Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-01-19 03:14:05 -05:00
Code Issues Projects Releases Wiki Activity

AP: Expose PMK outside of wpa_auth module

Browse Source 
This doesn't change any behavior on its own. It's going to be used to
expose per-station keyids and allow reloading passphrases in runtime.

Signed-off-by: Michal Kazior <michal@plume.com>
This commit is contained in:
Michal Kazior 2019-01-16 13:35:18 +01:00 committed by Jouni Malinen
parent 1699309378
commit b08c9ad0c7
3 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/ap/wpa_auth.c
View File

@ -873,6 +873,8 @@ static int wpa_try_alt_snonce(struct wpa_state_machine *sm, u8 *data,
if (wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK, if (wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK,
data, data_len) == 0) { data, data_len) == 0) {
os_memcpy(sm->PMK, pmk, pmk_len);
sm->pmk_len = pmk_len;
ok = 1; ok = 1;
break; break;
} }
@ -2724,6 +2726,8 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING)
wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK, wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK,
sm->last_rx_eapol_key, sm->last_rx_eapol_key,
sm->last_rx_eapol_key_len) == 0) { sm->last_rx_eapol_key_len) == 0) {
os_memcpy(sm->PMK, pmk, pmk_len);
sm->pmk_len = pmk_len;
ok = 1; ok = 1;
break; break;
} }
@ -4135,6 +4139,15 @@ int wpa_auth_get_pairwise(struct wpa_state_machine *sm)
} }
const u8 * wpa_auth_get_pmk(struct wpa_state_machine *sm, int *len)
{
if (!sm)
return NULL;
*len = sm->pmk_len;
return sm->PMK;
}
int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm) int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm)
{ {
if (sm == NULL) if (sm == NULL)

1
src/ap/wpa_auth.h
View File

@ -349,6 +349,7 @@ int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen);
void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth); void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth);
int wpa_auth_pairwise_set(struct wpa_state_machine *sm); int wpa_auth_pairwise_set(struct wpa_state_machine *sm);
int wpa_auth_get_pairwise(struct wpa_state_machine *sm); int wpa_auth_get_pairwise(struct wpa_state_machine *sm);
const u8 * wpa_auth_get_pmk(struct wpa_state_machine *sm, int *len);
int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm); int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm); int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm); int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm);

2
src/ap/wpa_auth_ft.c
View File

@ -2638,6 +2638,8 @@ static int wpa_ft_psk_pmk_r1(struct wpa_state_machine *sm,
os_memcpy(out_pmk_r1, pmk_r1, PMK_LEN); os_memcpy(out_pmk_r1, pmk_r1, PMK_LEN);
if (out_pairwise) if (out_pairwise)
*out_pairwise = pairwise; *out_pairwise = pairwise;
os_memcpy(sm->PMK, pmk, PMK_LEN);
sm->pmk_len = PMK_LEN;
if (out_vlan && if (out_vlan &&
wpa_ft_get_vlan(sm->wpa_auth, sm->addr, out_vlan) < 0) { wpa_ft_get_vlan(sm->wpa_auth, sm->addr, out_vlan) < 0) {
wpa_printf(MSG_DEBUG, "FT: vlan not available for STA " wpa_printf(MSG_DEBUG, "FT: vlan not available for STA "