From 0887215d941def91cc100c3d1f087fb9650b64c8 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 10 Feb 2018 12:16:53 +0200 Subject: [PATCH] nl80211: Do not try to add too large NL80211_ATTR_PMK for set/del PMKSA The current cfg80211 limit for the maximum NL80211_ATTR_PMK length is 48, so anything larger than that will result in the operation completely failing. Since the PMKSA entries can be used without the PMK for most purposes (the main use case for PMK currently is offloaded FILS authentication), try to go ahead by configuring only the PMKID for the case where 64-octet PMK is needed (which is currently limited to only DPP with NIST P-521 and brainpoolP512r1 curves). This can fix DPP connections with drivers that expect to get the PMKID through this interface while still leaving the actual 4-way handshake for user space. Signed-off-by: Jouni Malinen --- src/drivers/driver_nl80211.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index d01a0e18f..dfa11834c 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -7615,6 +7615,7 @@ static int nl80211_pmkid(struct i802_bss *bss, int cmd, struct wpa_pmkid_params *params) { struct nl_msg *msg; + const size_t PMK_MAX_LEN = 48; /* current cfg80211 limit */ if (!(msg = nl80211_bss_msg(bss, 0, cmd)) || (params->pmkid && @@ -7626,7 +7627,7 @@ static int nl80211_pmkid(struct i802_bss *bss, int cmd, (params->fils_cache_id && nla_put(msg, NL80211_ATTR_FILS_CACHE_ID, 2, params->fils_cache_id)) || - (params->pmk_len && + (params->pmk_len && params->pmk_len <= PMK_MAX_LEN && nla_put(msg, NL80211_ATTR_PMK, params->pmk_len, params->pmk))) { nlmsg_free(msg); return -ENOBUFS;