mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
TDLS: Do not modify RNonce for an TPK M1 frame with same INonce
There is no point in updating the RNonce for every obtained TPK M1 frame (e.g., retransmission due to timeout) with the same INonce (SNonce in FTIE). Update RNonce only if a TPK M1 is received with a different INonce (new TDLS session) to avoid issues with two setup exchanges getting mixed and exchange failing due to mismatching nonces ("TDLS: FTIE ANonce in TPK M3 does not match with FTIE ANonce used in TPK M2"). Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
8a658f2bdf
commit
1380fcbd9f
@ -1683,17 +1683,28 @@ skip_rsn:
|
||||
}
|
||||
|
||||
ftie = (struct wpa_tdls_ftie *) kde.ftie;
|
||||
os_memcpy(peer->inonce, ftie->Snonce, WPA_NONCE_LEN);
|
||||
os_memcpy(peer->rsnie_i, kde.rsn_ie, kde.rsn_ie_len);
|
||||
peer->rsnie_i_len = kde.rsn_ie_len;
|
||||
peer->cipher = cipher;
|
||||
|
||||
if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0) {
|
||||
/*
|
||||
* There is no point in updating the RNonce for every obtained
|
||||
* TPK M1 frame (e.g., retransmission due to timeout) with the
|
||||
* same INonce (SNonce in FTIE). However, if the TPK M1 is
|
||||
* retransmitted with a different INonce, update the RNonce
|
||||
* since this is for a new TDLS session.
|
||||
*/
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"TDLS: New TPK M1 INonce - generate new RNonce");
|
||||
os_memcpy(peer->inonce, ftie->Snonce, WPA_NONCE_LEN);
|
||||
if (os_get_random(peer->rnonce, WPA_NONCE_LEN)) {
|
||||
wpa_msg(sm->ctx->ctx, MSG_WARNING,
|
||||
"TDLS: Failed to get random data for responder nonce");
|
||||
wpa_tdls_peer_free(sm, peer);
|
||||
goto error;
|
||||
}
|
||||
}
|
||||
|
||||
#if 0
|
||||
/* get version info from RSNIE received from Peer */
|
||||
|
Loading…
Reference in New Issue
Block a user