ap: only accept ptk 4/4 after receiving ptk 2/4
When operating as an AP, drop message 4 of the 4-way handshake if the AP has not yet received message 2. Otherwise an attacker can skip message 2 and immediately send message 4 to bypass authentication (the AP would be using an all-zero ptk to verify the authenticity of message 4).
This commit is contained in:
Mathy Vanhoef
Denis Kenzior
parent
1a79092383
commit
6415420f1c
|
|
@ -2092,6 +2092,10 @@ static void eapol_handle_ptk_4_of_4(struct eapol_sm *sm,
|
|||
if (L_BE64_TO_CPU(ek->key_replay_counter) != sm->replay_counter)
|
||||
return;
|
||||
|
||||
/* Ensure we received Message 2 and thus have a PTK to verify MIC */
|
||||
if (!sm->handshake->have_snonce)
|
||||
return;
|
||||
|
||||
kck = handshake_state_get_kck(sm->handshake);
|
||||
|
||||
if (!eapol_verify_mic(sm->handshake->akm_suite, kck, ek,
|
||||
|
|
|
|||
Loading…
Reference in New Issue