From faba9d509a4b01061dcd5a24af7ac4856c909b30 Mon Sep 17 00:00:00 2001 From: Andrew Zaborowski Date: Wed, 3 May 2017 19:53:50 +0200 Subject: [PATCH] eapol: After EAP skip the RSNE PMKID check in step 1/4 Skip the matching of the PMKID KDE to the PMKID list in the RSNE if we've seen a new EAP authentication before the step 1/4 was received. That would mean that the server had not accepted the PMKIDs we submitted and we performed a new 8021X authentication, producing a new PMKSA which won't be on the list in the RSNE. --- src/eapol.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/eapol.c b/src/eapol.c index 2bf44c1f..6c048290 100644 --- a/src/eapol.c +++ b/src/eapol.c @@ -731,6 +731,7 @@ struct eapol_sm { bool have_replay:1; bool started:1; bool use_eapol_start:1; + bool eap_exchanged:1; struct eap_state *eap; struct eapol_buffer *early_frame; }; @@ -852,11 +853,13 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm, /* * Require the PMKID KDE whenever we've sent a list of PMKIDs in - * our RSNE, otherwise treat it as optional and only validate it - * against our PMK. Some 802.11-2012 sections show message 1/4 - * without a PMKID KDE and there are APs that send no PMKID KDE. + * our RSNE and we've haven't seen any EAPOL-EAP frame since + * (sm->eap_exchanged is false), otherwise treat it as optional and + * only validate it against our PMK. Some 802.11-2012 sections + * show message 1/4 without a PMKID KDE and there are APs that + * send no PMKID KDE. */ - if (!sm->handshake->wpa_ie && + if (!sm->eap_exchanged && !sm->handshake->wpa_ie && ie_parse_rsne_from_data(own_ie, own_ie[1] + 2, &rsn_info) >= 0 && rsn_info.num_pmkids) { @@ -1573,6 +1576,8 @@ static void eapol_rx_packet(struct eapol_sm *sm, eapol_eap_results_cb); } + sm->eap_exchanged = true; + eap_rx_packet(sm->eap, frame + 4, L_BE16_TO_CPU(eh->packet_len));