hs->authenticator_ie, ies, ies_len,
+				&mde, &fte) < 0)
 		goto ft_error;
 
 	if (!mde_equal(hs->mde, mde))
-- 
2.31.1

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH v3 1/5] ft: check authenticator_ie from ft_ds_info, not handshake
@ 2021-09-28 22:26 Denis Kenzior
  0 siblings, 0 replies; 2+ messages in thread
From: Denis Kenzior @ 2021-09-28 22:26 UTC (permalink / raw)
  To: iwd

[-- Attachment #1: Type: text/plain, Size: 385 bytes --]

Hi James,

On 9/28/21 5:25 PM, James Prestwood wrote:
> The handshake contains the current BSS's RSNE/WPA which may differ
> from the FT-over-DS target. When verifying the target BSS's RSNE/WPA
> IE needs to be checked, not the current BSS.
> ---
>   src/ft.c | 10 ++++++----
>   1 file changed, 6 insertions(+), 4 deletions(-)
> 

All applied, thanks.

Regards,
-Denis

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-09-28 22:26 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-28 22:25 [PATCH v3 1/5] ft: check authenticator_ie from ft_ds_info, not handshake James Prestwood
2021-09-28 22:26 Denis Kenzior

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.