Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-02-26 13:49:35 -05:00
Code Issues Projects Releases Wiki Activity

Fix MFP-enabled test for disallowed TKIP

Browse Source 
The test against use of TKIP was done only in MFP-required
(ieee80211w=2) configuration. Fix this to check the pairwise cipher for
MFP-enabled (ieee80211w=1) case as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2017-12-27 18:38:12 +02:00
parent 5c8df74f18
commit 02b38d0ad5
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/ap/wpa_auth_ie.c
View File

@ -711,12 +711,6 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
return WPA_MGMT_FRAME_PROTECTION_VIOLATION; return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
} }
if (ciphers & WPA_CIPHER_TKIP) {
wpa_printf(MSG_DEBUG, "Management frame protection "
"cannot use TKIP");
return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
}
if (data.mgmt_group_cipher != wpa_auth->conf.group_mgmt_cipher) if (data.mgmt_group_cipher != wpa_auth->conf.group_mgmt_cipher)
{ {
wpa_printf(MSG_DEBUG, "Unsupported management group " wpa_printf(MSG_DEBUG, "Unsupported management group "
@ -740,6 +734,12 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
sm->mgmt_frame_prot = 0; sm->mgmt_frame_prot = 0;
else else
sm->mgmt_frame_prot = 1; sm->mgmt_frame_prot = 1;
if (sm->mgmt_frame_prot && (ciphers & WPA_CIPHER_TKIP)) {
wpa_printf(MSG_DEBUG,
"Management frame protection cannot use TKIP");
return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
}
#endif /* CONFIG_IEEE80211W */ #endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R_AP #ifdef CONFIG_IEEE80211R_AP