mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-29 10:48:22 -05:00
Check EAP-AKA' AT_KDF duplication only if KDF was negotiated
This fixes an issue where two AKA'/Challenge messages are received when resynchronizing SEQ#. Previously, this used to trigger an authentication failure since the second Challenge message did not duplicate AT_KDF.
This commit is contained in:
parent
3fe430b5d5
commit
2cfcd014f4
@ -60,6 +60,7 @@ struct eap_aka_data {
|
|||||||
u8 *network_name;
|
u8 *network_name;
|
||||||
size_t network_name_len;
|
size_t network_name_len;
|
||||||
u16 kdf;
|
u16 kdf;
|
||||||
|
int kdf_negotiation;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
@ -665,6 +666,7 @@ static struct wpabuf * eap_aka_prime_kdf_select(struct eap_aka_data *data,
|
|||||||
{
|
{
|
||||||
struct eap_sim_msg *msg;
|
struct eap_sim_msg *msg;
|
||||||
|
|
||||||
|
data->kdf_negotiation = 1;
|
||||||
data->kdf = kdf;
|
data->kdf = kdf;
|
||||||
wpa_printf(MSG_DEBUG, "Generating EAP-AKA Challenge (id=%d) (KDF "
|
wpa_printf(MSG_DEBUG, "Generating EAP-AKA Challenge (id=%d) (KDF "
|
||||||
"select)", id);
|
"select)", id);
|
||||||
@ -704,7 +706,7 @@ static int eap_aka_prime_kdf_valid(struct eap_aka_data *data,
|
|||||||
/* The only allowed (and required) duplication of a KDF is the addition
|
/* The only allowed (and required) duplication of a KDF is the addition
|
||||||
* of the selected KDF into the beginning of the list. */
|
* of the selected KDF into the beginning of the list. */
|
||||||
|
|
||||||
if (data->kdf) {
|
if (data->kdf_negotiation) {
|
||||||
if (attr->kdf[0] != data->kdf) {
|
if (attr->kdf[0] != data->kdf) {
|
||||||
wpa_printf(MSG_WARNING, "EAP-AKA': The server did not "
|
wpa_printf(MSG_WARNING, "EAP-AKA': The server did not "
|
||||||
"accept the selected KDF");
|
"accept the selected KDF");
|
||||||
@ -1251,6 +1253,7 @@ static void eap_aka_deinit_for_reauth(struct eap_sm *sm, void *priv)
|
|||||||
wpabuf_free(data->id_msgs);
|
wpabuf_free(data->id_msgs);
|
||||||
data->id_msgs = NULL;
|
data->id_msgs = NULL;
|
||||||
data->use_result_ind = 0;
|
data->use_result_ind = 0;
|
||||||
|
data->kdf_negotiation = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user