mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-09 14:34:02 -05:00
acc39435ff
This was reported to fail with Windows 2012r2 with "Invalid Compound_MAC in cryptobinding TLV". It turns out that the server decided to go through inner EAP method (EAP-MSCHAPv2 in the reported case) even when using PEAP fast-reconnect. This seems to be against the [MS-PEAP] specification which claims that inner EAP method is not used in such a case. This resulted in a different CMK being derived by the server (used the version that used ISK) and wpa_supplicant (used the version where IPMK|CMK = TK without ISK when using fast-reconnect). Fix this interop issue by making wpa_supplicant to use the fast-reconnect version of CMK derivation only when using TLS session resumption and the server having not initiated inner EAP method before going through the cryptobinding exchange. Signed-off-by: Jouni Malinen <j@w1.fi> |
||
|---|---|---|
| .. | ||
| ap | ||
| common | ||
| crypto | ||
| drivers | ||
| eap_common | ||
| eap_peer | ||
| eap_server | ||
| eapol_auth | ||
| eapol_supp | ||
| fst | ||
| l2_packet | ||
| p2p | ||
| pae | ||
| radius | ||
| rsn_supp | ||
| tls | ||
| utils | ||
| wps | ||
| lib.rules | ||
| Makefile | ||