nl80211: Do not try to add too large NL80211_ATTR_PMK for set/del PMKSA

The current cfg80211 limit for the maximum NL80211_ATTR_PMK length is 48, so anything larger than that will result in the operation completely failing. Since the PMKSA entries can be used without the PMK for most purposes (the main use case for PMK currently is offloaded FILS authentication), try to go ahead by configuring only the PMKID for the case where 64-octet PMK is needed (which is currently limited to only DPP with NIST P-521 and brainpoolP512r1 curves). This can fix DPP connections with drivers that expect to get the PMKID through this interface while still leaving the actual 4-way handshake for user space. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2024-11-28 18:28:23 -05:00 · 2018-02-10 12:16:53 +02:00 · 2018-02-10 12:16:53 +02:00 · 0887215d94
commit 0887215d94
parent e7f6e6ee1b
1 changed files with 2 additions and 1 deletions
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@ -7615,6 +7615,7 @@ static int nl80211_pmkid(struct i802_bss *bss, int cmd,
 			 struct wpa_pmkid_params *params)
 {
 	struct nl_msg *msg;
+	const size_t PMK_MAX_LEN = 48; /* current cfg80211 limit */

 	if (!(msg = nl80211_bss_msg(bss, 0, cmd)) ||
 	    (params->pmkid &&
@ -7626,7 +7627,7 @@ static int nl80211_pmkid(struct i802_bss *bss, int cmd,
 	    (params->fils_cache_id &&
 	     nla_put(msg, NL80211_ATTR_FILS_CACHE_ID, 2,
 		     params->fils_cache_id)) ||
-	    (params->pmk_len &&
+	    (params->pmk_len && params->pmk_len <= PMK_MAX_LEN &&
 	     nla_put(msg, NL80211_ATTR_PMK, params->pmk_len, params->pmk))) {
 		nlmsg_free(msg);
 		return -ENOBUFS;