Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-29 13:59:24 +01:00
Code Releases Activity

eapol: Fail handshake if MIC calculation fails

Browse Source 
This is a bizarre case since MIC calculation succeeded for the incoming
packet.  But just in case MIC calculation fails for the outgoing packet,
kill the handshake.
This commit is contained in:
Denis Kenzior 2017-10-18 20:34:35 -05:00
parent c1a0e844b0
commit bee04b179e
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/eapol.c
View File

@ -1260,11 +1260,15 @@ static void eapol_handle_ptk_3_of_4(struct eapol_sm *sm,
ptk = handshake_state_get_ptk(sm->handshake); ptk = handshake_state_get_ptk(sm->handshake);
if (!eapol_calculate_mic(ptk->kck, step4, mic)) if (!eapol_calculate_mic(ptk->kck, step4, mic)) {
goto fail; l_free(step4);
handshake_failed(sm, MMPDU_REASON_CODE_UNSPECIFIED);
return;
}
memcpy(step4->key_mic_data, mic, sizeof(mic)); memcpy(step4->key_mic_data, mic, sizeof(mic));
eapol_write(sm, (struct eapol_frame *) step4); eapol_write(sm, (struct eapol_frame *) step4);
l_free(step4);
handshake_state_install_ptk(sm->handshake); handshake_state_install_ptk(sm->handshake);
@ -1280,9 +1284,6 @@ static void eapol_handle_ptk_3_of_4(struct eapol_sm *sm,
rekey_offload(sm->handshake->ifindex, ptk->kek, ptk->kck, rekey_offload(sm->handshake->ifindex, ptk->kek, ptk->kck,
sm->replay_counter, sm->user_data); sm->replay_counter, sm->user_data);
fail:
l_free(step4);
return; return;
error_ie_different: error_ie_different:
@ -1369,11 +1370,15 @@ static void eapol_handle_gtk_1_of_2(struct eapol_sm *sm,
ptk = handshake_state_get_ptk(sm->handshake); ptk = handshake_state_get_ptk(sm->handshake);
if (!eapol_calculate_mic(ptk->kck, step2, mic)) if (!eapol_calculate_mic(ptk->kck, step2, mic)) {
goto done; l_free(step2);
handshake_failed(sm, MMPDU_REASON_CODE_UNSPECIFIED);
return;
}
memcpy(step2->key_mic_data, mic, sizeof(mic)); memcpy(step2->key_mic_data, mic, sizeof(mic));
eapol_write(sm, (struct eapol_frame *) step2); eapol_write(sm, (struct eapol_frame *) step2);
l_free(step2);
handshake_state_install_gtk(sm->handshake, gtk_key_index, handshake_state_install_gtk(sm->handshake, gtk_key_index,
gtk, gtk_len, ek->key_rsc, 6); gtk, gtk_len, ek->key_rsc, 6);
@ -1382,9 +1387,6 @@ static void eapol_handle_gtk_1_of_2(struct eapol_sm *sm,
handshake_state_install_igtk(sm->handshake, igtk_key_index, handshake_state_install_igtk(sm->handshake, igtk_key_index,
igtk + 6, igtk_len - 6, igtk); igtk + 6, igtk_len - 6, igtk);
} }
done:
l_free(step2);
} }
static struct eapol_sm *eapol_find_sm(uint32_t ifindex, const uint8_t *aa) static struct eapol_sm *eapol_find_sm(uint32_t ifindex, const uint8_t *aa)