mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 02:44:03 -05:00
WPS: Fix nonce comparisons
Multiple memcmps of nonces were actually comparing only the first byte instead of all 16 bytes. [Bug 462] Signed-hostap: Eyal Shapira <eyal@wizery.com> intended-for: hostap-1
This commit is contained in:
parent
623ecdd5a2
commit
b4e9e2659b
@ -1150,7 +1150,7 @@ static enum wps_process_res wps_process_wsc_msg(struct wps_data *wps,
|
||||
return WPS_FAILURE;
|
||||
|
||||
if (attr.enrollee_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
@ -1242,14 +1242,14 @@ static enum wps_process_res wps_process_wsc_ack(struct wps_data *wps,
|
||||
}
|
||||
|
||||
if (attr.registrar_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
|
||||
{
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
|
||||
if (attr.enrollee_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
@ -1289,7 +1289,7 @@ static enum wps_process_res wps_process_wsc_nack(struct wps_data *wps,
|
||||
}
|
||||
|
||||
if (attr.registrar_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
|
||||
{
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
|
||||
wpa_hexdump(MSG_DEBUG, "WPS: Received Registrar Nonce",
|
||||
@ -1300,7 +1300,7 @@ static enum wps_process_res wps_process_wsc_nack(struct wps_data *wps,
|
||||
}
|
||||
|
||||
if (attr.enrollee_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
|
||||
wpa_hexdump(MSG_DEBUG, "WPS: Received Enrollee Nonce",
|
||||
attr.enrollee_nonce, WPS_NONCE_LEN);
|
||||
|
@ -2849,7 +2849,7 @@ static enum wps_process_res wps_process_wsc_msg(struct wps_data *wps,
|
||||
if (*attr.msg_type != WPS_M1 &&
|
||||
(attr.registrar_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce,
|
||||
WPS_NONCE_LEN != 0))) {
|
||||
WPS_NONCE_LEN) != 0)) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
@ -2945,14 +2945,14 @@ static enum wps_process_res wps_process_wsc_ack(struct wps_data *wps,
|
||||
#endif /* CONFIG_WPS_UPNP */
|
||||
|
||||
if (attr.registrar_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
|
||||
{
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
|
||||
if (attr.enrollee_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
@ -3014,14 +3014,14 @@ static enum wps_process_res wps_process_wsc_nack(struct wps_data *wps,
|
||||
#endif /* CONFIG_WPS_UPNP */
|
||||
|
||||
if (attr.registrar_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
|
||||
{
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
|
||||
if (attr.enrollee_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
@ -3100,14 +3100,14 @@ static enum wps_process_res wps_process_wsc_done(struct wps_data *wps,
|
||||
#endif /* CONFIG_WPS_UPNP */
|
||||
|
||||
if (attr.registrar_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
|
||||
os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
|
||||
{
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
|
||||
if (attr.enrollee_nonce == NULL ||
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
|
||||
os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
|
||||
return WPS_FAILURE;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user