From 53b2555f676b17cf2bd255ccde7e789753a57fe6 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 8 Oct 2016 19:43:36 +0300 Subject: [PATCH] EAP-pwd: Validate Prep field in EAP-pwd-ID/Response RFC 5931 Section 2.8.5.1 does not list the Prep field as something that the server validates to match the Request. However, the supplicant side has to use the same pre-processing mechanism for the password for the authentication to work, so we may as well as enforce this field to match the requested value now that wpa_supplicant implementation is fixed to copy the value from the request. Signed-off-by: Jouni Malinen --- src/eap_server/eap_server_pwd.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c index 64bf708e0..c60539fac 100644 --- a/src/eap_server/eap_server_pwd.c +++ b/src/eap_server/eap_server_pwd.c @@ -602,7 +602,9 @@ static void eap_pwd_process_id_resp(struct eap_sm *sm, if ((data->group_num != be_to_host16(id->group_num)) || (id->random_function != EAP_PWD_DEFAULT_RAND_FUNC) || (os_memcmp(id->token, (u8 *)&data->token, sizeof(data->token))) || - (id->prf != EAP_PWD_DEFAULT_PRF)) { + (id->prf != EAP_PWD_DEFAULT_PRF) || + id->prep != + data->password_hash ? EAP_PWD_PREP_MS : EAP_PWD_PREP_NONE) { wpa_printf(MSG_INFO, "EAP-pwd: peer changed parameters"); eap_pwd_state(data, FAILURE); return;